CVE-2004-0230
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
Summary
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
References
cve@mitre.orgftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.ascThird Party Advisory, Broken Link
cve@mitre.orgftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txtThird Party Advisory, Broken Link
cve@mitre.orgftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txtThird Party Advisory, Broken Link
cve@mitre.orgftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txtThird Party Advisory, Broken Link
cve@mitre.orgftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.ascThird Party Advisory, Broken Link
cve@mitre.orghttp://kb.juniper.net/JSA10638Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=108302060014745&w=2Mailing List
cve@mitre.orghttp://marc.info/?l=bugtraq&m=108506952116653&w=2Mailing List
cve@mitre.orghttp://secunia.com/advisories/11440Permissions Required, Third Party Advisory, VDB Entry, Broken Link
cve@mitre.orghttp://secunia.com/advisories/11458Permissions Required, Third Party Advisory, VDB Entry, Broken Link
cve@mitre.orghttp://secunia.com/advisories/22341Permissions Required, Third Party Advisory, VDB Entry, Broken Link
cve@mitre.orghttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtmlBroken Link
cve@mitre.orghttp://www.kb.cert.org/vuls/id/415294Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlPatch, Third Party Advisory
cve@mitre.orghttp://www.osvdb.org/4030Broken Link
cve@mitre.orghttp://www.securityfocus.com/archive/1/449179/100/0/threadedBroken Link
cve@mitre.orghttp://www.securityfocus.com/archive/1/449179/100/0/threadedBroken Link
cve@mitre.orghttp://www.securityfocus.com/bid/10183Exploit, Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.uniras.gov.uk/vuls/2004/236929/index.htmBroken Link
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA04-111A.htmlThird Party Advisory, US Government Resource
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/3983Permissions Required, Broken Link
cve@mitre.orghttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019Third Party Advisory
cve@mitre.orghttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064Third Party Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/15886Third Party Advisory
cve@mitre.orghttps://kc.mcafee.com/corporate/index?page=content&id=SB10053Patch, Third Party Advisory, Broken Link
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689Broken Link
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270Broken Link
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508Broken Link
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791Broken Link
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711Broken Link
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.ascThird Party Advisory, Broken Link
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txtThird Party Advisory, Broken Link
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txtThird Party Advisory, Broken Link
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txtThird Party Advisory, Broken Link
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.ascThird Party Advisory, Broken Link
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/JSA10638Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=108302060014745&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=108506952116653&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/11440Permissions Required, Third Party Advisory, VDB Entry, Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/11458Permissions Required, Third Party Advisory, VDB Entry, Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22341Permissions Required, Third Party Advisory, VDB Entry, Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/415294Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/4030Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/449179/100/0/threadedBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/449179/100/0/threadedBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/10183Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.uniras.gov.uk/vuls/2004/236929/index.htmBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA04-111A.htmlThird Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/3983Permissions Required, Broken Link
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/15886Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://kc.mcafee.com/corporate/index?page=content&id=SB10053Patch, Third Party Advisory, Broken Link
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689Broken Link
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270Broken Link
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508Broken Link
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791Broken Link
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711Broken Link
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-08T00:10:03.682Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "oval:org.mitre.oval:def:2689",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689",
               },
               {
                  name: "oval:org.mitre.oval:def:3508",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508",
               },
               {
                  name: "TA04-111A",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT",
                     "x_transferred",
                  ],
                  url: "http://www.us-cert.gov/cas/techalerts/TA04-111A.html",
               },
               {
                  name: "oval:org.mitre.oval:def:5711",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711",
               },
               {
                  name: "20040425 Perl code exploting TCP not checking RST ACK.",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=108302060014745&w=2",
               },
               {
                  name: "SSRT061264",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_HP",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/449179/100/0/threaded",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.uniras.gov.uk/vuls/2004/236929/index.htm",
               },
               {
                  name: "MS06-064",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MS",
                     "x_transferred",
                  ],
                  url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064",
               },
               {
                  name: "11440",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/11440",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://kb.juniper.net/JSA10638",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10053",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
               },
               {
                  name: "VU#415294",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT-VN",
                     "x_transferred",
                  ],
                  url: "http://www.kb.cert.org/vuls/id/415294",
               },
               {
                  name: "SSRT4696",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_HP",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=108506952116653&w=2",
               },
               {
                  name: "SCOSA-2005.9",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SCO",
                     "x_transferred",
                  ],
                  url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt",
               },
               {
                  name: "20040403-01-A",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SGI",
                     "x_transferred",
                  ],
                  url: "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc",
               },
               {
                  name: "MS05-019",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MS",
                     "x_transferred",
                  ],
                  url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019",
               },
               {
                  name: "HPSBST02161",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_HP",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/449179/100/0/threaded",
               },
               {
                  name: "20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml",
               },
               {
                  name: "SCOSA-2005.3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SCO",
                     "x_transferred",
                  ],
                  url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt",
               },
               {
                  name: "10183",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/10183",
               },
               {
                  name: "oval:org.mitre.oval:def:4791",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791",
               },
               {
                  name: "SCOSA-2005.14",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SCO",
                     "x_transferred",
                  ],
                  url: "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt",
               },
               {
                  name: "oval:org.mitre.oval:def:270",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270",
               },
               {
                  name: "tcp-rst-dos(15886)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886",
               },
               {
                  name: "4030",
                  tags: [
                     "vdb-entry",
                     "x_refsource_OSVDB",
                     "x_transferred",
                  ],
                  url: "http://www.osvdb.org/4030",
               },
               {
                  name: "22341",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/22341",
               },
               {
                  name: "NetBSD-SA2004-006",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_NETBSD",
                     "x_transferred",
                  ],
                  url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc",
               },
               {
                  name: "ADV-2006-3983",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2006/3983",
               },
               {
                  name: "11458",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/11458",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2004-04-20T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-19T14:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "oval:org.mitre.oval:def:2689",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689",
            },
            {
               name: "oval:org.mitre.oval:def:3508",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508",
            },
            {
               name: "TA04-111A",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT",
               ],
               url: "http://www.us-cert.gov/cas/techalerts/TA04-111A.html",
            },
            {
               name: "oval:org.mitre.oval:def:5711",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711",
            },
            {
               name: "20040425 Perl code exploting TCP not checking RST ACK.",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://marc.info/?l=bugtraq&m=108302060014745&w=2",
            },
            {
               name: "SSRT061264",
               tags: [
                  "vendor-advisory",
                  "x_refsource_HP",
               ],
               url: "http://www.securityfocus.com/archive/1/449179/100/0/threaded",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.uniras.gov.uk/vuls/2004/236929/index.htm",
            },
            {
               name: "MS06-064",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MS",
               ],
               url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064",
            },
            {
               name: "11440",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/11440",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://kb.juniper.net/JSA10638",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10053",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
            },
            {
               name: "VU#415294",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
               ],
               url: "http://www.kb.cert.org/vuls/id/415294",
            },
            {
               name: "SSRT4696",
               tags: [
                  "vendor-advisory",
                  "x_refsource_HP",
               ],
               url: "http://marc.info/?l=bugtraq&m=108506952116653&w=2",
            },
            {
               name: "SCOSA-2005.9",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SCO",
               ],
               url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt",
            },
            {
               name: "20040403-01-A",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SGI",
               ],
               url: "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc",
            },
            {
               name: "MS05-019",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MS",
               ],
               url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019",
            },
            {
               name: "HPSBST02161",
               tags: [
                  "vendor-advisory",
                  "x_refsource_HP",
               ],
               url: "http://www.securityfocus.com/archive/1/449179/100/0/threaded",
            },
            {
               name: "20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml",
            },
            {
               name: "SCOSA-2005.3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SCO",
               ],
               url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt",
            },
            {
               name: "10183",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/10183",
            },
            {
               name: "oval:org.mitre.oval:def:4791",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791",
            },
            {
               name: "SCOSA-2005.14",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SCO",
               ],
               url: "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt",
            },
            {
               name: "oval:org.mitre.oval:def:270",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270",
            },
            {
               name: "tcp-rst-dos(15886)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886",
            },
            {
               name: "4030",
               tags: [
                  "vdb-entry",
                  "x_refsource_OSVDB",
               ],
               url: "http://www.osvdb.org/4030",
            },
            {
               name: "22341",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/22341",
            },
            {
               name: "NetBSD-SA2004-006",
               tags: [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
               ],
               url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc",
            },
            {
               name: "ADV-2006-3983",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2006/3983",
            },
            {
               name: "11458",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/11458",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2004-0230",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "oval:org.mitre.oval:def:2689",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689",
                  },
                  {
                     name: "oval:org.mitre.oval:def:3508",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508",
                  },
                  {
                     name: "TA04-111A",
                     refsource: "CERT",
                     url: "http://www.us-cert.gov/cas/techalerts/TA04-111A.html",
                  },
                  {
                     name: "oval:org.mitre.oval:def:5711",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711",
                  },
                  {
                     name: "20040425 Perl code exploting TCP not checking RST ACK.",
                     refsource: "BUGTRAQ",
                     url: "http://marc.info/?l=bugtraq&m=108302060014745&w=2",
                  },
                  {
                     name: "SSRT061264",
                     refsource: "HP",
                     url: "http://www.securityfocus.com/archive/1/449179/100/0/threaded",
                  },
                  {
                     name: "http://www.uniras.gov.uk/vuls/2004/236929/index.htm",
                     refsource: "MISC",
                     url: "http://www.uniras.gov.uk/vuls/2004/236929/index.htm",
                  },
                  {
                     name: "MS06-064",
                     refsource: "MS",
                     url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064",
                  },
                  {
                     name: "11440",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/11440",
                  },
                  {
                     name: "http://kb.juniper.net/JSA10638",
                     refsource: "CONFIRM",
                     url: "http://kb.juniper.net/JSA10638",
                  },
                  {
                     name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10053",
                     refsource: "CONFIRM",
                     url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10053",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
                  },
                  {
                     name: "VU#415294",
                     refsource: "CERT-VN",
                     url: "http://www.kb.cert.org/vuls/id/415294",
                  },
                  {
                     name: "SSRT4696",
                     refsource: "HP",
                     url: "http://marc.info/?l=bugtraq&m=108506952116653&w=2",
                  },
                  {
                     name: "SCOSA-2005.9",
                     refsource: "SCO",
                     url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt",
                  },
                  {
                     name: "20040403-01-A",
                     refsource: "SGI",
                     url: "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc",
                  },
                  {
                     name: "MS05-019",
                     refsource: "MS",
                     url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019",
                  },
                  {
                     name: "HPSBST02161",
                     refsource: "HP",
                     url: "http://www.securityfocus.com/archive/1/449179/100/0/threaded",
                  },
                  {
                     name: "20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products",
                     refsource: "CISCO",
                     url: "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml",
                  },
                  {
                     name: "SCOSA-2005.3",
                     refsource: "SCO",
                     url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt",
                  },
                  {
                     name: "10183",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/10183",
                  },
                  {
                     name: "oval:org.mitre.oval:def:4791",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791",
                  },
                  {
                     name: "SCOSA-2005.14",
                     refsource: "SCO",
                     url: "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt",
                  },
                  {
                     name: "oval:org.mitre.oval:def:270",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270",
                  },
                  {
                     name: "tcp-rst-dos(15886)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886",
                  },
                  {
                     name: "4030",
                     refsource: "OSVDB",
                     url: "http://www.osvdb.org/4030",
                  },
                  {
                     name: "22341",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/22341",
                  },
                  {
                     name: "NetBSD-SA2004-006",
                     refsource: "NETBSD",
                     url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc",
                  },
                  {
                     name: "ADV-2006-3983",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2006/3983",
                  },
                  {
                     name: "11458",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/11458",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2004-0230",
      datePublished: "2004-05-05T04:00:00",
      dateReserved: "2004-03-17T00:00:00",
      dateUpdated: "2024-08-08T00:10:03.682Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2004-0230\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2004-08-18T04:00:00.000\",\"lastModified\":\"2025-05-02T16:40:41.530\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.\"},{\"lang\":\"es\",\"value\":\"TCP, cuando se usa un tamaño de ventana de transmisión grande, hace más fácil a atacantes remotos adivinar números de secuencia y causar una denegación de servicio (pérdida de la conexión) en conexiones TCP persistentes inyectando repetidamente un paquete TCP RST, especialmente en protocolos que usan conexiones de vida larga, como BGP.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.4\",\"matchCriteriaId\":\"4B07F91B-3981-423E-9ECF-752CC64D4E03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C947EA2-329F-4AC7-A1F4-64164C20CC4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"926EDB84-E8C5-4030-8B69-CDA9BF1A9D94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4:r10:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CAECB8C-6B4D-440C-B031-2CF3061393DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAD7336D-EAAC-4817-9D3A-5664B0AAE6AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC336F14-5D8D-4B28-8F47-2A5EFFC7800C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C47F92DD-59C4-4C86-9360-86E840243123\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE6B95FB-F936-430A-B715-7430327E1872\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4A8F07B-110F-4FE4-BA09-F23A4D1DCA5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4:r7:*:*:*:*:*:*\",\"matchCriteriaId\":\"78A3616E-9666-4D09-9ED7-EFD796E6E08E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4:r8:*:*:*:*:*:*\",\"matchCriteriaId\":\"2ACF87F1-B5DD-469A-87D6-94AD8D0758F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4:r9:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D4F8B25-B632-4C4B-9E90-3DF9FC98207B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4r13:s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A6BC136-FFA2-40AB-8E27-0B6CC153471F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4x27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80EFC6D6-43F9-4277-ACAC-D5929AF6FF7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCE524EE-245F-4750-9963-9D0FB7A6A965\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECE31A7E-657C-49FC-B3F8-5654B0C6087E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"86141A33-344E-4152-8B76-2DB383954F02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC405A12-112D-4C9D-90DA-6ED484109793\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FC42F2D-7593-4DBE-AE89-A6B78E7F9089\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"731A6469-3DE0-491A-BCC5-7642FB347ACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:d25:*:*:*:*:*:*\",\"matchCriteriaId\":\"D12A8119-3E59-4062-9A04-1F6EA48B78E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8B33B80-3189-4412-BFE0-359E755AB07A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:d35:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0E8F87E-DEB2-4849-ABB5-75A67CFD2D39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x45:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4D7E551-A150-415E-80D5-374DAB29B6D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x45:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5306185-574A-43B4-8B3B-1B047CA36D66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x45:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"79F1F205-A4A9-4161-B6CF-55CEEFD7D8D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x45:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"33FD6DB0-F995-4A22-A97F-6276AFE9EFB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"92F31F7F-02E0-4E63-A600-DF8AB4E3BAA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"A71742CF-50B1-44BB-AB7B-27E5DCC9CF70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FD4237A-C257-4D8A-ABC4-9B2160530A4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x47:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABBEDB3F-5FD1-4290-A80A-7EAD9B9C38C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF8575EF-C83B-4241-B033-A2C020E29286\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"43B661F8-1F43-4073-9275-AE1FFCB17BF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF88921E-18E4-49B2-AAF4-ED8C393D4750\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"144DA08B-A129-4DC6-81D2-782BD7C3074B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.2:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1936A41-302E-4546-9F7A-CAE3A3C68718\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.2:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EB55673-5857-452F-9D22-B422CC9CC3F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.2:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"03D4519D-1289-47E9-BFB7-E3831BFD50F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.2:r7:*:*:*:*:*:*\",\"matchCriteriaId\":\"77CDB10F-3BCE-41AF-B633-DFAC9B8A5D9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"223C12D0-61A0-4C12-8AFC-A0CB64759A31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"371A7DF8-3F4B-439D-8990-D1BC6F0C25C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CC3BCFD-2B0F-4994-9FE4-9D37FA85F1E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6F309FD-0A5A-4C86-B227-B2B511A5CEB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"960059B5-0701-4B75-AB51-0A430247D9F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D1DCA52-DA81-495B-B516-5571F01E3B0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"67B3BF03-9919-4C12-97A3-B20161725F35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCD4D8EB-8625-47CD-8F0E-D2FC8CAA5462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0150A4C-2C5A-49FC-8FB3-B93CB45B8284\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFEB7A59-7536-4A92-A9C8-79FDE657B8AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"931D77A8-FA39-479E-91DB-CDDC9113252B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3A0A607-7D3C-4F2A-B5F5-576A70649CB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"32E9620A-7C0A-474C-919E-13609FFE580D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"672D3A38-92B4-4F33-82A6-B2D3F3403AF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE2FBBA2-6185-463F-96D3-9AB2C778B4F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FF9FF91-9184-4D18-8288-9110E35F4AE5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:-:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"530FC172-94E1-481A-9810-26061D22B6AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_98:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40FC681A-7B85-4495-8DCC-C459FE7E2F13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_98se:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2354216-8103-49F9-A95C-7DE4F738BBEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:itanium:*\",\"matchCriteriaId\":\"5AA32D8C-430E-4CA2-B2DF-FFF63714F480\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"E3C43D05-40F8-4769-BA6B-A376420EA972\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:-:*\",\"matchCriteriaId\":\"7BC4A4A0-4EEE-4C51-BFF4-4B65C815AB4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:itanium:*\",\"matchCriteriaId\":\"72CC2D03-538A-4603-B4FF-C6930F9D7E20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:-:*:x64:*:*:*:*:*\",\"matchCriteriaId\":\"5894A4E3-D063-4BE2-8579-B9BBF581EE98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2572F7E5-75A3-4C11-866B-A4E9ADBD8D08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:itanium:*\",\"matchCriteriaId\":\"54879DE7-47AE-4E94-986C-4D956B64411C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"964B57CD-CB8A-4520-B358-1C93EC5EF2DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E8C192B-8044-4BF9-9F1F-57371FC0E8FD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openpgp:openpgp:2.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE7DB4DC-5369-4087-B055-F1B1BFB50812\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:network_data_loss_prevention:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.6\",\"matchCriteriaId\":\"F205B07D-D1C9-4761-9C63-D7BE5E2C73CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:network_data_loss_prevention:9.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40679A45-CE96-4F49-B552-8FB5B6AD493F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:network_data_loss_prevention:9.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99FB50CA-9C49-4358-8C1F-803CC976408D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:network_data_loss_prevention:9.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D153658-7BAF-42D3-AA20-3B6193EB184B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E10D9BF9-FCC7-4680-AD3A-95757FC005EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78E8C3A4-9FA7-4F2A-8C65-D4404715E674\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AC78BA4-70F4-4B9F-93C2-B107E4DCC418\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28A10F5A-067E-4DD8-B585-ABCD6F6B324E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"249FA642-3732-4654-88CB-3F1D19A5860A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5071CA39-65B3-4AFB-8898-21819E57A084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C3F588-98DA-4F6F-A083-2B9EE534C561\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xinuos:openserver:5.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E2AD5B8-44C1-4981-A795-E76EFFD8C96E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xinuos:openserver:5.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29E97E1A-268A-4F18-86A4-39A960E2082C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xinuos:unixware:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25A2CA45-7476-4D11-9236-15072E4C9CA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xinuos:unixware:7.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F96B92D7-ED2E-439C-B1D7-949628CF4456\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Broken Link\"]},{\"url\":\"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Broken Link\"]},{\"url\":\"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Broken Link\"]},{\"url\":\"ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Broken Link\"]},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Broken Link\"]},{\"url\":\"http://kb.juniper.net/JSA10638\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=108302060014745&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=108506952116653&w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://secunia.com/advisories/11440\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\",\"VDB Entry\",\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/11458\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\",\"VDB Entry\",\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/22341\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\",\"VDB Entry\",\"Broken Link\"]},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/415294\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.osvdb.org/4030\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/archive/1/449179/100/0/threaded\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/archive/1/449179/100/0/threaded\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/10183\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.uniras.gov.uk/vuls/2004/236929/index.htm\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA04-111A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/3983\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\",\"Broken Link\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/15886\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content&id=SB10053\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"Broken Link\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Broken Link\"]},{\"url\":\"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Broken Link\"]},{\"url\":\"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Broken Link\"]},{\"url\":\"ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Broken Link\"]},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Broken Link\"]},{\"url\":\"http://kb.juniper.net/JSA10638\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=108302060014745&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq&m=108506952116653&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://secunia.com/advisories/11440\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\",\"VDB Entry\",\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/11458\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\",\"VDB Entry\",\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/22341\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\",\"VDB Entry\",\"Broken Link\"]},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/415294\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.osvdb.org/4030\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/archive/1/449179/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/archive/1/449179/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/10183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.uniras.gov.uk/vuls/2004/236929/index.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA04-111A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/3983\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Broken Link\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/15886\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content&id=SB10053\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"Broken Link\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}],\"evaluatorComment\":\"<a href=\\\"https://cwe.mitre.org/data/definitions/331.html\\\">CWE-331: Insufficient Entropy</a>\",\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"The DHS advisory is a good source of background information about the\\nissue: http://www.us-cert.gov/cas/techalerts/TA04-111A.html\\n\\nIt is important to note that the issue described is a known function of TCP. In order to perform a connection reset an attacker would need to know the source and destination ip address and ports as well as being able to guess the sequence number within the window. These requirements seriously reduce the ability to trigger a connection reset on normal TCP connections. The DHS advisory explains that BGP routing is a specific case where being able to trigger a reset is easier than expected as the end points can be easily determined and\\nlarge window sizes are used. BGP routing is also signficantly affected by having it’s connections terminated. The major BGP peers have recently switched to requiring md5 signatures which mitigates against this attack.\\n\\nThe following article from Linux Weekly News also puts the flaw into context and shows why it does not pose a significant threat:\\nhttp://lwn.net/Articles/81560/\\n\\nRed Hat does not have any plans for action regarding this issue.\\n\",\"lastModified\":\"2006-08-16T00:00:00\"}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.