CVE-2004-0230

Current Description

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

Evaluator Description

CWE-331: Insufficient Entropy

Referenced by CVEs:CVE-2007-0442, CVE-2014-6575

Basic Data

PublishedAugust 18, 2004
Last ModifiedOctober 19, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score5.0
SeverityMEDIUM
Exploitability Score10.0
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSOracleSolaris10*******
    2.3OSOracleSolaris11*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationOpenpgpOpenpgp2.6.2*******
  • OR - Configuration 3
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationMcafeeNetwork Data Loss Prevention********8.6
    2.3ApplicationMcafeeNetwork Data Loss Prevention9.2.0*******
    2.3ApplicationMcafeeNetwork Data Loss Prevention9.2.1*******
    2.3ApplicationMcafeeNetwork Data Loss Prevention9.2.2*******
  • OR - Configuration 4
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSNetbsdNetbsd1.5*******
    2.3OSNetbsdNetbsd1.5.1*******
    2.3OSNetbsdNetbsd1.5.2*******
    2.3OSNetbsdNetbsd1.5.3*******
    2.3OSNetbsdNetbsd1.6*******
    2.3OSNetbsdNetbsd1.6.1*******
    2.3OSNetbsdNetbsd1.6.2*******
    2.3OSNetbsdNetbsd2.0*******
  • OR - Configuration 5
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSXinuosOpenserver5.0.6*******
    2.3OSXinuosOpenserver5.0.7*******
  • OR - Configuration 6
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSJuniperJunos********
  • OR - Configuration 7
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSXinuosUnixware7.1.1*******
    2.3OSXinuosUnixware7.1.3*******

Vulnerable Software List

VendorProductVersions
Netbsd Netbsd 1.5, 1.5.1, 1.5.2, 1.5.3, 1.6, 1.6.1, 1.6.2, 2.0
Oracle Solaris 10, 11
Juniper Junos *
Mcafee Network Data Loss Prevention *, 9.2.0, 9.2.1, 9.2.2
Openpgp Openpgp 2.6.2
Xinuos Openserver 5.0.6, 5.0.7
Xinuos Unixware 7.1.1, 7.1.3

References

NameSourceURLTags
NetBSD-SA2004-006ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.ascNETBSDThird Party Advisory
SCOSA-2005.3ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txtSCOThird Party Advisory
SCOSA-2005.9ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txtSCOThird Party Advisory
SCOSA-2005.14ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txtSCOThird Party Advisory
20040403-01-Aftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.ascSGIThird Party Advisory
http://kb.juniper.net/JSA10638http://kb.juniper.net/JSA10638CONFIRMThird Party Advisory
20040425 Perl code exploting TCP not checking RST ACK.http://marc.info/?l=bugtraq&m=108302060014745&w=2BUGTRAQ
SSRT4696http://marc.info/?l=bugtraq&m=108506952116653&w=2HP
11440http://secunia.com/advisories/11440SECUNIAPermissions Required Third Party Advisory VDB Entry
11458http://secunia.com/advisories/11458SECUNIAPermissions Required Third Party Advisory VDB Entry
22341http://secunia.com/advisories/22341SECUNIAPermissions Required Third Party Advisory VDB Entry
20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Productshttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtmlCISCOBroken Link
VU#415294http://www.kb.cert.org/vuls/id/415294CERT-VNThird Party Advisory US Government Resource
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlCONFIRMPATCH Third Party Advisory
4030http://www.osvdb.org/4030OSVDBBroken Link
SSRT061264http://www.securityfocus.com/archive/1/449179/100/0/threadedHP
10183http://www.securityfocus.com/bid/10183BIDExploit Third Party Advisory VDB Entry
http://www.uniras.gov.uk/vuls/2004/236929/index.htmhttp://www.uniras.gov.uk/vuls/2004/236929/index.htmMISCBroken Link
TA04-111Ahttp://www.us-cert.gov/cas/techalerts/TA04-111A.htmlCERTThird Party Advisory US Government Resource
ADV-2006-3983http://www.vupen.com/english/advisories/2006/3983VUPENPermissions Required
MS05-019https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019MS
MS06-064https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064MS
tcp-rst-dos(15886)https://exchange.xforce.ibmcloud.com/vulnerabilities/15886XF
https://kc.mcafee.com/corporate/index?page=content&id=SB10053https://kc.mcafee.com/corporate/index?page=content&id=SB10053CONFIRMPATCH Third Party Advisory
oval:org.mitre.oval:def:2689https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689OVAL
oval:org.mitre.oval:def:270https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270OVAL
oval:org.mitre.oval:def:3508https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508OVAL
oval:org.mitre.oval:def:4791https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791OVAL
oval:org.mitre.oval:def:5711https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711OVAL