FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2004-0230

This CVE name corresponds to:

Entered Topic
2016-08-11 FreeBSD -- Denial of Service in TCP packet processing

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2004-0230
Phase Assigned(20040317)

Description

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

References

Source Reference
CONFIRM https://kc.mcafee.com/corporate/index?page=content&id=SB10053
CONFIRM http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
CISCO 20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products
CONFIRM http://kb.juniper.net/JSA10638
HP SSRT4696
HP HPSBST02161
HP SSRT061264
MS MS05-019
MS MS06-064
NETBSD NetBSD-SA2004-006
SCO SCOSA-2005.3
SCO SCOSA-2005.9
SCO SCOSA-2005.14
SGI 20040403-01-A
CERT TA04-111A
CERT-VN VU#415294
MISC http://www.uniras.gov.uk/vuls/2004/236929/index.htm
BUGTRAQ 20040425 Perl code exploting TCP not checking RST ACK.
BID 10183
OVAL oval:org.mitre.oval:def:5711
VUPEN ADV-2006-3983
OSVDB 4030
OVAL oval:org.mitre.oval:def:4791
OVAL oval:org.mitre.oval:def:2689
OVAL oval:org.mitre.oval:def:3508
OVAL oval:org.mitre.oval:def:270
SECUNIA 11440
SECUNIA 11458
SECUNIA 22341
XF tcp-rst-dos(15886)