Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2004-0230

Disclosure Date: August 18, 2004
CVE-2004-0230
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

References

Canonical
CVE-2004-0230 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0230)
BID-10183 (http://www.securityfocus.com/bid/10183)
Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508
TA04-111A (http://www.us-cert.gov/cas/techalerts/TA04-111A.html)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711
20040425 Perl code exploting TCP not checking RST ACK. (http://marc.info?l=bugtraq&m=108302060014745&w=2)
SSRT061264 (http://www.securityfocus.com/archive/1/449179/100/0/threaded)
MS06-064 (https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064)
SECUNIA-11440 (http://secunia.com/advisories/11440)
http://kb.juniper.net/JSA10638
https://kc.mcafee.com/corporate/index?page=content&id=SB10053
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
VU#415294 (http://www.kb.cert.org/vuls/id/415294)
SSRT4696 (http://marc.info?l=bugtraq&m=108506952116653&w=2)
MS05-019 (https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019)
20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products (http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270
XF-tcp-rst-dos(15886) (https://exchange.xforce.ibmcloud.com/vulnerabilities/15886)
OSVDB-4030 (http://www.osvdb.org/4030)
SECUNIA-22341 (http://secunia.com/advisories/22341)
ADV-2006-3983 (http://www.vupen.com/english/advisories/2006/3983)
SECUNIA-11458 (http://secunia.com/advisories/11458)
Miscellaneous
http://www.uniras.gov.uk/vuls/2004/236929/index.htm

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis