Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2004-0230

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

Published

2004-08-18T04:00:00.000

Last Modified

2025-05-02T16:40:41.530

Status

Analyzed

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	juniper	junos	< 11.4	Yes
Operating System	juniper	junos	11.4	Yes
Operating System	juniper	junos	11.4	Yes
Operating System	juniper	junos	11.4	Yes
Operating System	juniper	junos	11.4	Yes
Operating System	juniper	junos	11.4	Yes
Operating System	juniper	junos	11.4	Yes
Operating System	juniper	junos	11.4	Yes
Operating System	juniper	junos	11.4	Yes
Operating System	juniper	junos	11.4	Yes
Operating System	juniper	junos	11.4	Yes
Operating System	juniper	junos	11.4	Yes
Operating System	juniper	junos	11.4r13	Yes
Operating System	juniper	junos	11.4x27	Yes
Operating System	juniper	junos	12.1	Yes
Operating System	juniper	junos	12.1r	Yes
Operating System	juniper	junos	12.1x44	Yes
Operating System	juniper	junos	12.1x44	Yes
Operating System	juniper	junos	12.1x44	Yes
Operating System	juniper	junos	12.1x44	Yes
Operating System	juniper	junos	12.1x44	Yes
Operating System	juniper	junos	12.1x44	Yes
Operating System	juniper	junos	12.1x44	Yes
Operating System	juniper	junos	12.1x45	Yes
Operating System	juniper	junos	12.1x45	Yes
Operating System	juniper	junos	12.1x45	Yes
Operating System	juniper	junos	12.1x45	Yes
Operating System	juniper	junos	12.1x46	Yes
Operating System	juniper	junos	12.1x46	Yes
Operating System	juniper	junos	12.1x46	Yes
Operating System	juniper	junos	12.1x47	Yes
Operating System	juniper	junos	12.2	Yes
Operating System	juniper	junos	12.2	Yes
Operating System	juniper	junos	12.2	Yes
Operating System	juniper	junos	12.2	Yes
Operating System	juniper	junos	12.2	Yes
Operating System	juniper	junos	12.2	Yes
Operating System	juniper	junos	12.2	Yes
Operating System	juniper	junos	12.2	Yes
Operating System	juniper	junos	12.3	Yes
Operating System	juniper	junos	12.3	Yes
Operating System	juniper	junos	12.3	Yes
Operating System	juniper	junos	12.3	Yes
Operating System	juniper	junos	12.3	Yes
Operating System	juniper	junos	12.3	Yes
Operating System	juniper	junos	13.1	Yes
Operating System	juniper	junos	13.1	Yes
Operating System	juniper	junos	13.1	Yes
Operating System	juniper	junos	13.1	Yes
Operating System	juniper	junos	13.2	Yes
Operating System	juniper	junos	13.2	Yes
Operating System	juniper	junos	13.2	Yes
Operating System	juniper	junos	13.2	Yes
Operating System	juniper	junos	13.3	Yes
Operating System	juniper	junos	13.3	Yes
Operating System	microsoft	windows_2000	-	Yes
Operating System	microsoft	windows_2000	-	Yes
Operating System	microsoft	windows_98	-	Yes
Operating System	microsoft	windows_98se	-	Yes
Operating System	microsoft	windows_server_2003	-	Yes
Operating System	microsoft	windows_server_2003	-	Yes
Operating System	microsoft	windows_server_2003	-	Yes
Operating System	microsoft	windows_server_2003	-	Yes
Operating System	microsoft	windows_xp	-	Yes
Operating System	microsoft	windows_xp	-	Yes
Operating System	microsoft	windows_xp	-	Yes
Operating System	microsoft	windows_xp	-	Yes
Operating System	oracle	solaris	10	Yes
Operating System	oracle	solaris	11	Yes
Application	openpgp	openpgp	2.6.2	Yes
Application	mcafee	network_data_loss_prevention	≤ 8.6	Yes
Application	mcafee	network_data_loss_prevention	9.2.0	Yes
Application	mcafee	network_data_loss_prevention	9.2.1	Yes
Application	mcafee	network_data_loss_prevention	9.2.2	Yes
Operating System	netbsd	netbsd	1.5	Yes
Operating System	netbsd	netbsd	1.5.1	Yes
Operating System	netbsd	netbsd	1.5.2	Yes
Operating System	netbsd	netbsd	1.5.3	Yes
Operating System	netbsd	netbsd	1.6	Yes
Operating System	netbsd	netbsd	1.6.1	Yes
Operating System	netbsd	netbsd	1.6.2	Yes
Operating System	netbsd	netbsd	2.0	Yes
Operating System	xinuos	openserver	5.0.6	Yes
Operating System	xinuos	openserver	5.0.7	Yes
Operating System	xinuos	unixware	7.1.1	Yes
Operating System	xinuos	unixware	7.1.3	Yes

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc Third Party Advisory, Broken Link ([email protected])
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt Third Party Advisory, Broken Link ([email protected])
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt Third Party Advisory, Broken Link ([email protected])
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt Third Party Advisory, Broken Link ([email protected])
ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc Third Party Advisory, Broken Link ([email protected])
http://kb.juniper.net/JSA10638 Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=108302060014745&w=2 Mailing List ([email protected])
http://marc.info/?l=bugtraq&m=108506952116653&w=2 Mailing List ([email protected])
http://secunia.com/advisories/11440 Permissions Required, Third Party Advisory, VDB Entry, Broken Link ([email protected])
http://secunia.com/advisories/11458 Permissions Required, Third Party Advisory, VDB Entry, Broken Link ([email protected])
http://secunia.com/advisories/22341 Permissions Required, Third Party Advisory, VDB Entry, Broken Link ([email protected])
http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml Broken Link ([email protected])
http://www.kb.cert.org/vuls/id/415294 Third Party Advisory, US Government Resource ([email protected])
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Patch, Third Party Advisory ([email protected])
http://www.osvdb.org/4030 Broken Link ([email protected])
http://www.securityfocus.com/archive/1/449179/100/0/threaded Broken Link ([email protected])
http://www.securityfocus.com/archive/1/449179/100/0/threaded Broken Link ([email protected])
http://www.securityfocus.com/bid/10183 Exploit, Third Party Advisory, VDB Entry ([email protected])
http://www.uniras.gov.uk/vuls/2004/236929/index.htm Broken Link ([email protected])
http://www.us-cert.gov/cas/techalerts/TA04-111A.html Third Party Advisory, US Government Resource ([email protected])
http://www.vupen.com/english/advisories/2006/3983 Permissions Required, Broken Link ([email protected])
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019 Third Party Advisory ([email protected])
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064 Third Party Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/15886 Third Party Advisory ([email protected])
https://kc.mcafee.com/corporate/index?page=content&id=SB10053 Patch, Third Party Advisory, Broken Link ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689 Broken Link ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270 Broken Link ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508 Broken Link ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791 Broken Link ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711 Broken Link ([email protected])
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc Third Party Advisory, Broken Link (af854a3a-2127-422b-91ae-364da2661108)
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt Third Party Advisory, Broken Link (af854a3a-2127-422b-91ae-364da2661108)
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt Third Party Advisory, Broken Link (af854a3a-2127-422b-91ae-364da2661108)
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt Third Party Advisory, Broken Link (af854a3a-2127-422b-91ae-364da2661108)
ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc Third Party Advisory, Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://kb.juniper.net/JSA10638 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=108302060014745&w=2 Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=108506952116653&w=2 Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/11440 Permissions Required, Third Party Advisory, VDB Entry, Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/11458 Permissions Required, Third Party Advisory, VDB Entry, Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22341 Permissions Required, Third Party Advisory, VDB Entry, Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/415294 Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/4030 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/449179/100/0/threaded Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/449179/100/0/threaded Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/10183 Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.uniras.gov.uk/vuls/2004/236929/index.htm Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/cas/techalerts/TA04-111A.html Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/3983 Permissions Required, Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15886 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://kc.mcafee.com/corporate/index?page=content&id=SB10053 Patch, Third Party Advisory, Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711 Broken Link (af854a3a-2127-422b-91ae-364da2661108)