Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:
Kategorie:Denial of Service
Titel:TCP Sequence Number Approximation Reset Denial of Service Vulnerability
Zusammenfassung:The host is running TCP services and is prone to denial of service; vulnerability.
The host is running TCP services and is prone to denial of service

Vulnerability Insight:
The flaw is triggered when spoofed TCP Reset packets are received by the
targeted TCP stack and will result in loss of availability for the attacked TCP services.

Vulnerability Impact:
Successful exploitation will allow remote attackers to guess sequence numbers
and cause a denial of service to persistent TCP connections by repeatedly injecting a TCP RST packet.

Affected Software/OS:
The TCP/IP v4 stack of various products / vendors including:

- Microsoft Windows

- Cisco

- Juniper JunOS

Please see the referenced advisories for more information on obtaining
and applying fixes.

CVSS Score:

CVSS Vector:

Querverweis: BugTraq ID: 10183
Common Vulnerability Exposure (CVE) ID: CVE-2004-0230
Bugtraq: 20040425 Perl code exploting TCP not checking RST ACK. (Google Search)
Cert/CC Advisory: TA04-111A
CERT/CC vulnerability note: VU#415294
Cisco Security Advisory: 20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products
HPdes Security Advisory: HPSBST02161
HPdes Security Advisory: SSRT061264
HPdes Security Advisory: SSRT4696
Microsoft Security Bulletin: MS05-019
Microsoft Security Bulletin: MS06-064
NETBSD Security Advisory: NetBSD-SA2004-006
SCO Security Bulletin: SCOSA-2005.14
SCO Security Bulletin: SCOSA-2005.3
SCO Security Bulletin: SCOSA-2005.9
SGI Security Advisory: 20040403-01-A
XForce ISS Database: tcp-rst-dos(15886)
CopyrightCopyright (C) 2012 SecPod

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.