Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.902815
Kategorie:Denial of Service
Titel:TCP Sequence Number Approximation Reset Denial of Service Vulnerability
Zusammenfassung:The host is running TCP services and is prone to denial of service; vulnerability.
Beschreibung:Summary:
The host is running TCP services and is prone to denial of service
vulnerability.

Vulnerability Insight:
The flaw is triggered when spoofed TCP Reset packets are received by the
targeted TCP stack and will result in loss of availability for the attacked TCP services.

Vulnerability Impact:
Successful exploitation will allow remote attackers to guess sequence numbers
and cause a denial of service to persistent TCP connections by repeatedly injecting a TCP RST packet.

Affected Software/OS:
The TCP/IP v4 stack of various products / vendors including:

- Microsoft Windows

- Cisco

- Juniper JunOS

Solution:
Please see the referenced advisories for more information on obtaining
and applying fixes.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: BugTraq ID: 10183
Common Vulnerability Exposure (CVE) ID: CVE-2004-0230
http://www.securityfocus.com/bid/10183
Bugtraq: 20040425 Perl code exploting TCP not checking RST ACK. (Google Search)
http://marc.info/?l=bugtraq&m=108302060014745&w=2
Cert/CC Advisory: TA04-111A
http://www.us-cert.gov/cas/techalerts/TA04-111A.html
CERT/CC vulnerability note: VU#415294
http://www.kb.cert.org/vuls/id/415294
Cisco Security Advisory: 20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products
http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml
HPdes Security Advisory: HPSBST02161
http://www.securityfocus.com/archive/1/449179/100/0/threaded
HPdes Security Advisory: SSRT061264
HPdes Security Advisory: SSRT4696
http://marc.info/?l=bugtraq&m=108506952116653&w=2
http://www.uniras.gov.uk/vuls/2004/236929/index.htm
Microsoft Security Bulletin: MS05-019
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019
Microsoft Security Bulletin: MS06-064
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064
NETBSD Security Advisory: NetBSD-SA2004-006
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc
http://www.osvdb.org/4030
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711
SCO Security Bulletin: SCOSA-2005.14
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt
SCO Security Bulletin: SCOSA-2005.3
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt
SCO Security Bulletin: SCOSA-2005.9
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt
http://secunia.com/advisories/11440
http://secunia.com/advisories/11458
http://secunia.com/advisories/22341
SGI Security Advisory: 20040403-01-A
ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc
http://www.vupen.com/english/advisories/2006/3983
XForce ISS Database: tcp-rst-dos(15886)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15886
CopyrightCopyright (C) 2012 SecPod

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.