CVE-2004-0230

Summary

CVECVE-2004-0230
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2004-08-18 04:00:00 UTC
Updated2018-10-19 15:30:00 UTC
DescriptionTCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Operating System Juniper Junos All All All All
Operating System Juniper Junos All All All All
Application Mcafee Network Data Loss Prevention 9.2.0 All All All
Application Mcafee Network Data Loss Prevention 9.2.1 All All All
Application Mcafee Network Data Loss Prevention 9.2.2 All All All
Application Mcafee Network Data Loss Prevention 9.2.0 All All All
Application Mcafee Network Data Loss Prevention 9.2.1 All All All
Application Mcafee Network Data Loss Prevention 9.2.2 All All All
Application Mcafee Network Data Loss Prevention All All All All
Operating System Netbsd Netbsd 1.5 All All All
Operating System Netbsd Netbsd 1.5.1 All All All
Operating System Netbsd Netbsd 1.5.2 All All All
Operating System Netbsd Netbsd 1.5.3 All All All
Operating System Netbsd Netbsd 1.6 All All All
Operating System Netbsd Netbsd 1.6.1 All All All
Operating System Netbsd Netbsd 1.6.2 All All All
Operating System Netbsd Netbsd 2.0 All All All
Operating System Netbsd Netbsd 1.5 All All All
Operating System Netbsd Netbsd 1.5.1 All All All
Operating System Netbsd Netbsd 1.5.2 All All All
Operating System Netbsd Netbsd 1.5.3 All All All
Operating System Netbsd Netbsd 1.6 All All All
Operating System Netbsd Netbsd 1.6.1 All All All
Operating System Netbsd Netbsd 1.6.2 All All All
Operating System Netbsd Netbsd 2.0 All All All
Application Openpgp Openpgp 2.6.2 All All All
Application Openpgp Openpgp 2.6.2 All All All
Operating System Oracle Solaris 10 All All All
Operating System Oracle Solaris 11 All All All
Operating System Oracle Solaris 10 All All All
Operating System Oracle Solaris 11 All All All
Operating System Xinuos Openserver 5.0.6 All All All
Operating System Xinuos Openserver 5.0.7 All All All
Operating System Xinuos Openserver 5.0.6 All All All
Operating System Xinuos Openserver 5.0.7 All All All
Operating System Xinuos Unixware 7.1.1 All All All
Operating System Xinuos Unixware 7.1.3 All All All
Operating System Xinuos Unixware 7.1.1 All All All
Operating System Xinuos Unixware 7.1.3 All All All

References

ReferenceSourceLinkTags
US-CERT Technical Cyber Security Alert TA04-111A -- Vulnerabilities in TCP CERT www.us-cert.gov Third Party Advisory, US Government Resource
Juniper Networks - 2014-07 Security Bulletin: Junos: Denial of Service in TCP packet processing (CVE-2004-0230) CONFIRM kb.juniper.net Third Party Advisory
'[security bulletin] SSRT4696 rev. 0 HP ProCurve Routing Switches TCP Denial of Service (DoS)' - MARC HP marc.info
Repository / Oval Repository OVAL oval.cisecurity.org
Microsoft Security Bulletin MS05-019 - Critical | Microsoft Docs MS docs.microsoft.com
US-CERT Vulnerability Note VU#415294 CERT-VN www.kb.cert.org Third Party Advisory, US Government Resource
Secunia - Advisories - Cisco IOS TCP Connection Reset Denial of Service Vulnerability SECUNIA secunia.com Permissions Required, Third Party Advisory, VDB Entry
McAfee KnowledgeBase - McAfee Security Bulletin – Network Data Loss Prevention addresses 17 security issues CONFIRM kc.mcafee.com Patch, Third Party Advisory
Repository / Oval Repository OVAL oval.cisecurity.org
Microsoft Security Bulletin MS06-064 - Important | Microsoft Docs MS docs.microsoft.com
SCOSA-2005.3 SCO ftp.sco.com Third Party Advisory
Secunia - Advisories - Juniper Networks Products TCP Connection Reset Denial of Service SECUNIA secunia.com Permissions Required, Third Party Advisory, VDB Entry
Microsoft Windows Multiple IPv6 Denial of Service Vulnerabilities - Advisories - Secunia SECUNIA secunia.com Permissions Required, Third Party Advisory, VDB Entry
Repository / Oval Repository OVAL oval.cisecurity.org
Oracle Critical Patch Update - January 2015 CONFIRM www.oracle.com Patch, Third Party Advisory
Cisco - Networking, Cloud, and Cybersecurity Solutions CISCO www.cisco.com Broken Link
Repository / Oval Repository OVAL oval.cisecurity.org
'Perl code exploting TCP not checking RST ACK.' - MARC BUGTRAQ marc.info
4030 OSVDB www.osvdb.org Broken Link
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com Permissions Required
IBM X-Force Exchange XF exchange.xforce.ibmcloud.com
SCOSA-2005.9 SCO ftp.sco.com Third Party Advisory
SCOSA-2005.14 SCO ftp.sco.com Third Party Advisory
NetBSD-SA2004-006 NETBSD ftp.netbsd.org Third Party Advisory
Repository / Oval Repository OVAL oval.cisecurity.org
Multiple Vendor TCP Sequence Number Approximation Vulnerability BID www.securityfocus.com Exploit, Third Party Advisory, VDB Entry
www.uniras.gov.uk/vuls/2004/236929/index.htm MISC www.uniras.gov.uk Broken Link
SecurityFocus HP www.securityfocus.com
20040403-01-A SGI patches.sgi.com Third Party Advisory
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Vendor Comments And Credit

OrganizationPublishedContributorStatement
Red Hat2006-08-16Mark J CoxThe DHS advisory is a good source of background information about the issue: http://www.us-cert.gov/cas/techalerts/TA04-111A.html It is important to note that the issue described is a known function of TCP. In order to perform a connection reset an attacker would need to know the source and destination ip address and ports as well as being able to guess the sequence number within the window. These requirements seriously reduce the ability to trigger a connection reset on normal TCP connections. The DHS advisory explains that BGP routing is a specific case where being able to trigger a reset is easier than expected as the end points can be easily determined and large window sizes are used. BGP routing is also signficantly affected by having it’s connections terminated. The major BGP peers have recently switched to requiring md5 signatures which mitigates against this attack. The following article from Linux Weekly News also puts the flaw into context and shows why it does not pose a significant threat: http://lwn.net/Articles/81560/ Red Hat does not have any plans for action regarding this issue.
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report