CVE-2005-0066

Опубликовано: 22 дек. 2004

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP acknowledgement number checking"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers

Ссылки

http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
Vendor Advisory
http://www.securityfocus.com/bid/13124
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
Vendor Advisory
http://www.securityfocus.com/bid/13124

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:tcp:tcp:*:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01228

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2005-0066

debian

больше 20 лет назад

The original design of TCP does not check that the TCP Acknowledgement ...

GHSA-4v46-4mj5-q2x2

github

больше 3 лет назад