What is CVE-2004-0230?

CVE-2004-0230 is a vulnerability in N/a. Published 2004-05-05.

Is CVE-2004-0230 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2004-0230

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in proto…

EPSS: 0.809 (99.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

oval:org.mitre.oval:def:2689 (signature, x_refsource_OVAL, vdb-entry)
oval:org.mitre.oval:def:3508 (signature, x_refsource_OVAL, vdb-entry)
TA04-111A (x_refsource_CERT, third-party-advisory)
oval:org.mitre.oval:def:5711 (signature, x_refsource_OVAL, vdb-entry)
20040425 Perl code exploting TCP not checking RST ACK. (mailing-list, x_refsource_BUGTRAQ)
SSRT061264 (x_refsource_HP, vendor-advisory)
www.uniras.gov.uk/vuls/2004/236929/index.htm (x_refsource_MISC)
MS06-064 (x_refsource_MS, vendor-advisory)
11440 (x_refsource_SECUNIA, third-party-advisory)
kb.juniper.net/JSA10638 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2004-0230?: CVE-2004-0230 is a vulnerability in N/a. Published 2004-05-05.
Is CVE-2004-0230 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.