CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 0CVE-2005-3675
https://notcve.org/view.php?id=CVE-2005-3675
18 Nov 2005 — The Transmission Control Protocol (TCP) allows remote attackers to cause a denial of service (bandwidth consumption) by sending ACK messages for packets that have not yet been received (optimistic ACKs), which can cause the sender to increase its transmission rate until it fills available bandwidth. • http://www.cs.umd.edu/~capveg/optack/optack-extended.pdf •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0065
https://notcve.org/view.php?id=CVE-2005-0065
19 Jan 2005 — The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source ... • http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0066
https://notcve.org/view.php?id=CVE-2005-0066
22 Dec 2004 — The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP acknowledgement number checking"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throu... • http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0067
https://notcve.org/view.php?id=CVE-2005-0067
22 Dec 2004 — The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to... • http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0068
https://notcve.org/view.php?id=CVE-2005-0068
22 Dec 2004 — The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced... • http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html •
CVSS: 7.5EPSS: 59%CPEs: 2EXPL: 2CVE-2004-1060 – Multiple Vendor ICMP Implementation - Malformed Path MTU Denial of Service
https://notcve.org/view.php?id=CVE-2004-1060
12 Apr 2004 — Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related iden... • https://www.exploit-db.com/exploits/25388 •