CVSS: 5.0EPSS: 96%CPEs: 14EXPL: 3CVE-2004-0790 – Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service (MS05-019)
https://notcve.org/view.php?id=CVE-2004-0790
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. • https://www.exploit-db.com/exploits/948 https://www.exploit-db.com/exploits/25389 https://www.exploit-db.com/exploits/942 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4/SCOSA-2006.4.txt http://marc.info/?l=bugtraq&m=112861397904255&w=2 http://secunia.com/advisories/18317 http://secunia.com/advisories/22341 http://securityreason.com/securityalert/19 http://securityreason.com/securityalert/57 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1 htt •
CVSS: 5.0EPSS: 60%CPEs: 4EXPL: 1CVE-2004-0791 – Multiple Vendor ICMP Implementation - Spoofed Source Quench Packet Denial of Service
https://notcve.org/view.php?id=CVE-2004-0791
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. • https://www.exploit-db.com/exploits/25387 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.4/SCOSA-2006.4.txt http://marc.info/?l=bugtraq&m=112861397904255&w=2 http://secunia.com/advisories/18317 http://securityreason.com/securityalert/19 http://securityreason.com/securityalert/57 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101658-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57746-1 http://www.gont.com.ar/drafts/icmp-attacks-against-tcp. •
CVSS: 5.6EPSS: 0%CPEs: 121EXPL: 0CVE-2005-0109
https://notcve.org/view.php?id=CVE-2005-0109
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2 http://marc.info/?l=freebsd-security&m=110994370429609&w=2 http://marc.info/?l=openbsd-misc&m=110995101417256&w=2 http://secunia.com/advisories/15348 http://secunia.com/advisories/18165 http://securitytracker.com/id?1013967 http://sunsolve.sun.com/search/document.do? •
CVSS: 7.5EPSS: 4%CPEs: 68EXPL: 0CVE-2004-1307
https://notcve.org/view.php?id=CVE-2004-1307
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/539110 http://www.us-cert.gov/cas/techalerts/TA05-136A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175 https: •
CVSS: 5.0EPSS: 0%CPEs: 20EXPL: 8CVE-2004-0230 – TCP Connection Reset - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2004-0230
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. TCP, cuando se usa un tamaño de ventana de transmisión grande, hace más fácil a atacantes remotos adivinar números de secuencia y causar una denegación de servicio (pérdida de la conexión) en conexiones TCP persistentes inyectando repetidamente un paquete TCP RST, especialmente en protocolos que usan conexiones de vida larga, como BGP. • https://www.exploit-db.com/exploits/291 https://www.exploit-db.com/exploits/24030 https://www.exploit-db.com/exploits/24031 https://www.exploit-db.com/exploits/24033 https://www.exploit-db.com/exploits/24032 https://www.exploit-db.com/exploits/942 https://www.exploit-db.com/exploits/276 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt ftp://ftp.sco.com/ •