CVE-2004-0230
TCP Connection Reset - Remote Denial of Service
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
16
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
TCP, cuando se usa un tamaño de ventana de transmisión grande, hace más fácil a atacantes remotos adivinar números de secuencia y causar una denegación de servicio (pérdida de la conexión) en conexiones TCP persistentes inyectando repetidamente un paquete TCP RST, especialmente en protocolos que usan conexiones de vida larga, como BGP.
Most implementations of the Border Gateway Protocol (BGP) rely on the Transmission Control Protocol (TCP) to maintain persistent unauthenticated network sessions. There is a vulnerability in TCP which allows remote attackers to terminate network sessions. Sustained exploitation of this vulnerability could lead to a denial of service condition; in the case of BGP systems, portions of the Internet community may be affected. Routing operations would recover quickly after such attacks ended.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2004-03-05 First Exploit
- 2004-03-17 CVE Reserved
- 2004-04-22 CVE Published
- 2024-08-08 CVE Updated
- 2025-06-27 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (40)
| URL | Date | SRC |
|---|---|---|
| https://packetstorm.news/files/id/33202 | 2004-04-28 | |
| https://packetstorm.news/files/id/33182 | 2004-04-25 | |
| https://packetstorm.news/files/id/33185 | 2004-04-28 | |
| https://packetstorm.news/files/id/33171 | 2004-04-23 | |
| https://packetstorm.news/files/id/33243 | 2004-05-04 | |
| https://packetstorm.news/files/id/33153 | 2004-04-22 | |
| https://packetstorm.news/files/id/33174 | 2004-04-24 | |
| https://packetstorm.news/files/id/33172 | 2004-04-23 | |
| https://www.exploit-db.com/exploits/291 | 2004-04-23 | |
| https://www.exploit-db.com/exploits/24030 | 2004-03-05 | |
| https://www.exploit-db.com/exploits/24031 | 2004-04-20 | |
| https://www.exploit-db.com/exploits/24033 | 2004-04-23 | |
| https://www.exploit-db.com/exploits/24032 | 2004-04-20 | |
| https://www.exploit-db.com/exploits/942 | 2005-04-17 | |
| https://www.exploit-db.com/exploits/276 | 2004-04-22 | |
| http://www.securityfocus.com/bid/10183 | 2024-08-08 |
| URL | Date | SRC |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | 2018-10-19 | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10053 | 2018-10-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | 10 Search vendor "Oracle" for product "Solaris" and version "10" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | 11 Search vendor "Oracle" for product "Solaris" and version "11" | - |
Affected
| ||||||
| Openpgp Search vendor "Openpgp" | Openpgp Search vendor "Openpgp" for product "Openpgp" | 2.6.2 Search vendor "Openpgp" for product "Openpgp" and version "2.6.2" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Network Data Loss Prevention Search vendor "Mcafee" for product "Network Data Loss Prevention" | <= 8.6 Search vendor "Mcafee" for product "Network Data Loss Prevention" and version " <= 8.6" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Network Data Loss Prevention Search vendor "Mcafee" for product "Network Data Loss Prevention" | 9.2.0 Search vendor "Mcafee" for product "Network Data Loss Prevention" and version "9.2.0" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Network Data Loss Prevention Search vendor "Mcafee" for product "Network Data Loss Prevention" | 9.2.1 Search vendor "Mcafee" for product "Network Data Loss Prevention" and version "9.2.1" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Network Data Loss Prevention Search vendor "Mcafee" for product "Network Data Loss Prevention" | 9.2.2 Search vendor "Mcafee" for product "Network Data Loss Prevention" and version "9.2.2" | - |
Affected
| ||||||
| Netbsd Search vendor "Netbsd" | Netbsd Search vendor "Netbsd" for product "Netbsd" | 1.5 Search vendor "Netbsd" for product "Netbsd" and version "1.5" | - |
Affected
| ||||||
| Netbsd Search vendor "Netbsd" | Netbsd Search vendor "Netbsd" for product "Netbsd" | 1.5.1 Search vendor "Netbsd" for product "Netbsd" and version "1.5.1" | - |
Affected
| ||||||
| Netbsd Search vendor "Netbsd" | Netbsd Search vendor "Netbsd" for product "Netbsd" | 1.5.2 Search vendor "Netbsd" for product "Netbsd" and version "1.5.2" | - |
Affected
| ||||||
| Netbsd Search vendor "Netbsd" | Netbsd Search vendor "Netbsd" for product "Netbsd" | 1.5.3 Search vendor "Netbsd" for product "Netbsd" and version "1.5.3" | - |
Affected
| ||||||
| Netbsd Search vendor "Netbsd" | Netbsd Search vendor "Netbsd" for product "Netbsd" | 1.6 Search vendor "Netbsd" for product "Netbsd" and version "1.6" | - |
Affected
| ||||||
| Netbsd Search vendor "Netbsd" | Netbsd Search vendor "Netbsd" for product "Netbsd" | 1.6.1 Search vendor "Netbsd" for product "Netbsd" and version "1.6.1" | - |
Affected
| ||||||
| Netbsd Search vendor "Netbsd" | Netbsd Search vendor "Netbsd" for product "Netbsd" | 1.6.2 Search vendor "Netbsd" for product "Netbsd" and version "1.6.2" | - |
Affected
| ||||||
| Netbsd Search vendor "Netbsd" | Netbsd Search vendor "Netbsd" for product "Netbsd" | 2.0 Search vendor "Netbsd" for product "Netbsd" and version "2.0" | - |
Affected
| ||||||
| Xinuos Search vendor "Xinuos" | Openserver Search vendor "Xinuos" for product "Openserver" | 5.0.6 Search vendor "Xinuos" for product "Openserver" and version "5.0.6" | - |
Affected
| ||||||
| Xinuos Search vendor "Xinuos" | Openserver Search vendor "Xinuos" for product "Openserver" | 5.0.7 Search vendor "Xinuos" for product "Openserver" and version "5.0.7" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | * | - |
Affected
| ||||||
| Xinuos Search vendor "Xinuos" | Unixware Search vendor "Xinuos" for product "Unixware" | 7.1.1 Search vendor "Xinuos" for product "Unixware" and version "7.1.1" | - |
Affected
| ||||||
| Xinuos Search vendor "Xinuos" | Unixware Search vendor "Xinuos" for product "Unixware" | 7.1.3 Search vendor "Xinuos" for product "Unixware" and version "7.1.3" | - |
Affected
| ||||||