Lucene search

K
ubuntucveUbuntu.comUB:CVE-2004-0230
HistoryAug 18, 2004 - 12:00 a.m.

CVE-2004-0230

2004-08-1800:00:00
ubuntu.com
ubuntu.com
88

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

65.5%

TCP, when using a large Window Size, makes it easier for remote attackers
to guess sequence numbers and cause a denial of service (connection loss)
to persistent TCP connections by repeatedly injecting a TCP RST packet,
especially in protocols that use long-lived connections, such as BGP.

Notes

Author Note
kees this does not really affect the Linux TCP stack in any meaningful way. http://lkml.org/lkml/2004/4/21/125 http://lkml.org/lkml/2004/6/25/196
OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchquagga< 0.99.2-1ubuntu3.3UNKNOWN
ubuntu6.10noarchquagga< 0.99.4-4ubuntu1.2UNKNOWN
ubuntu7.04noarchquagga< 0.99.6-2ubuntu3.2UNKNOWN
ubuntu7.10noarchquagga< 0.99.9-1ubuntu1UNKNOWN

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

65.5%