Denial of Service Vulnerability in TCP/IP Implementations by Various Vendors
CVE-2004-0790

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows Xp
Sunos
Windows 98se
Solaris
Vendor
CVE Published:
12 April 2005

What is CVE-2004-0790?

Multiple TCP/IP and ICMP implementations are susceptible to a denial of service attack whereby remote attackers can terminate TCP connections using spoofed ICMP error messages. This exploit, commonly known as the 'blind connection-reset attack', poses a risk to stability and availability across various systems relying on these networking protocols. The attack vector exploits weaknesses in network handling, allowing unauthorized disruptions, particularly affecting applications reliant on persistent connections. Addressing this vulnerability is crucial for maintaining robust network performance and security.

References

https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://www.securityfocus.com/bid/13124
vdb-entryx_refsource_BID

EPSS Score

79% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.