Denial of Service Vulnerability in Multiple TCP Implementations by Various Vendors
CVE-2005-0356

Currently unrated

Key Information:

Vendor

Cisco
Status
Secure Access Control Server
Mgx 8230
Mgx 8250
Personal Assistant
Vendor
CVE Published:
31 May 2005

What is CVE-2005-0356?

Multiple TCP implementations with the Protection Against Wrapped Sequence Numbers (PAWS) feature enabled have a vulnerability that allows remote attackers to execute a denial of service attack. By sending a spoofed packet containing a large timestamp value, an attacker can trick the target system into dropping legitimate packets, perceiving them as outdated. This can result in connection loss, severely disrupting network services and stability.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/20635
vdb-entryx_refsource_XF
http://secunia.com/advisories/15393
third-party-advisoryx_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/637934
third-party-advisoryx_refsource_CERT-VN

EPSS Score

79% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.