Test ID:	1.3.6.1.4.1.25623.1.0.902815
Category:	Denial of Service
Title:	TCP Sequence Number Approximation Reset Denial of Service Vulnerability
Summary:	TCP services is prone to a denial of service (DoS) vulnerability.
Description:	Summary: TCP services is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is triggered when spoofed TCP Reset packets are received by the targeted TCP stack and will result in loss of availability for the attacked TCP services. Vulnerability Impact: Successful exploitation will allow remote attackers to guess sequence numbers and cause a denial of service to persistent TCP connections by repeatedly injecting a TCP RST packet. Affected Software/OS: The TCP/IP v4 stack of various products / vendors including: - Microsoft Windows - Cisco - Juniper Networks Junos OS Solution: Please see the referenced advisories for more information on obtaining and applying fixes. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0230 BugTraq ID: 10183 http://www.securityfocus.com/bid/10183 Bugtraq: 20040425 Perl code exploting TCP not checking RST ACK. (Google Search) http://marc.info/?l=bugtraq&m=108302060014745&w=2 Cert/CC Advisory: TA04-111A http://www.us-cert.gov/cas/techalerts/TA04-111A.html CERT/CC vulnerability note: VU#415294 http://www.kb.cert.org/vuls/id/415294 Cisco Security Advisory: 20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml HPdes Security Advisory: HPSBST02161 http://www.securityfocus.com/archive/1/449179/100/0/threaded HPdes Security Advisory: SSRT061264 HPdes Security Advisory: SSRT4696 http://marc.info/?l=bugtraq&m=108506952116653&w=2 http://www.uniras.gov.uk/vuls/2004/236929/index.htm Microsoft Security Bulletin: MS05-019 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019 Microsoft Security Bulletin: MS06-064 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064 NETBSD Security Advisory: NetBSD-SA2004-006 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc http://www.osvdb.org/4030 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711 SCO Security Bulletin: SCOSA-2005.14 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt SCO Security Bulletin: SCOSA-2005.3 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt SCO Security Bulletin: SCOSA-2005.9 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt http://secunia.com/advisories/11440 http://secunia.com/advisories/11458 http://secunia.com/advisories/22341 SGI Security Advisory: 20040403-01-A ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc http://www.vupen.com/english/advisories/2006/3983 XForce ISS Database: tcp-rst-dos(15886) https://exchange.xforce.ibmcloud.com/vulnerabilities/15886
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.