TCP/IP Sequence Prediction Blind Reset Spoofing DoS

This script is (C) 2004-2016 Tenable Network Security, Inc.


Synopsis :

It was possible to send spoofed RST packets to the remote system.

Description :

The remote host is affected by a sequence number approximation
vulnerability that allows an attacker to send spoofed RST packets to
the remote host and close established connections. This may cause
problems for some dedicated services (BGP, a VPN over TCP, etc).

See also :

https://downloads.avaya.com/elmodocs2/security/ASA-2006-217.htm
http://www.kb.cert.org/vuls/id/JARL-5ZQR4D
http://www-01.ibm.com/support/docview.wss?uid=isg1IY55949
http://www-01.ibm.com/support/docview.wss?uid=isg1IY55950
http://www-01.ibm.com/support/docview.wss?uid=isg1IY62006
http://www.juniper.net/support/security/alerts/niscc-236929.txt
http://technet.microsoft.com/en-us/security/bulletin/ms05-019
http://technet.microsoft.com/en-us/security/bulletin/ms06-064
http://www.kb.cert.org/vuls/id/JARL-5YGQ9G
http://www.kb.cert.org/vuls/id/JARL-5ZQR7H
http://www.kb.cert.org/vuls/id/JARL-5YGQAJ
http://www.nessus.org/u?cf64c2ca
http://isc.sans.edu/diary.html?date=2004-04-20

Solution :

Contact the vendor for a patch or mitigation advice.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.5
(CVSS2#E:POC/RL:ND/RC:C)
Public Exploit Available : true

Family: Denial of Service

Nessus Plugin ID: 12213 ()

Bugtraq ID: 10183

CVE ID: CVE-2004-0230

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial