Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2005-0067 | First vendor Publication | 2004-12-22 |
| Vendor | Cve | Last vendor Modification | 2008-09-05 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0067 |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 15622 | Multiple Vendor TCP Implementation Port Randomization Weakness Multiple TCP implementations contains a flaw that may allow a remote attacker to forge ICMP error messages. The problem is that port numbers are not assigned randomly, which may allow a remote attacker to forge ICMP error messages resulting in a loss of integrity. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2017-05-08 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL23440942.nasl - Type : ACT_GATHER_INFO |
| 2010-09-01 | Name : The remote device is missing a vendor-supplied security patch File : cisco-sa-20050412-icmp.nasl - Type : ACT_GATHER_INFO |
| 2005-04-12 | Name : Arbitrary code can be executed on the remote host due to a flaw in the TCP/IP... File : smb_nt_ms05-019.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
| Source | Url |
|---|---|
| BID | http://www.securityfocus.com/bid/13124 |
| MISC | http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html |
Alert History
| Date | Informations |
|---|---|
| 2021-05-04 12:02:43 |
|
| 2021-04-22 01:02:55 |
|
| 2020-05-23 00:16:16 |
|
| 2017-05-09 13:20:53 |
|
| 2014-02-17 10:29:41 |
|
| 2013-05-11 11:19:45 |
|
