CVE-2005-0068 in TCPinfo

Summary

The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

01/13/2005

Disclosure

12/22/2004

Moderation

VulDB entry created

Entries

1: VDB-22569

CPE

ready

CWE

CWE-404 (Confirmed)

Exploit

Download

CVSS

5.3

EPSS

0.01374

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-0068
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-0068
CVE Details	https://www.cvedetails.com/cve/CVE-2005-0068/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!