Showing 1 - 3 of 3

CVE-2004-1060

Status Candidate

Overview

Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.

Related Files

SSRT4884.txt: Posted Jul 20, 2005; Site hp.com; HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS).; tags | advisory, denial of service, tcp; systems | hpux; advisories | CVE-2004-0790, CVE-2004-0791, CVE-2004-1060; SHA-256 | d3ad738901245351489ee595ede2209584fbee234fa9e6dc678b1e3a67a059ba; Download | Favorite | View

SSRT4743-SSRT4884.txt: Posted Jul 19, 2005; Site hp.com; HP Security Bulletin - Several potential security vulnerabilities have been identified in the HP Tru64 UNIX TCP/IP including ICMP, and Initial Sequence Number generation (ISNs). These exploits could result in a remote Denial of Service (DoS) from network throughput reduction for TCP connections, the reset of TCP connections, or TCP spoofing.; tags | advisory, remote, denial of service, spoof, tcp, vulnerability; systems | unix; advisories | CVE-2004-0790, CVE-2004-0791, CVE-2004-1060, CVE-2001-0328; SHA-256 | 01a1698e6f50bc4fca3b4bc2715a0243f19bbd00ef5697812b929253e98f823b; Download | Favorite | View

HOD-icmp-attacks-poc.c: Posted Jun 1, 2005; Authored by houseofdabus; A denial of service vulnerability exists that could allow an attacker to send a specially crafted Internet Control Message Protocol (ICMP) message to an affected system. An attacker who successfully exploited this vulnerability could cause the affected system to reset existing TCP connections, reduce the throughput in existing TCP connections, or consume large amounts of CPU and memory resources. This exploit affects various Cisco, AIX, and Windows versions.; tags | exploit, denial of service, tcp, protocol; systems | cisco, windows, aix; advisories | CVE-2004-0790, CVE-2004-0791, CVE-2004-1060; SHA-256 | c38bf63263b456c9b7c004c4c24fa3d01dfd91eac3ac084536fbdffe4d081a45; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 205 files
Ubuntu 84 files
Gentoo 31 files
Debian 21 files
tmrswrr 10 files
Sina Kheirkhah 7 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
Google Security Research 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,078)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,350)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,266)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,658)
UNIX (9,425)
UnixWare (187)
Windows (6,666)
Other

CVE-2004-1060

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems