CVE-2005-4316
Description
HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:11.4:*:*:*:*:*:*:*
- (no CPE)range: B.11.00, B.11.04, B.11.11, B.11.23
Patches
Vulnerability mechanics
Root cause
"The TCP stack has inefficiencies when handling fragmented IP packets."
Attack vector
A remote attacker can send a series of small IP fragments that do not form a complete packet. By repeatedly sending the last IP fragment, the attacker forces the reassembly code to perform frequent free() and malloc() operations. This process can lead to a denial of service condition on the affected system [ref_id=1].
Affected code
The vulnerability lies within the TCP stack's handling of fragmented IP packets. The provided exploit code demonstrates how to craft and send these fragments to trigger the issue [ref_id=1].
What the fix does
The advisory does not specify a patch or a fix. It indicates that the vulnerability is present in multiple vendor implementations of the TCP stack, including Microsoft Windows 2000/XP, Linux kernel 2.4, and undisclosed Cisco systems. Users are advised to consult their respective vendors for remediation guidance.
Preconditions
- networkThe attacker must be able to send network packets to the target system.
Reproduction
The provided reference includes C code that can be compiled and executed to reproduce the denial of service condition by targeting a specific victim IP address [ref_id=1].
Generated on Jun 5, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
9- secunia.com/advisories/18082/nvdPatchVendor Advisory
- securitytracker.com/idnvdPatch
- secunia.com/advisories/19086nvd
- support.avaya.com/elmodocs2/security/ASA-2006-062.htmnvd
- www.securityfocus.com/archive/1/376490nvd
- www.securityfocus.com/archive/1/419594/100/0/threadednvd
- www.securityfocus.com/bid/11258nvd
- www.vupen.com/english/advisories/2005/2945nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5760nvd
News mentions
0No linked articles in our index yet.