TCP
Products
1- 6 CVEs
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-1060 | 0.09 | — | 0.75 | Apr 12, 2004 | Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low… | |||
| CVE-2005-0068 | 0.04 | — | 0.54 | Dec 22, 2004 | The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset… | |||
| CVE-2005-0066 | 0.01 | — | 0.11 | Dec 22, 2004 | The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP acknowledgement number checking"), which makes… | |||
| CVE-2005-0067 | 0.01 | — | 0.13 | Dec 22, 2004 | The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind… | |||
| CVE-2005-3675 | 0.00 | — | 0.02 | Nov 18, 2005 | The Transmission Control Protocol (TCP) allows remote attackers to cause a denial of service (bandwidth consumption) by sending ACK messages for packets that have not yet been received (optimistic ACKs), which can cause the sender to increase its transmission rate until it fills… | |||
| CVE-2005-0065 | 0.00 | — | 0.02 | May 2, 2005 | The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it easier for attackers to forge ICMP error… |
- CVE-2004-1060Apr 12, 2004risk 0.09cvss —epss 0.75
Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low…
- CVE-2005-0068Dec 22, 2004risk 0.04cvss —epss 0.54
The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset…
- CVE-2005-0066Dec 22, 2004risk 0.01cvss —epss 0.11
The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP acknowledgement number checking"), which makes…
- CVE-2005-0067Dec 22, 2004risk 0.01cvss —epss 0.13
The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind…
- CVE-2005-3675Nov 18, 2005risk 0.00cvss —epss 0.02
The Transmission Control Protocol (TCP) allows remote attackers to cause a denial of service (bandwidth consumption) by sending ACK messages for packets that have not yet been received (optimistic ACKs), which can cause the sender to increase its transmission rate until it fills…
- CVE-2005-0065May 2, 2005risk 0.00cvss —epss 0.02
The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it easier for attackers to forge ICMP error…