CVE-2004-0230

Name of the Vulnerable Software and Affected Versions Transmission Control Protocol (TCP) (affected versions not specified) FANUC 32i (affected versions not specified) All Cisco products which contain a TCP stack (affected versions not specified) FortiOS (affected versions not specified)

Description The issue allows remote attackers to cause a denial of service to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections. This can be exploited when using a large Window Size, making it easier to guess sequence numbers. The vulnerability can also lead to an IP flood attack, disrupting the TCP/IP stack. Successful exploitation enables an adversary to reset any established TCP connection in a shorter time than previously discussed. Depending on the application, the connection may get automatically re-established, or a user will have to repeat the action. The attack vector is applicable to sessions terminating on a device and does not directly compromise data integrity or confidentiality.

Recommendations For Transmission Control Protocol (TCP), consider restricting the use of large Window Sizes to minimize the risk of exploitation. For FANUC 32i, restrict access to the TCP/IP stack to prevent IP flood attacks until a patch is available. For Cisco products, apply the configuration changes recommended in the Cisco Security Advisory to mitigate the vulnerability. For FortiOS, at the moment, there is no information about a newer version that contains a fix for this vulnerability.