Vulnerability Details CVE-2005-1184
The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. NOTE: some followups indicate that this issue could not be replicated.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.443
EPSS Ranking 97.4%
CVSS Severity
CVSS v2 Score 5.0
References
- http://seclists.org/lists/fulldisclosure/2005/Apr/0358.html
- http://seclists.org/lists/fulldisclosure/2005/Apr/0383.html
- http://seclists.org/lists/fulldisclosure/2005/Apr/0385.html
- http://www.securityfocus.com/bid/13215
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40502
- http://seclists.org/lists/fulldisclosure/2005/Apr/0358.html
- http://seclists.org/lists/fulldisclosure/2005/Apr/0383.html
- http://seclists.org/lists/fulldisclosure/2005/Apr/0385.html
- http://www.securityfocus.com/bid/13215
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40502
Products affected by CVE-2005-1184
-
cpe:2.3:o:microsoft:windows_2000:-
-
cpe:2.3:o:microsoft:windows_2000:beta3
-
cpe:2.3:o:microsoft:windows_2003_server:datacenter_64-bit
-
cpe:2.3:o:microsoft:windows_2003_server:enterprise
-
cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit
-
cpe:2.3:o:microsoft:windows_2003_server:r2
-
cpe:2.3:o:microsoft:windows_2003_server:standard
-
cpe:2.3:o:microsoft:windows_2003_server:standard_64-bit
-
cpe:2.3:o:microsoft:windows_2003_server:web
-
cpe:2.3:o:microsoft:windows_98se:-
-
cpe:2.3:o:microsoft:windows_nt:4.0
-
cpe:2.3:o:microsoft:windows_xp:-