Published: 31/05/2005 Updated: 30/04/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote malicious users to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco interactive voice response
cisco ip contact center enterprise
cisco personal assistant 1.4\\(2\\)
cisco emergency responder 1.1
cisco intelligent contact manager 5.0
cisco personal assistant 1.3\\(3\\)
cisco personal assistant 1.3\\(4\\)
cisco personal assistant 1.4\\(1\\)
cisco secure access control server 2.3
cisco secure access control server 2.6
cisco secure access control server 3.0
cisco secure access control server 3.2\\(1.20\\)
cisco secure access control server 3.2\\(2\\)
cisco agent desktop
cisco e-mail manager
cisco personal assistant 1.3\\(1\\)
cisco personal assistant 1.3\\(2\\)
cisco secure access control server 2.3.5.1
cisco secure access control server 2.3.6.1
cisco secure access control server 2.6.3
cisco secure access control server 2.6.4
cisco secure access control server 3.1.1
cisco secure access control server 3.2
cisco ip contact center express
cisco meetingplace
cisco secure access control server 2.0
cisco secure access control server 2.1
cisco secure access control server 2.5
cisco secure access control server 2.6.2
cisco secure access control server 3.1
cisco secure access control server 3.2.2
cisco secure access control server 3.2\\(1\\)
cisco secure access control server 3.3
cisco secure access control server 3.3\\(1\\)
cisco web collaboration option
hitachi alaxala ax
cisco call manager 3.2
cisco call manager 3.3
cisco call manager 3.3\\(3\\)
cisco unity server 2.46
cisco unity server 3.0
cisco mgx 8250 1.2.10
cisco mgx 8250 1.2.11
cisco remote monitoring suite option
cisco secure access control server 2.4
cisco secure access control server 2.42
cisco secure access control server 3.0.1
cisco secure access control server 3.0.3
cisco secure access control server 3.2\\(3\\)
cisco secure access control server 3.2.1
cisco call manager 3.0
cisco call manager 3.1
cisco unity server 2.1
cisco unity server 2.2
cisco unity server 3.3
cisco unity server 4.0
cisco support tools
cisco call manager 3.1\\(2\\)
cisco call manager 3.1\\(3a\\)
cisco unity server 2.3
cisco unity server 2.4
cisco mgx 8230 1.2.10
cisco mgx 8230 1.2.11
cisco secure access control server 3.3.1
cisco secure access control server 3.3.2
cisco call manager 1.0
cisco call manager 2.0
cisco call manager 4.0
cisco unity server 2.0
cisco unity server 3.1
cisco unity server 3.2
cisco ciscoworks_common_services 2.2
cisco ciscoworks_lms 1.3
nortel callpilot 201i
nortel callpilot 702t
cisco content_services_switch_11501
cisco content_services_switch_11503
nortel optical_metro_5000
nortel optical_metro_5100
cisco ciscoworks_1105_wireless_lan_solution_engine
cisco ciscoworks_cd1 1st
cisco conference_connection 1.2
cisco webns 7.10_\\(05.07\\)s
freebsd freebsd 2.1.0
freebsd freebsd 2.1.5
freebsd freebsd 2.2.4
freebsd freebsd 2.2.5
freebsd freebsd 3.3
freebsd freebsd 3.4
freebsd freebsd 3.5
freebsd freebsd 4.0
freebsd freebsd 4.1
freebsd freebsd 4.10
freebsd freebsd 4.11
freebsd freebsd 4.3
freebsd freebsd 4.5
freebsd freebsd 4.6
freebsd freebsd 4.7
freebsd freebsd 4.8
freebsd freebsd 4.9
freebsd freebsd 5.1
freebsd freebsd 5.3
microsoft windows_2000
microsoft windows_2003_server enterprise
microsoft windows_xp
openbsd openbsd 3.0
cisco ciscoworks_access_control_list_manager 1.5
cisco ciscoworks_access_control_list_manager 1.6
nortel business_communications_manager 1000
nortel business_communications_manager 200
cisco content_services_switch_11000
cisco content_services_switch_11050
nortel 7220_wlan_access_point
nortel 7250_wlan_access_point
nortel ethernet_routing_switch_1612
nortel survivable_remote_gateway 1.0
nortel universal_signaling_point 5200
cisco ciscoworks_cd1 4th
cisco ciscoworks_cd1 5th
cisco webns 7.30_\\(00.09\\)s
freebsd freebsd 1.1.5.1
freebsd freebsd 2.1.7.1
freebsd freebsd 2.2
freebsd freebsd 3.0
freebsd freebsd 3.5.1
freebsd freebsd 4.1.1
freebsd freebsd 4.2
freebsd freebsd 4.4
freebsd freebsd 4.6.2
freebsd freebsd 5.0
freebsd freebsd 5.2
freebsd freebsd 5.4
microsoft windows_2003_server standard
microsoft windows_2003_server standard_64-bit
openbsd openbsd 3.3
openbsd openbsd 3.4
cisco ciscoworks_common_management_foundation 2.0
cisco ciscoworks_common_management_foundation 2.1
cisco ciscoworks_common_management_foundation 2.2
nortel business_communications_manager 400
nortel callpilot 200i
cisco content_services_switch_11150
cisco content_services_switch_11500
nortel ethernet_routing_switch_1624
nortel ethernet_routing_switch_1648
nortel universal_signaling_point compact_lite
cisco ciscoworks_1105_hosting_solution_engine
cisco ciscoworks_windows_wug
cisco conference_connection 1.1\\(1\\)
freebsd freebsd 2.0
freebsd freebsd 2.0.5
freebsd freebsd 2.2.2
freebsd freebsd 2.2.3
freebsd freebsd 3.1
freebsd freebsd 3.2
freebsd freebsd 5.2.1
microsoft windows_2003_server web
openbsd openbsd 3.5
openbsd openbsd 3.6
cisco ciscoworks_vpn_security_management_solution
cisco ciscoworks_windows
nortel callpilot 703t
nortel contact_center
cisco content_services_switch_11506
cisco content_services_switch_11800
nortel optical_metro_5200
nortel succession_communication_server_1000
cisco ciscoworks_cd1 2nd
cisco ciscoworks_cd1 3rd
cisco webns 7.20_\\(03.09\\)s
cisco webns 7.20_\\(03.10\\)s
cisco webns 7.30_\\(00.08\\)s
freebsd freebsd 2.1.6
freebsd freebsd 2.1.6.1
freebsd freebsd 2.2.6
freebsd freebsd 2.2.8
microsoft windows_2003_server enterprise_64-bit
microsoft windows_2003_server r2
openbsd openbsd 3.1
openbsd openbsd 3.2
alaxala alaxala_networks ax5400s
alaxala alaxala_networks ax7800r
alaxala alaxala_networks ax7800s
f5 tmos 4.5
f5 tmos 4.5.10
f5 tmos 9.0
f5 tmos 9.0.1
cisco sn 5420 storage router
hitachi gr3000
hitachi gr4000
yamaha rtx1000
yamaha rtx1100
cisco sn 5420 storage router firmware 1.1\\(7\\)
cisco sn 5420 storage router firmware 1.1.3
f5 tmos 4.0
f5 tmos 4.2
f5 tmos 4.5.6
f5 tmos 4.5.9
f5 tmos 9.0.4
f5 tmos 9.0.5
yamaha rt250i
yamaha rt300i
cisco sn 5420 storage router firmware 1.1\\(2\\)
cisco sn 5420 storage router firmware 1.1\\(3\\)
cisco sn 5428 storage router 2.5.1-k9
cisco sn 5428 storage router 3.2.1-k9
f5 tmos 4.3
f5 tmos 4.4
f5 tmos 4.6
f5 tmos 4.6.2
cisco aironet ap1200
cisco aironet ap350
yamaha rt57i
yamaha rtv700
cisco sn 5420 storage router firmware 1.1\\(4\\)
cisco sn 5420 storage router firmware 1.1\\(5\\)
cisco sn 5428 storage router 3.2.2-k9
cisco sn 5428 storage router 3.3.1-k9
cisco sn 5428 storage router 3.3.2-k9
f5 tmos 4.5.11
f5 tmos 4.5.12
f5 tmos 9.0.2
f5 tmos 9.0.3
hitachi gs4000
yamaha rt105
yamaha rtx1500
yamaha rtx2000
cisco sn 5428 storage router 2-3.3.1-k9
cisco sn 5428 storage router 2-3.3.2-k9

/* * TCP does not adequately validate segments before updating timestamp value * wwwkbcertorg/vuls/id/637934 * * RFC-1323 (TCP Extensions for High Performance) * * 421 defines how the PAWS algorithm should drop packets with invalid * timestamp options: * * R1) If there is a Timestamps option in the arriving segment * and SEGTSval < ...

NVD-CWE-Other http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml http://www.kb.cert.org/vuls/id/637934 http://www.securityfocus.com/bid/13676 http://secunia.com/advisories/15417/http://secunia.com/advisories/15393 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt http://secunia.com/advisories/18222 http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm http://secunia.com/advisories/18662 https://exchange.xforce.ibmcloud.com/vulnerabilities/20635 https://nvd.nist.gov https://www.exploit-db.com/exploits/1008/https://www.kb.cert.org/vuls/id/637934

Get Started

CVE-2005-0356

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect