TCP Sequence Number Approximation Vulnerability
5
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
04/21/2004
07/25/2018
01/25/2010
03/21/2018
Description
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
Solution(s)
- enable-tcp-md5-sigs
- WINDOWS-HOTFIX-MS05-019-cb2d076c-7acf-446e-8777-c48aa3833a3b
- WINDOWS-HOTFIX-MS05-019-fd05d949-cfb2-4cd4-bf08-24a433e1b162
- WINDOWS-HOTFIX-MS05-019-4324ac78-fdb4-42de-bedf-769a40627897
- WINDOWS-HOTFIX-MS06-064-f12451f5-3f5d-46dc-9718-ecbc7bb6304f
- WINDOWS-HOTFIX-MS06-064-f8de3f26-76db-4cb0-8c38-6bb64630e14b
- WINDOWS-HOTFIX-MS06-064-934591d7-a0f0-4600-9045-15fc0fd578cc
- WINDOWS-HOTFIX-MS06-064-64fc082f-f085-4604-a783-0f4a865d3aa6
- WINDOWS-HOTFIX-MS06-064-a1d1b486-0c12-4ce6-8162-fc9b26acd757
- fix-affected-devices-in-route
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center