Rapid7 Vulnerability & Exploit Database

TCP Sequence Number Approximation Vulnerability

Back to Search

TCP Sequence Number Approximation Vulnerability

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
04/21/2004
Created
07/25/2018
Added
01/25/2010
Modified
03/21/2018

Description

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

Solution(s)

  • enable-tcp-md5-sigs
  • WINDOWS-HOTFIX-MS05-019-cb2d076c-7acf-446e-8777-c48aa3833a3b
  • WINDOWS-HOTFIX-MS05-019-fd05d949-cfb2-4cd4-bf08-24a433e1b162
  • WINDOWS-HOTFIX-MS05-019-4324ac78-fdb4-42de-bedf-769a40627897
  • WINDOWS-HOTFIX-MS06-064-f12451f5-3f5d-46dc-9718-ecbc7bb6304f
  • WINDOWS-HOTFIX-MS06-064-f8de3f26-76db-4cb0-8c38-6bb64630e14b
  • WINDOWS-HOTFIX-MS06-064-934591d7-a0f0-4600-9045-15fc0fd578cc
  • WINDOWS-HOTFIX-MS06-064-64fc082f-f085-4604-a783-0f4a865d3aa6
  • WINDOWS-HOTFIX-MS06-064-a1d1b486-0c12-4ce6-8162-fc9b26acd757
  • fix-affected-devices-in-route

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;