1. Home
  2. Security Advisories
  3. Cisco
  4. CISCO-SA-20040420-TCP-NONIOS

[CISCO-SA-20040420-TCP-NONIOS] TCP Vulnerabilities in Multiple Non-IOS Cisco Products

Severity Medium
CVEs 1
Info References Vulnerabilities

A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer), and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, the attack vector does not directly compromise data integrity or confidentiality.

All Cisco products which contain a TCP stack are susceptible to this vulnerability.

This advisory is available at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-nonios ["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-nonios"], and it describes this vulnerability as it applies to Cisco products that do not run Cisco IOS® software.

A companion advisory that describes this vulnerability for products that run Cisco IOS software is available at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-ios ["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-ios"].

ID
CISCO-SA-20040420-TCP-NONIOS
Severity
medium
URL
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-nonios
Published
2004-04-20T21:00:00
(20 years ago)
Modified
2004-04-20T21:00:00
(20 years ago)
Rights
Cisco Systems, Inc.
Other Advisories
Source # ID Name URL
Snort 2523 https://www.snort.org
IPS IP options-Bad Option List http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=1000&signatureSubId=0&releaseVersion=S160&softwareVersion=5.1
IPS IP options-Bad Option List http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=1000&signatureSubId=0&releaseVersion=S160&softwareVersion=6.0
IPS IP Fragment Missing Initial Fragment http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=1204&signatureSubId=0&releaseVersion=S212&softwareVersion=5.1
IPS IP Fragment Missing Initial Fragment http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=1204&signatureSubId=0&releaseVersion=S212&softwareVersion=6.0
IPS IP Fragment Too Many Datagrams http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=1205&signatureSubId=0&releaseVersion=S212&softwareVersion=5.1
IPS IP Fragment Too Many Datagrams http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=1205&signatureSubId=0&releaseVersion=S212&softwareVersion=6.0
IPS IP Fragment Incomplete Datagram http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=1208&signatureSubId=0&releaseVersion=S212&softwareVersion=5.1
IPS IP Fragment Incomplete Datagram http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=1208&signatureSubId=0&releaseVersion=S212&softwareVersion=6.0
IPS Multiple Vendor TCP Connection Reset Denial of Service http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=20499&signatureSubId=0&releaseVersion=S455&softwareVersion=6.0
IPS ICMP Flood http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=2152&signatureSubId=0&releaseVersion=S572&softwareVersion=6.0
IPS Queso Sweep http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=3045&signatureSubId=0&releaseVersion=S507&softwareVersion=6.0
IPS TCP Connection Window Size RST DoS http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=3051&signatureSubId=0&releaseVersion=S591&softwareVersion=6.0
IPS TCP Connection Window Size RST DoS http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=3051&signatureSubId=1&releaseVersion=S591&softwareVersion=6.0
IPS SYN Flood DOS http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=6009&signatureSubId=0&releaseVersion=S593&softwareVersion=6.0
Cisco CSCuq38097 Cisco Bug ID CSCuq38097 https://bst.cisco.com/quickview/bug/CSCuq38097
Cisco CSAF https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-nonios/csaf/cisco-sa-20040420-tcp-nonios.json
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date