Contents of /retired/CVE-2004-0790

Candidate: CVE-2004-0790
References: 
 MISC:http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt
 MISC:http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?lang=en
 MISC:http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
 HP:HPSBTU01210
 URL:http://marc.theaimsgroup.com/?l=bugtraq&m=112861397904255&w=2
 HP:SSRT4743
 URL:http://marc.theaimsgroup.com/?l=bugtraq&m=112861397904255&w=2
 HP:SSRT4884
 URL:http://marc.theaimsgroup.com/?l=bugtraq&m=112861397904255&w=2
 MS:MS05-019
 URL:http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx
 SUNALERT:57746
 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57746-1
 OVAL:OVAL3458
 URL:http://oval.mitre.org/oval/definitions/data/oval3458.html
 OVAL:OVAL1910
 URL:http://oval.mitre.org/oval/definitions/data/oval1910.html
 OVAL:OVAL4804
 URL:http://oval.mitre.org/oval/definitions/data/oval4804.html
Description: 
 Multiple TCP/IP and ICMP implementations allow remote attackers to cause a
 denial of service (reset TCP connections) via spoofed ICMP error messages, aka
 the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and
 CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065,
 CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that
 are SPLIT based on the underlying vulnerability. While CVE normally SPLITs
 based on vulnerability, the attack-based identifiers exist due to the variety
 and number of affected implementations and solutions that address the attacks
 instead of the underlying vulnerabilities.
Notes: 
Bugs: 305655 305664
upstream: 
linux-2.6: 
2.6.8-sarge-security: released (2.6.8-16) [net-ipv4-icmp-quench.dpatch]
2.4.27-sarge-security: released (2.4.27-10) [164_net-ipv4-icmp-quench.diff]
2.4.19-woody-security: 
2.4.18-woody-security: 
2.4.17-woody-security: 
2.4.16-woody-security: 
2.4.17-woody-security-hppa: 
2.4.17-woody-security-ia64: 
2.4.18-woody-security-hppa: 
1	Candidate: CVE-2004-0790
2	References:
3	MISC:http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt
4	MISC:http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?lang=en
5	MISC:http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
6	HP:HPSBTU01210
7	URL:http://marc.theaimsgroup.com/?l=bugtraq&m=112861397904255&w=2
8	HP:SSRT4743
9	URL:http://marc.theaimsgroup.com/?l=bugtraq&m=112861397904255&w=2
10	HP:SSRT4884
11	URL:http://marc.theaimsgroup.com/?l=bugtraq&m=112861397904255&w=2
12	MS:MS05-019
13	URL:http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx
14	SUNALERT:57746
15	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57746-1
16	OVAL:OVAL3458
17	URL:http://oval.mitre.org/oval/definitions/data/oval3458.html
18	OVAL:OVAL1910
19	URL:http://oval.mitre.org/oval/definitions/data/oval1910.html
20	OVAL:OVAL4804
21	URL:http://oval.mitre.org/oval/definitions/data/oval4804.html
22	Description:
23	Multiple TCP/IP and ICMP implementations allow remote attackers to cause a
24	denial of service (reset TCP connections) via spoofed ICMP error messages, aka
25	the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and
26	CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065,
27	CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that
28	are SPLIT based on the underlying vulnerability. While CVE normally SPLITs
29	based on vulnerability, the attack-based identifiers exist due to the variety
30	and number of affected implementations and solutions that address the attacks
31	instead of the underlying vulnerabilities.
32	Notes:
33	Bugs: 305655 305664
34	upstream:
35	linux-2.6:
36	2.6.8-sarge-security: released (2.6.8-16) [net-ipv4-icmp-quench.dpatch]
37	2.4.27-sarge-security: released (2.4.27-10) [164_net-ipv4-icmp-quench.diff]
38	2.4.19-woody-security:
39	2.4.18-woody-security:
40	2.4.17-woody-security:
41	2.4.16-woody-security:
42	2.4.17-woody-security-hppa:
43	2.4.17-woody-security-ia64:
44	2.4.18-woody-security-hppa: