CVE-2004-0230

Publication date 18 August 2004

Last updated 24 July 2024

Ubuntu priority

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

Read the notes from the security team

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
quagga	7.04 feisty	Fixed 0.99.6-2ubuntu3.2
	6.10 edgy	Fixed 0.99.4-4ubuntu1.2
	6.06 LTS dapper	Fixed 0.99.2-1ubuntu3.3

How can I get the fixes?
What do statuses mean?

Notes

kees

this does not really affect the Linux TCP stack in any meaningful way. http://lkml.org/lkml/2004/4/21/125 http://lkml.org/lkml/2004/6/25/196

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2004-0230