CVE-2005-3774 - OpenCVE

Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Pix

Configuration 1 [-]

OR	cpe:2.3:h:cisco:pix:6.3:::::::*
	cpe:2.3:h:cisco:pix:7.0:::::::*

References

Link	Resource
http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html	Vendor Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html
http://secunia.com/advisories/17670
http://securitytracker.com/id?1015256
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html
http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml
http://www.kb.cert.org/vuls/id/853540	US Government Resource
http://www.osvdb.org/24140
http://www.securityfocus.com/archive/1/417458/30/0/threaded
http://www.securityfocus.com/archive/1/426989/100/0/threaded
http://www.securityfocus.com/archive/1/426991/100/0/threaded
http://www.securityfocus.com/archive/1/427041/100/0/threaded
http://www.securityfocus.com/bid/15525
http://www.vupen.com/english/advisories/2005/2546
https://exchange.xforce.ibmcloud.com/vulnerabilities/25077
https://exchange.xforce.ibmcloud.com/vulnerabilities/25079

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2005-11-23T00:00:00

Updated: 2018-10-19T14:57:01

Reserved: 2005-11-22T00:00:00

Link: CVE-2005-3774

JSON object: View

NVD Information

Status : Modified

Published: 2005-11-23T00:03:00.000

Modified: 2018-10-19T15:39:04.887

Link: CVE-2005-3774

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-11-22T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of \"meaningless data,\" or (3) a TTL that is one less than needed to reach the internal destination."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1015256", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1015256"}, {"name": "cisco-pix-ttl-dos(25079)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25079"}, {"name": "cisco-pix-tcp-data-field-dos(25077)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25077"}, {"name": "24140", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/24140"}, {"name": "15525", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/15525"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html"}, {"name": "20060307 Cisco PIX embryonic state machine 1b data DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/426989/100/0/threaded"}, {"name": "20051128 Response to Cisco PIX TCP Connection Prevention", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml"}, {"name": "20060307 Cisco PIX embryonic state machine TTL(n-1) DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/426991/100/0/threaded"}, {"name": "VU#853540", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/853540"}, {"name": "17670", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/17670"}, {"name": "20060307 RE: Cisco PIX embryonic state machine 1b data DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/427041/100/0/threaded"}, {"name": "ADV-2005-2546", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/2546"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/417458/30/0/threaded"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-3774", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of \"meaningless data,\" or (3) a TTL that is one less than needed to reach the internal destination."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1015256", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015256"}, {"name": "cisco-pix-ttl-dos(25079)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25079"}, {"name": "cisco-pix-tcp-data-field-dos(25077)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25077"}, {"name": "24140", "refsource": "OSVDB", "url": "http://www.osvdb.org/24140"}, {"name": "15525", "refsource": "BID", "url": "http://www.securityfocus.com/bid/15525"}, {"name": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html", "refsource": "CONFIRM", "url": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html"}, {"name": "20060307 Cisco PIX embryonic state machine 1b data DoS", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/426989/100/0/threaded"}, {"name": "20051128 Response to Cisco PIX TCP Connection Prevention", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml"}, {"name": "20060307 Cisco PIX embryonic state machine TTL(n-1) DoS", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/426991/100/0/threaded"}, {"name": "VU#853540", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/853540"}, {"name": "17670", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17670"}, {"name": "20060307 RE: Cisco PIX embryonic state machine 1b data DoS", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/427041/100/0/threaded"}, {"name": "ADV-2005-2546", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2546"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/417458/30/0/threaded"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-3774", "datePublished": "2005-11-23T00:00:00", "dateReserved": "2005-11-22T00:00:00", "dateUpdated": "2018-10-19T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:pix:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "B10C3812-2BA0-4DE3-8793-8F89AD342E30", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "508DECFB-F334-409F-911B-BF8D842D3556", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of \"meaningless data,\" or (3) a TTL that is one less than needed to reach the internal destination."}], "id": "CVE-2005-3774", "lastModified": "2018-10-19T15:39:04.887", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-11-23T00:03:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html"}, {"source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/17670"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015256"}, {"source": "cve@mitre.org", "url": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html"}, {"source": "cve@mitre.org", "url": "http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/853540"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/24140"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/417458/30/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/426989/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/426991/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/427041/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/15525"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2546"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25077"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25079"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}