5

CVE-2005-3774

EPSS 35.14%
Veröffentlicht 23.11.2005 00:03:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 19

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Pix Version6.3

Cisco ≫ Pix Version7.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	35.14%	0.967

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html

Vendor Advisory

http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html

http://secunia.com/advisories/17670

http://securitytracker.com/id?1015256

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html

http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml

http://www.kb.cert.org/vuls/id/853540

US Government Resource

http://www.osvdb.org/24140

http://www.securityfocus.com/archive/1/417458/30/0/threaded

http://www.securityfocus.com/archive/1/426989/100/0/threaded

http://www.securityfocus.com/archive/1/426991/100/0/threaded

http://www.securityfocus.com/archive/1/427041/100/0/threaded

http://www.securityfocus.com/bid/15525

http://www.vupen.com/english/advisories/2005/2546

https://exchange.xforce.ibmcloud.com/vulnerabilities/25077

https://exchange.xforce.ibmcloud.com/vulnerabilities/25079

https://nvd.nist.gov/vuln/detail/CVE-2005-3774

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-3774

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-3774

EUVD