CVE-2004-0230

Name: CVE-2004-0230
Creator: NVD / NIST
Published: 2004-08-18T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 80.86%

Last modified Jun 16, 2026

CVE-2004-0230 is a vulnerability of currently unknown severity. TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.. EPSS estimates a 80.86% chance of exploitation in the next 30 days.

Description

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

Metrics

EPSS Probability

80.86%

99.6th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions	Update
Juniper	Junos	< 11.4	—
Juniper	Junos	11.4	—
Juniper	Junos	11.4r13	S2
Juniper	Junos	11.4x27	—
Juniper	Junos	12.1	—
Juniper	Junos	12.1r	—
Juniper	Junos	12.1x44	—
Juniper	Junos	12.1x45	—
Juniper	Junos	12.1x46	—
Juniper	Junos	12.1x47	—
Juniper	Junos	12.2	—
Juniper	Junos	12.3	—
Juniper	Junos	13.1	—
Juniper	Junos	13.2	—
Juniper	Junos	13.3	—
Microsoft	Windows 2000	All versions	Sp3
Microsoft	Windows 98	All versions	—
Microsoft	Windows 98se	All versions	—
Microsoft	Windows Server 2003	All versions	—
Microsoft	Windows Xp	All versions	—
Oracle	Solaris	10	—
Oracle	Solaris	11	—
Openpgp	Openpgp	2.6.2	—
Mcafee	Network Data Loss Prevention	<= 8.6	—
Mcafee	Network Data Loss Prevention	9.2.0	—
Mcafee	Network Data Loss Prevention	9.2.1	—
Mcafee	Network Data Loss Prevention	9.2.2	—
Netbsd	Netbsd	1.5	—
Netbsd	Netbsd	1.5.1	—
Netbsd	Netbsd	1.5.2	—
Netbsd	Netbsd	1.5.3	—
Netbsd	Netbsd	1.6	—
Netbsd	Netbsd	1.6.1	—
Netbsd	Netbsd	1.6.2	—
Netbsd	Netbsd	2.0	—
Xinuos	Openserver	5.0.6	—
Xinuos	Openserver	5.0.7	—
Xinuos	Unixware	7.1.1	—
Xinuos	Unixware	7.1.3	—

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.ascBroken Link, Third Party Advisory
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txtBroken Link, Third Party Advisory
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txtBroken Link, Third Party Advisory
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txtBroken Link, Third Party Advisory
ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.ascBroken Link, Third Party Advisory
http://kb.juniper.net/JSA10638Third Party Advisory
http://marc.info/?l=bugtraq&m=108302060014745&w=2Mailing List
http://marc.info/?l=bugtraq&m=108506952116653&w=2Mailing List
http://secunia.com/advisories/11440Broken Link, Permissions Required, Third Party Advisory, VDB Entry
http://secunia.com/advisories/11458Broken Link, Permissions Required, Third Party Advisory, VDB Entry
http://secunia.com/advisories/22341Broken Link, Permissions Required, Third Party Advisory, VDB Entry
http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtmlBroken Link
http://www.kb.cert.org/vuls/id/415294Third Party Advisory, US Government Resource
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlPatch, Third Party Advisory
http://www.osvdb.org/4030Broken Link
http://www.securityfocus.com/archive/1/449179/100/0/threadedBroken Link
http://www.securityfocus.com/bid/10183Exploit, Third Party Advisory, VDB Entry
http://www.uniras.gov.uk/vuls/2004/236929/index.htmBroken Link
http://www.us-cert.gov/cas/techalerts/TA04-111A.htmlThird Party Advisory, US Government Resource
http://www.vupen.com/english/advisories/2006/3983Broken Link, Permissions Required
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019Third Party Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15886Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10053Broken Link, Patch, Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711Broken Link
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.ascBroken Link, Third Party Advisory
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txtBroken Link, Third Party Advisory
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txtBroken Link, Third Party Advisory
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txtBroken Link, Third Party Advisory
ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.ascBroken Link, Third Party Advisory
http://kb.juniper.net/JSA10638Third Party Advisory
http://marc.info/?l=bugtraq&m=108302060014745&w=2Mailing List
http://marc.info/?l=bugtraq&m=108506952116653&w=2Mailing List
http://secunia.com/advisories/11440Broken Link, Permissions Required, Third Party Advisory, VDB Entry
http://secunia.com/advisories/11458Broken Link, Permissions Required, Third Party Advisory, VDB Entry
http://secunia.com/advisories/22341Broken Link, Permissions Required, Third Party Advisory, VDB Entry
http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtmlBroken Link
http://www.kb.cert.org/vuls/id/415294Third Party Advisory, US Government Resource
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlPatch, Third Party Advisory
http://www.osvdb.org/4030Broken Link
http://www.securityfocus.com/archive/1/449179/100/0/threadedBroken Link
http://www.securityfocus.com/bid/10183Exploit, Third Party Advisory, VDB Entry
http://www.uniras.gov.uk/vuls/2004/236929/index.htmBroken Link
http://www.us-cert.gov/cas/techalerts/TA04-111A.htmlThird Party Advisory, US Government Resource
http://www.vupen.com/english/advisories/2006/3983Broken Link, Permissions Required
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019Third Party Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15886Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10053Broken Link, Patch, Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711Broken Link

Timeline

Published: Aug 18, 2004
Last Modified: Jun 16, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2004-0230?

How severe is CVE-2004-0230?

Severity scoring for CVE-2004-0230 is pending analysis. The EPSS model estimates a 80.86% probability of exploitation in the next 30 days.

How do I fix CVE-2004-0230?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2004-0230?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST