CVE-2005-0356
Last modified
CVE-2005-0356 is a vulnerability of currently unknown severity. Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.. EPSS estimates a 83.28% chance of exploitation in the next 30 days.
Description
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Cisco | Agent Desktop | All versions | — |
| Cisco | E-Mail Manager | All versions | — |
| Cisco | Emergency Responder | 1.1 | — |
| Cisco | Intelligent Contact Manager | 5.0 | — |
| Cisco | Interactive Voice Response | All versions | — |
| Cisco | Ip Contact Center Enterprise | All versions | — |
| Cisco | Ip Contact Center Express | All versions | — |
| Cisco | Meetingplace | All versions | — |
| Cisco | Personal Assistant | 1.3\(1\) | — |
| Cisco | Personal Assistant | 1.3\(2\) | — |
| Cisco | Personal Assistant | 1.3\(3\) | — |
| Cisco | Personal Assistant | 1.3\(4\) | — |
| Cisco | Personal Assistant | 1.4\(1\) | — |
| Cisco | Personal Assistant | 1.4\(2\) | — |
| Cisco | Remote Monitoring Suite Option | All versions | — |
| Cisco | Secure Access Control Server | 2.0 | — |
| Cisco | Secure Access Control Server | 2.1 | — |
| Cisco | Secure Access Control Server | 2.3 | — |
| Cisco | Secure Access Control Server | 2.3.5.1 | — |
| Cisco | Secure Access Control Server | 2.3.6.1 | — |
| Cisco | Secure Access Control Server | 2.4 | — |
| Cisco | Secure Access Control Server | 2.5 | — |
| Cisco | Secure Access Control Server | 2.6 | — |
| Cisco | Secure Access Control Server | 2.6.2 | — |
| Cisco | Secure Access Control Server | 2.6.3 | — |
| Cisco | Secure Access Control Server | 2.6.4 | — |
| Cisco | Secure Access Control Server | 2.42 | — |
| Cisco | Secure Access Control Server | 3.0 | — |
| Cisco | Secure Access Control Server | 3.0.1 | — |
| Cisco | Secure Access Control Server | 3.0.3 | — |
| Cisco | Secure Access Control Server | 3.1 | — |
| Cisco | Secure Access Control Server | 3.1.1 | — |
| Cisco | Secure Access Control Server | 3.2 | — |
| Cisco | Secure Access Control Server | 3.2\(1\) | — |
| Cisco | Secure Access Control Server | 3.2\(1.20\) | — |
| Cisco | Secure Access Control Server | 3.2\(2\) | — |
| Cisco | Secure Access Control Server | 3.2\(3\) | — |
| Cisco | Secure Access Control Server | 3.2.1 | — |
| Cisco | Secure Access Control Server | 3.2.2 | — |
| Cisco | Secure Access Control Server | 3.3 | — |
| Cisco | Secure Access Control Server | 3.3\(1\) | — |
| Cisco | Secure Access Control Server | 3.3.1 | — |
| Cisco | Secure Access Control Server | 3.3.2 | — |
| Cisco | Support Tools | All versions | — |
| Cisco | Web Collaboration Option | All versions | — |
| Hitachi | Alaxala | ax | — |
| Cisco | Call Manager | 1.0 | — |
| Cisco | Call Manager | 2.0 | — |
| Cisco | Call Manager | 3.0 | — |
| Cisco | Call Manager | 3.1 | — |
Showing 50 of 229 affected configurations. See NVD for the full list.
References
- http://www.kb.cert.org/vuls/id/637934Third Party Advisory, US Government Resource
- http://www.kb.cert.org/vuls/id/637934Third Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2005-0356?
How severe is CVE-2005-0356?
How do I fix CVE-2005-0356?
Are you affected by CVE-2005-0356?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST