Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0790Microsoft Windows 2003 Server vulnerability

8 documents6 sources
Severity
5.0MEDIUMNVD
EPSS
85.1%
top 0.64%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Microsoft Windows 2003 ServerSUN SolarisSUN Sunos
Timeline
PublishedApr 12
Latest updateMay 3

Description

Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based ide

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

NVDsun/sunos5.7, 5.8+1
NVDsun/solaris10.0, 9.0+1

🔴Vulnerability Details

2
GHSA
GHSA-5c86-xw43-gw75: Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages,2022-05-03
CVEList
CVE-2004-0790: Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages,2005-04-13

💥Exploits & PoCs

3
Exploit-DB
Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service (MS05-019)2005-04-20
Exploit-DB
Microsoft Windows - Malformed IP Options Denial of Service (MS05-019)2005-04-17
Exploit-DB
Multiple Vendor ICMP Message Handling - Denial of Service2005-04-12

📋Vendor Advisories

1
Red Hat
security flaw2005-04-12

💬Community

1
Bugzilla
CVE-2004-0791 security flaw2018-08-16
CVE-2004-0790 — Microsoft vulnerability | cvebase