Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-1184

4 documents4 sources

Severity

5.0MEDIUM

EPSS

63.7%

top 1.58%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Windows 2003 Server Microsoft Windows NT

Timeline

PublishedMay 2

Latest updateMay 1

Description

The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. NOTE: some followups indicate that this issue could not be replicated.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDmicrosoft/windows_nt4.0

▶NVDmicrosoft/windows_2003_server7 versions+6

🔴Vulnerability Details

GHSA

GHSA-38jq-w6gg-wjm2: The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correc↗2022-05-01

▶

CVEList

CVE-2005-1184: The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correc↗2005-04-19

▶

💥Exploits & PoCs

Exploit-DB

Multiple Vendor - TCP Session Acknowledgement Number Denial of Service↗2004-12-13

▶