| Vulnerability Name: | CVE-2004-1060 (CCN-18499) | ||||||||||||||||||||||||||||||||||||||||
| Assigned: | 2004-04-12 | ||||||||||||||||||||||||||||||||||||||||
| Published: | 2004-04-12 | ||||||||||||||||||||||||||||||||||||||||
| Updated: | 2018-10-19 | ||||||||||||||||||||||||||||||||||||||||
| Summary: | Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." Note: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. | ||||||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||||||||||||||||||||||||||||||||||
| References: | Source: SCO Type: UNKNOWN SCOSA-2006.4 Source: MITRE Type: CNA CVE-2004-1060 Source: CCN Type: The Internet Society Web site ICMP attacks against TCP Source: HP Type: UNKNOWN SSRT4743 Source: CCN Type: NetApp Web site NetApp On the Web Source: CCN Type: SA18317 SCO OpenServer ICMP Message Handling Denial of Service Source: SECUNIA Type: UNKNOWN 18317 Source: SREASON Type: UNKNOWN 19 Source: SREASON Type: UNKNOWN 57 Source: CCN Type: CIAC INFORMATION BULLETIN P-181 Cisco Products Vulnerable to DoS via Crafted ICMP Messages Source: CCN Type: cisco-sa-20050412-icmp Crafted ICMP Messages Can Cause Denial of Service Source: CISCO Type: Vendor Advisory 20050412 Crafted ICMP Messages Can Cause Denial of Service Source: CCN Type: Gont's Web site Gont's web site - Drafts - ICMP attacks against TCP Source: MISC Type: Vendor Advisory http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html Source: CCN Type: Microsoft Security Bulletin MS05-019 Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066) Source: CCN Type: Microsoft Security Bulletin MS06-032 Vulnerability in TCP/IP Could Allow Remote Code Execution (917953) Source: CCN Type: Microsoft Security Bulletin MS08-001 Vulnerabilities in TCP/IP Could Allow Remote Code Execution (941644) Source: CCN Type: Microsoft Security Bulletin MS08-004 Vulnerability in Windows TCP/IP Could Allow Denial of Service (946456) Source: HP Type: UNKNOWN HPSBUX01164 Source: BID Type: UNKNOWN 13124 Source: CCN Type: BID-13124 Multiple Vendor TCP/IP Implementation ICMP Remote Denial Of Service Vulnerabilities Source: CCN Type: TCP/IP Guide Web site The TCP/IP Guide - IP Message Fragmentation Process Source: MISC Type: Vendor Advisory http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?lang=en Source: CCN Type: Hewlett-Packard Company Web site IT Resource Center - login / register Source: MS Type: UNKNOWN MS05-019 Source: XF Type: UNKNOWN icmp-nofragment-lowmtu-dos(18499) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:181 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:196 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:2188 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:3826 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:405 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:5386 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:651 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:780 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:899 | ||||||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||||||