Search
Get a Demo

published date: April 12, 2005

CVE-2004-0790 : Denial of Service Vulnerability

Description

Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.

Product(s):

  • Microsoft Windows 2000 Service Pack 3
  • Microsoft Windows 2000 SP4 (French)
  • Microsoft windows 2000_sp3
  • Microsoft Windows 2000 Service Pack 3 Advanced Server Edition
  • Microsoft Windows 2000 Service Pack 3 Datacenter Server Edition
  • Microsoft Windows 2000 Service Pack 3 Professional Edition
  • CVSS:5 [Critical]
  • EPSS:79.73%
  • Exploitability:10
  • In KEV:No

Question to Ask Vendors:

  1. Can you confirm whether your systems are affected by CVE-2004-0790, and if so, what steps are you currently taking to mitigate this vulnerability?
  2. What is your estimated timeline for fully resolving CVE-2004-0790 in your products or services, and how will you communicate updates on this issue to us as your customer?

READY TO GET RESULTS YOU CAN TRUST?

Get a Demo Contact Sales