CVE-2005-3774 - Vulnerability Details - OpenCVE

Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Pix

Configuration 1 [-]

OR	cpe:2.3:h:cisco:pix:6.3:::::::*
	cpe:2.3:h:cisco:pix:7.0:::::::*

No data.

References

Link	Providers
http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html
http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html
http://secunia.com/advisories/17670
http://securitytracker.com/id?1015256
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html
http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml
http://www.kb.cert.org/vuls/id/853540
http://www.osvdb.org/24140
http://www.securityfocus.com/archive/1/417458/30/0/threaded
http://www.securityfocus.com/archive/1/426989/100/0/threaded
http://www.securityfocus.com/archive/1/426991/100/0/threaded
http://www.securityfocus.com/archive/1/427041/100/0/threaded
http://www.securityfocus.com/bid/15525
http://www.vupen.com/english/advisories/2005/2546
https://exchange.xforce.ibmcloud.com/vulnerabilities/25077
https://exchange.xforce.ibmcloud.com/vulnerabilities/25079

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-11-23T00:00:00

Updated: 2024-08-07T23:24:36.214Z

Reserved: 2005-11-22T00:00:00

Link: CVE-2005-3774

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2005-11-23T00:03:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2005-3774

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-11-22T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of \"meaningless data,\" or (3) a TTL that is one less than needed to reach the internal destination."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1015256", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1015256"}, {"name": "cisco-pix-ttl-dos(25079)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25079"}, {"name": "cisco-pix-tcp-data-field-dos(25077)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25077"}, {"name": "24140", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/24140"}, {"name": "15525", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/15525"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html"}, {"name": "20060307 Cisco PIX embryonic state machine 1b data DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/426989/100/0/threaded"}, {"name": "20051128 Response to Cisco PIX TCP Connection Prevention", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml"}, {"name": "20060307 Cisco PIX embryonic state machine TTL(n-1) DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/426991/100/0/threaded"}, {"name": "VU#853540", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/853540"}, {"name": "17670", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/17670"}, {"name": "20060307 RE: Cisco PIX embryonic state machine 1b data DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/427041/100/0/threaded"}, {"name": "ADV-2005-2546", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/2546"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/417458/30/0/threaded"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-3774", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of \"meaningless data,\" or (3) a TTL that is one less than needed to reach the internal destination."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1015256", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015256"}, {"name": "cisco-pix-ttl-dos(25079)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25079"}, {"name": "cisco-pix-tcp-data-field-dos(25077)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25077"}, {"name": "24140", "refsource": "OSVDB", "url": "http://www.osvdb.org/24140"}, {"name": "15525", "refsource": "BID", "url": "http://www.securityfocus.com/bid/15525"}, {"name": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html", "refsource": "CONFIRM", "url": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html"}, {"name": "20060307 Cisco PIX embryonic state machine 1b data DoS", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/426989/100/0/threaded"}, {"name": "20051128 Response to Cisco PIX TCP Connection Prevention", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml"}, {"name": "20060307 Cisco PIX embryonic state machine TTL(n-1) DoS", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/426991/100/0/threaded"}, {"name": "VU#853540", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/853540"}, {"name": "17670", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17670"}, {"name": "20060307 RE: Cisco PIX embryonic state machine 1b data DoS", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/427041/100/0/threaded"}, {"name": "ADV-2005-2546", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2546"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/417458/30/0/threaded"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T23:24:36.214Z"}, "title": "CVE Program Container", "references": [{"name": "1015256", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1015256"}, {"name": "cisco-pix-ttl-dos(25079)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25079"}, {"name": "cisco-pix-tcp-data-field-dos(25077)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25077"}, {"name": "24140", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/24140"}, {"name": "15525", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/15525"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html"}, {"name": "20060307 Cisco PIX embryonic state machine 1b data DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/426989/100/0/threaded"}, {"name": "20051128 Response to Cisco PIX TCP Connection Prevention", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml"}, {"name": "20060307 Cisco PIX embryonic state machine TTL(n-1) DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/426991/100/0/threaded"}, {"name": "VU#853540", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/853540"}, {"name": "17670", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/17670"}, {"name": "20060307 RE: Cisco PIX embryonic state machine 1b data DoS", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/427041/100/0/threaded"}, {"name": "ADV-2005-2546", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2005/2546"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/417458/30/0/threaded"}, {"name": "20051122 Cisco PIX TCP Connection Prevention", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-3774", "datePublished": "2005-11-23T00:00:00", "dateReserved": "2005-11-22T00:00:00", "dateUpdated": "2024-08-07T23:24:36.214Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:pix:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "B10C3812-2BA0-4DE3-8793-8F89AD342E30", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "508DECFB-F334-409F-911B-BF8D842D3556", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of \"meaningless data,\" or (3) a TTL that is one less than needed to reach the internal destination."}], "id": "CVE-2005-3774", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-11-23T00:03:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html"}, {"source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/17670"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015256"}, {"source": "cve@mitre.org", "url": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html"}, {"source": "cve@mitre.org", "url": "http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/853540"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/24140"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/417458/30/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/426989/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/426991/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/427041/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/15525"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/2546"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25077"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25079"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17670"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015256"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/853540"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/24140"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/417458/30/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/426989/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/426991/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427041/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/15525"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/2546"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25077"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25079"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}