TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netbsd | netbsd | 1.6.1 |
| juniper | junos | 12.1r |
| juniper | junos | 12.2 |
| xinuos | openserver | 5.0.7 |
| netbsd | netbsd | 1.5.1 |
| juniper | junos | * |
| mcafee | network_data_loss_prevention | 9.2.0 |
| xinuos | unixware | 7.1.1 |
| netbsd | netbsd | 1.5.3 |
| netbsd | netbsd | 2.0 |
| juniper | junos | 12.1x46 |
| oracle | solaris | 11 |
| juniper | junos | 11.4x27 |
| microsoft | windows_98 | - |
| netbsd | netbsd | 1.6.2 |
| juniper | junos | 13.2 |
| juniper | junos | 12.1x44 |
| microsoft | windows_server_2003 | - |
| netbsd | netbsd | 1.5 |
| juniper | junos | 12.3 |
| juniper | junos | 12.1x45 |
| juniper | junos | 11.4 |
| juniper | junos | 12.1x47 |
| microsoft | windows_98se | - |
| openpgp | openpgp | 2.6.2 |
| oracle | solaris | 10 |
| mcafee | network_data_loss_prevention | * |
| mcafee | network_data_loss_prevention | 9.2.1 |
| juniper | junos | 12.1 |
| xinuos | unixware | 7.1.3 |
| xinuos | openserver | 5.0.6 |
| juniper | junos | 11.4r13 |
| netbsd | netbsd | 1.6 |
| netbsd | netbsd | 1.5.2 |
| microsoft | windows_xp | - |
| juniper | junos | 13.1 |
| mcafee | network_data_loss_prevention | 9.2.2 |
| microsoft | windows_2000 | - |
| juniper | junos | 13.3 |