CVE-2005-0356

Description

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.

Affected products

• alaxala / alaxala_networksax7800s – ax7800s
• alaxala / alaxala_networksax7800r – ax7800r
• alaxala / alaxala_networksax5400s – ax5400s
• Cisco / agent_desktop
• Cisco / aironet_ap1200
• Cisco / aironet_ap350
• Cisco / call_manager3.1 – 3.1
• Cisco / call_manager4.0 – 4.0
• Cisco / call_manager3.3(3) – 3.3(3)
• Cisco / call_manager3.3 – 3.3
• Cisco / call_manager3.2 – 3.2
• Cisco / call_manager3.1(3a) – 3.1(3a)
• Cisco / call_manager3.1(2) – 3.1(2)
• Cisco / call_manager1.0 – 1.0
• Cisco / call_manager2.0 – 2.0
• Cisco / call_manager3.0 – 3.0
• Cisco / ciscoworks_1105_hosting_solution_engine
• Cisco / ciscoworks_1105_wireless_lan_solution_engine
• Cisco / ciscoworks_access_control_list_manager1.6 – 1.6
• Cisco / ciscoworks_access_control_list_manager1.5 – 1.5
• Cisco / ciscoworks_cd13rd – 3rd
• Cisco / ciscoworks_cd12nd – 2nd
• Cisco / ciscoworks_cd14th – 4th
• Cisco / ciscoworks_cd15th – 5th
• Cisco / ciscoworks_cd11st – 1st
• Cisco / ciscoworks_common_management_foundation2.0 – 2.0
• Cisco / ciscoworks_common_management_foundation2.2 – 2.2
• Cisco / ciscoworks_common_management_foundation2.1 – 2.1
• Cisco / ciscoworks_common_services2.2 – 2.2
• Cisco / ciscoworks_lms1.3 – 1.3
• Cisco / ciscoworks_vpn_security_management_solution
• Cisco / ciscoworks_windows
• Cisco / ciscoworks_windows_wug
• Cisco / conference_connection1.1(1) – 1.1(1)
• Cisco / conference_connection1.2 – 1.2
• Cisco / content_services_switch_11000
• Cisco / content_services_switch_11050
• Cisco / content_services_switch_11150
• Cisco / content_services_switch_11500
• Cisco / content_services_switch_11501
• Cisco / content_services_switch_11503
• Cisco / content_services_switch_11506
• Cisco / content_services_switch_11800
• Cisco / e-mail_manager
• Cisco / emergency_responder1.1 – 1.1
• Cisco / intelligent_contact_manager5.0 – 5.0
• Cisco / interactive_voice_response
• Cisco / ip_contact_center_enterprise
• Cisco / ip_contact_center_express
• Cisco / meetingplace
• Cisco / mgx_82301.2.10 – 1.2.10
• Cisco / mgx_82301.2.11 – 1.2.11
• Cisco / mgx_82501.2.10 – 1.2.10
• Cisco / mgx_82501.2.11 – 1.2.11
• Cisco / personal_assistant1.4(2) – 1.4(2)
• Cisco / personal_assistant1.3(1) – 1.3(1)
• Cisco / personal_assistant1.3(2) – 1.3(2)
• Cisco / personal_assistant1.3(3) – 1.3(3)
• Cisco / personal_assistant1.3(4) – 1.3(4)
• Cisco / personal_assistant1.4(1) – 1.4(1)
• Cisco / remote_monitoring_suite_option
• Cisco / secure_access_control_server2.1 – 2.1
• Cisco / secure_access_control_server2.3 – 2.3
• Cisco / secure_access_control_server2.3.5.1 – 2.3.5.1
• Cisco / secure_access_control_server2.3.6.1 – 2.3.6.1
• Cisco / secure_access_control_server2.4 – 2.4
• Cisco / secure_access_control_server2.5 – 2.5
• Cisco / secure_access_control_server2.6 – 2.6
• Cisco / secure_access_control_server2.6.2 – 2.6.2
• Cisco / secure_access_control_server2.6.3 – 2.6.3
• Cisco / secure_access_control_server2.6.4 – 2.6.4
• Cisco / secure_access_control_server2.42 – 2.42
• Cisco / secure_access_control_server3.0 – 3.0
• Cisco / secure_access_control_server3.0 – 3.0
• Cisco / secure_access_control_server3.0.1 – 3.0.1
• Cisco / secure_access_control_server3.0.3 – 3.0.3
• Cisco / secure_access_control_server3.1 – 3.1
• Cisco / secure_access_control_server3.1.1 – 3.1.1
• Cisco / secure_access_control_server3.2 – 3.2
• Cisco / secure_access_control_server3.2 – 3.2
• Cisco / secure_access_control_server3.2(1) – 3.2(1)
• Cisco / secure_access_control_server3.2(1.20) – 3.2(1.20)
• Cisco / secure_access_control_server3.2(2) – 3.2(2)
• Cisco / secure_access_control_server3.2(3) – 3.2(3)
• Cisco / secure_access_control_server3.2.1 – 3.2.1
• Cisco / secure_access_control_server3.2.2 – 3.2.2
• Cisco / secure_access_control_server3.3 – 3.3
• Cisco / secure_access_control_server3.3(1) – 3.3(1)
• Cisco / secure_access_control_server3.3.1 – 3.3.1
• Cisco / secure_access_control_server3.3.2 – 3.3.2
• Cisco / secure_access_control_server2.0 – 2.0
• Cisco / secure_access_control_server2.3 – 2.3
• Cisco / sn_5420_storage_router
• Cisco / sn_5420_storage_router_firmware1.1.3 – 1.1.3
• Cisco / sn_5420_storage_router_firmware1.1(7) – 1.1(7)
• Cisco / sn_5420_storage_router_firmware1.1(2) – 1.1(2)
• Cisco / sn_5420_storage_router_firmware1.1(3) – 1.1(3)
• Cisco / sn_5420_storage_router_firmware1.1(4) – 1.1(4)
• Cisco / sn_5420_storage_router_firmware1.1(5) – 1.1(5)
• Cisco / sn_5428_storage_router3.3.1-k9 – 3.3.1-k9
• Cisco / sn_5428_storage_router2-3.3.1-k9 – 2-3.3.1-k9
• Cisco / sn_5428_storage_router3.2.2-k9 – 3.2.2-k9
• Cisco / sn_5428_storage_router2-3.3.2-k9 – 2-3.3.2-k9
• Cisco / sn_5428_storage_router2.5.1-k9 – 2.5.1-k9
• Cisco / sn_5428_storage_router3.2.1-k9 – 3.2.1-k9
• Cisco / sn_5428_storage_router3.3.2-k9 – 3.3.2-k9
• Cisco / support_tools
• Cisco / unity_server3.0 – 3.0
• Cisco / unity_server2.4 – 2.4
• Cisco / unity_server2.3 – 2.3
• Cisco / unity_server2.2 – 2.2
• Cisco / unity_server2.1 – 2.1
• Cisco / unity_server2.0 – 2.0
• Cisco / unity_server4.0 – 4.0
• Cisco / unity_server2.46 – 2.46
• Cisco / unity_server3.3 – 3.3
• Cisco / unity_server3.2 – 3.2
• Cisco / unity_server3.1 – 3.1
• Cisco / web_collaboration_option
• Cisco / webns7.20_(03.10)s – 7.20_(03.10)s
• Cisco / webns7.10_(05.07)s – 7.10_(05.07)s
• Cisco / webns7.30_(00.09)s – 7.30_(00.09)s
• Cisco / webns7.30_(00.08)s – 7.30_(00.08)s
• Cisco / webns7.20_(03.09)s – 7.20_(03.09)s
• F5 / tmos9.0.1 – 9.0.1
• F5 / tmos4.6.2 – 4.6.2
• F5 / tmos4.6 – 4.6
• F5 / tmos4.5.12 – 4.5.12
• F5 / tmos4.5.11 – 4.5.11
• F5 / tmos4.5.10 – 4.5.10
• F5 / tmos4.5.9 – 4.5.9
• F5 / tmos4.5.6 – 4.5.6
• F5 / tmos4.5 – 4.5
• F5 / tmos4.4 – 4.4
• F5 / tmos4.3 – 4.3
• F5 / tmos4.2 – 4.2
• F5 / tmos4.0 – 4.0
• F5 / tmos9.0 – 9.0
• F5 / tmos9.0.2 – 9.0.2
• F5 / tmos9.0.3 – 9.0.3
• F5 / tmos9.0.4 – 9.0.4
• F5 / tmos9.0.5 – 9.0.5
• FreeBSD / FreeBSD4.7 – 4.7
• FreeBSD / FreeBSD1.1.5.1 – 1.1.5.1
• FreeBSD / FreeBSD2.0 – 2.0
• FreeBSD / FreeBSD2.0.5 – 2.0.5
• FreeBSD / FreeBSD2.1.0 – 2.1.0
• FreeBSD / FreeBSD2.1.5 – 2.1.5
• FreeBSD / FreeBSD2.1.6 – 2.1.6
• FreeBSD / FreeBSD2.1.6.1 – 2.1.6.1
• FreeBSD / FreeBSD2.1.7.1 – 2.1.7.1
• FreeBSD / FreeBSD2.2 – 2.2
• FreeBSD / FreeBSD2.2.2 – 2.2.2
• FreeBSD / FreeBSD2.2.3 – 2.2.3
• FreeBSD / FreeBSD2.2.4 – 2.2.4
• FreeBSD / FreeBSD2.2.5 – 2.2.5
• FreeBSD / FreeBSD2.2.6 – 2.2.6
• FreeBSD / FreeBSD2.2.8 – 2.2.8
• FreeBSD / FreeBSD3.0 – 3.0
• FreeBSD / FreeBSD3.0 – 3.0
• FreeBSD / FreeBSD3.1 – 3.1
• FreeBSD / FreeBSD3.2 – 3.2
• FreeBSD / FreeBSD3.3 – 3.3
• FreeBSD / FreeBSD3.4 – 3.4
• FreeBSD / FreeBSD3.5 – 3.5
• FreeBSD / FreeBSD3.5 – 3.5
• FreeBSD / FreeBSD3.5.1 – 3.5.1
• FreeBSD / FreeBSD3.5.1 – 3.5.1
• FreeBSD / FreeBSD3.5.1 – 3.5.1
• FreeBSD / FreeBSD4.0 – 4.0
• FreeBSD / FreeBSD4.0 – 4.0
• FreeBSD / FreeBSD4.0 – 4.0
• FreeBSD / FreeBSD4.1 – 4.1
• FreeBSD / FreeBSD4.1.1 – 4.1.1
• FreeBSD / FreeBSD4.1.1 – 4.1.1
• FreeBSD / FreeBSD4.1.1 – 4.1.1
• FreeBSD / FreeBSD4.2 – 4.2
• FreeBSD / FreeBSD4.2 – 4.2
• FreeBSD / FreeBSD4.3 – 4.3
• FreeBSD / FreeBSD4.3 – 4.3
• FreeBSD / FreeBSD4.3 – 4.3
• FreeBSD / FreeBSD4.3 – 4.3
• FreeBSD / FreeBSD4.3 – 4.3
• FreeBSD / FreeBSD4.4 – 4.4
• FreeBSD / FreeBSD4.4 – 4.4
• FreeBSD / FreeBSD4.4 – 4.4
• FreeBSD / FreeBSD4.4 – 4.4
• FreeBSD / FreeBSD4.5 – 4.5
• FreeBSD / FreeBSD4.5 – 4.5
• FreeBSD / FreeBSD4.5 – 4.5
• FreeBSD / FreeBSD4.5 – 4.5
• FreeBSD / FreeBSD4.5 – 4.5
• FreeBSD / FreeBSD4.6 – 4.6
• FreeBSD / FreeBSD4.6 – 4.6
• FreeBSD / FreeBSD4.6 – 4.6
• FreeBSD / FreeBSD4.6 – 4.6
• FreeBSD / FreeBSD4.6 – 4.6
• FreeBSD / FreeBSD4.6.2 – 4.6.2
• FreeBSD / FreeBSD4.7 – 4.7
• FreeBSD / FreeBSD4.7 – 4.7
• FreeBSD / FreeBSD4.7 – 4.7
• FreeBSD / FreeBSD4.7 – 4.7
• FreeBSD / FreeBSD4.8 – 4.8
• FreeBSD / FreeBSD4.8 – 4.8
• FreeBSD / FreeBSD4.8 – 4.8
• FreeBSD / FreeBSD4.8 – 4.8
• FreeBSD / FreeBSD4.9 – 4.9
• FreeBSD / FreeBSD4.9 – 4.9
• FreeBSD / FreeBSD4.9 – 4.9
• FreeBSD / FreeBSD4.10 – 4.10
• FreeBSD / FreeBSD4.10 – 4.10
• FreeBSD / FreeBSD4.10 – 4.10
• FreeBSD / FreeBSD4.10 – 4.10
• FreeBSD / FreeBSD4.11 – 4.11
• FreeBSD / FreeBSD4.11 – 4.11
• FreeBSD / FreeBSD4.11 – 4.11
• FreeBSD / FreeBSD5.0 – 5.0
• FreeBSD / FreeBSD5.0 – 5.0
• FreeBSD / FreeBSD5.0 – 5.0
• FreeBSD / FreeBSD5.0 – 5.0
• FreeBSD / FreeBSD5.1 – 5.1
• FreeBSD / FreeBSD5.1 – 5.1
• FreeBSD / FreeBSD5.1 – 5.1
• FreeBSD / FreeBSD5.1 – 5.1
• FreeBSD / FreeBSD5.1 – 5.1
• FreeBSD / FreeBSD5.2 – 5.2
• FreeBSD / FreeBSD5.2.1 – 5.2.1
• FreeBSD / FreeBSD5.2.1 – 5.2.1
• FreeBSD / FreeBSD5.3 – 5.3
• FreeBSD / FreeBSD5.3 – 5.3
• FreeBSD / FreeBSD5.3 – 5.3
• FreeBSD / FreeBSD5.3 – 5.3
• FreeBSD / FreeBSD5.4 – 5.4
• FreeBSD / FreeBSD5.4 – 5.4
• Hitachi / alaxalaax – ax
• Hitachi / gr3000
• Hitachi / gr4000
• Hitachi / gs4000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2000
• Microsoft / windows_2003_serverstandard – standard
• Microsoft / windows_2003_serverenterprise – enterprise
• Microsoft / windows_2003_serverweb – web
• Microsoft / windows_2003_serverstandard_64-bit – standard_64-bit
• Microsoft / windows_2003_serverenterprise_64-bit – enterprise_64-bit
• Microsoft / windows_2003_serverr2 – r2
• Microsoft / windows_2003_serverr2 – r2
• Microsoft / windows_xp
• Microsoft / windows_xp
• Microsoft / windows_xp
• Microsoft / windows_xp
• Microsoft / windows_xp
• Microsoft / windows_xp
• Microsoft / windows_xp
• Microsoft / windows_xp
• Microsoft / windows_xp
• Microsoft / windows_xp
• nortel / 7220_wlan_access_point
• nortel / 7250_wlan_access_point
• nortel / business_communications_manager1000 – 1000
• nortel / business_communications_manager400 – 400
• nortel / business_communications_manager200 – 200
• nortel / callpilot201i – 201i
• nortel / callpilot703t – 703t
• nortel / callpilot200i – 200i
• nortel / callpilot702t – 702t
• nortel / contact_center
• nortel / ethernet_routing_switch_1612
• nortel / ethernet_routing_switch_1624
• nortel / ethernet_routing_switch_1648
• nortel / optical_metro_5000
• nortel / optical_metro_5100
• nortel / optical_metro_5200
• nortel / succession_communication_server_1000
• nortel / survivable_remote_gateway1.0 – 1.0
• nortel / universal_signaling_pointcompact_lite – compact_lite
• nortel / universal_signaling_point5200 – 5200
• OpenBSD / OpenBSD3.0 – 3.0
• OpenBSD / OpenBSD3.6 – 3.6
• OpenBSD / OpenBSD3.5 – 3.5
• OpenBSD / OpenBSD3.4 – 3.4
• OpenBSD / OpenBSD3.3 – 3.3
• OpenBSD / OpenBSD3.2 – 3.2
• OpenBSD / OpenBSD3.1 – 3.1
• yamaha / rt105
• yamaha / rt250i
• yamaha / rt300i
• yamaha / rt57i
• yamaha / rtv700
• yamaha / rtx1000
• yamaha / rtx1100
• yamaha / rtx1500
• yamaha / rtx2000

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/20635
• VENDOR_ADVISORYhttp://secunia.com/advisories/15393
• MISChttp://www.kb.cert.org/vuls/id/637934
• VENDOR_ADVISORYhttp://secunia.com/advisories/15417/
• VENDOR_ADVISORYhttp://secunia.com/advisories/18662
• MISCftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt
• VENDOR_ADVISORYftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc
• MISChttp://www.securityfocus.com/bid/13676
• VENDOR_ADVISORYhttp://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml
• VENDOR_ADVISORYhttp://secunia.com/advisories/18222
• MISChttp://support.avaya.com/elmodocs2/security/ASA-2006-032.htm