Vulnerability Details : CVE-2005-1184
The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. NOTE: some followups indicate that this issue could not be replicated.
Vulnerability category: Denial of service
Products affected by CVE-2005-1184
- cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:standard_64-bit:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:standard:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:datacenter_64-bit:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:r2:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:web:sp1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-1184
63.58%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-1184
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
References for CVE-2005-1184
Jump to