CVE-2004-0230

Exp

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

Published: 2004-08-18 Last update: 2025-05-02 Assigner: [email protected] Source: [email protected]
NVD Status:AnalyzedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2004-0230 is rated High Exploit Risk (69.1/100): CVSS Medium severity, with high exploitation likelihood (EPSS 10.73%, 93th percentile). 8 public exploit reference(s) are indexed (Exploit-DB). EPSS rose +1.42% over the last day, indicating growing attacker interest. Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2004-0230

EDB-ID Source Kind Published Link
942 exploit_db edb 2005-04-17 Exploit-DB ↗
24033 exploit_db edb 2004-04-23 Exploit-DB ↗
291 exploit_db edb 2004-04-23 Exploit-DB ↗
276 exploit_db edb 2004-04-22 Exploit-DB ↗
24032 exploit_db edb 2004-04-20 Exploit-DB ↗
24031 exploit_db edb 2004-04-20 Exploit-DB ↗
24030 exploit_db edb 2004-03-05 Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2004-0230

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-11 9.32% 10.73% +1.42%
2 2026-01-08 9.61% 9.32% -0.29%
3 2025-12-28 9.61%

Full EPSS history (21 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2004-0230

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
5.0 2.0 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:P)
Partial availability impact.
 10.0 2.9 [email protected]

Weakness enumeration for CVE-2004-0230

OS Trackers for CVE-2004-0230

vendor priority summary link
debian unimportant CVE-2004-0230 unimportant priority: Debian including 1 source packages (linux), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): open 5. https://security-tracker.debian.org/tracker/CVE-2004-0230
redhat https://access.redhat.com/security/cve/CVE-2004-0230
suse low CVE-2004-0230 severity low: SUSE including 123 source package names (cluster-md-kmp-default, dlm-kmp-default, …), 456 product×package rows across 60 product lines (SLES-LTSS-TERADATA 15 SP2, SUSE Linux Enterprise Desktop 12, … (60 product lines)): Known Not Affected 266, Fixed 190. https://www.suse.com/security/cve/CVE-2004-0230/
ubuntu medium CVE-2004-0230 medium priority: Ubuntu including 1 source packages (quagga), 4 status rows across 4 suites (dapper, edgy, feisty, upstream): released 3, needs-triage 1. https://ubuntu.com/security/CVE-2004-0230

NVD evaluator notes for CVE-2004-0230

Comment: <a href="https://cwe.mitre.org/data/definitions/331.html">CWE-331: Insufficient Entropy</a>

Vendor comments (NVD) for CVE-2004-0230

  • Red Hat (2006-08-16T00:00:00)

    The DHS advisory is a good source of background information about the issue: http://www.us-cert.gov/cas/techalerts/TA04-111A.html It is important to note that the issue described is a known function of TCP. In order to perform a connection reset an attacker would need to know the source and destination ip address and ports as well as being able to guess the sequence number within the window. These requirements seriously reduce the ability to trigger a connection reset on normal TCP connections. The DHS advisory explains that BGP routing is a specific case where being able to trigger a reset is easier than expected as the end points can be easily determined and large window sizes are used. BGP routing is also signficantly affected by having it’s connections terminated. The major BGP peers have recently switched to requiring md5 signatures which mitigates against this attack. The following article from Linux Weekly News also puts the flaw into context and shows why it does not pose a significant threat: http://lwn.net/Articles/81560/ Red Hat does not have any plans for action regarding this issue.

Affected software / configurations for CVE-2004-0230

Vendor Product Version Raw CPE
juniper junos < 11.4 cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*
juniper junos 11.4 cpe:2.3:o:juniper:junos:11.4:-:*:*:*:*:*:*
juniper junos 11.4 cpe:2.3:o:juniper:junos:11.4:r1:*:*:*:*:*:*
juniper junos 11.4 cpe:2.3:o:juniper:junos:11.4:r10:*:*:*:*:*:*
juniper junos 11.4 cpe:2.3:o:juniper:junos:11.4:r2:*:*:*:*:*:*
juniper junos 11.4 cpe:2.3:o:juniper:junos:11.4:r3:*:*:*:*:*:*
juniper junos 11.4 cpe:2.3:o:juniper:junos:11.4:r4:*:*:*:*:*:*
juniper junos 11.4 cpe:2.3:o:juniper:junos:11.4:r5:*:*:*:*:*:*
juniper junos 11.4 cpe:2.3:o:juniper:junos:11.4:r6:*:*:*:*:*:*
juniper junos 11.4 cpe:2.3:o:juniper:junos:11.4:r7:*:*:*:*:*:*
juniper junos 11.4 cpe:2.3:o:juniper:junos:11.4:r8:*:*:*:*:*:*
juniper junos 11.4 cpe:2.3:o:juniper:junos:11.4:r9:*:*:*:*:*:*
juniper junos 11.4r13 cpe:2.3:o:juniper:junos:11.4r13:s2:*:*:*:*:*:*
juniper junos 11.4x27 cpe:2.3:o:juniper:junos:11.4x27:*:*:*:*:*:*:*
juniper junos 12.1 cpe:2.3:o:juniper:junos:12.1:-:*:*:*:*:*:*
juniper junos 12.1r cpe:2.3:o:juniper:junos:12.1r:*:*:*:*:*:*:*
juniper junos 12.1x44 cpe:2.3:o:juniper:junos:12.1x44:-:*:*:*:*:*:*
juniper junos 12.1x44 cpe:2.3:o:juniper:junos:12.1x44:d10:*:*:*:*:*:*
juniper junos 12.1x44 cpe:2.3:o:juniper:junos:12.1x44:d15:*:*:*:*:*:*
juniper junos 12.1x44 cpe:2.3:o:juniper:junos:12.1x44:d20:*:*:*:*:*:*
juniper junos 12.1x44 cpe:2.3:o:juniper:junos:12.1x44:d25:*:*:*:*:*:*
juniper junos 12.1x44 cpe:2.3:o:juniper:junos:12.1x44:d30:*:*:*:*:*:*
juniper junos 12.1x44 cpe:2.3:o:juniper:junos:12.1x44:d35:*:*:*:*:*:*
juniper junos 12.1x45 cpe:2.3:o:juniper:junos:12.1x45:-:*:*:*:*:*:*
juniper junos 12.1x45 cpe:2.3:o:juniper:junos:12.1x45:d10:*:*:*:*:*:*
juniper junos 12.1x45 cpe:2.3:o:juniper:junos:12.1x45:d15:*:*:*:*:*:*
juniper junos 12.1x45 cpe:2.3:o:juniper:junos:12.1x45:d20:*:*:*:*:*:*
juniper junos 12.1x46 cpe:2.3:o:juniper:junos:12.1x46:-:*:*:*:*:*:*
juniper junos 12.1x46 cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*
juniper junos 12.1x46 cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*
juniper junos 12.1x47 cpe:2.3:o:juniper:junos:12.1x47:-:*:*:*:*:*:*
juniper junos 12.2 cpe:2.3:o:juniper:junos:12.2:-:*:*:*:*:*:*
juniper junos 12.2 cpe:2.3:o:juniper:junos:12.2:r1:*:*:*:*:*:*
juniper junos 12.2 cpe:2.3:o:juniper:junos:12.2:r2:*:*:*:*:*:*
juniper junos 12.2 cpe:2.3:o:juniper:junos:12.2:r3:*:*:*:*:*:*
juniper junos 12.2 cpe:2.3:o:juniper:junos:12.2:r4:*:*:*:*:*:*
juniper junos 12.2 cpe:2.3:o:juniper:junos:12.2:r5:*:*:*:*:*:*
juniper junos 12.2 cpe:2.3:o:juniper:junos:12.2:r6:*:*:*:*:*:*
juniper junos 12.2 cpe:2.3:o:juniper:junos:12.2:r7:*:*:*:*:*:*
juniper junos 12.3 cpe:2.3:o:juniper:junos:12.3:-:*:*:*:*:*:*
juniper junos 12.3 cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*
juniper junos 12.3 cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*
juniper junos 12.3 cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*
juniper junos 12.3 cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*
juniper junos 12.3 cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*
juniper junos 13.1 cpe:2.3:o:juniper:junos:13.1:-:*:*:*:*:*:*
juniper junos 13.1 cpe:2.3:o:juniper:junos:13.1:r1:*:*:*:*:*:*
juniper junos 13.1 cpe:2.3:o:juniper:junos:13.1:r2:*:*:*:*:*:*
juniper junos 13.1 cpe:2.3:o:juniper:junos:13.1:r3:*:*:*:*:*:*
juniper junos 13.2 cpe:2.3:o:juniper:junos:13.2:-:*:*:*:*:*:*
juniper junos 13.2 cpe:2.3:o:juniper:junos:13.2:r1:*:*:*:*:*:*
juniper junos 13.2 cpe:2.3:o:juniper:junos:13.2:r2:*:*:*:*:*:*
juniper junos 13.2 cpe:2.3:o:juniper:junos:13.2:r3:*:*:*:*:*:*
juniper junos 13.3 cpe:2.3:o:juniper:junos:13.3:-:*:*:*:*:*:*
juniper junos 13.3 cpe:2.3:o:juniper:junos:13.3:r1:*:*:*:*:*:*
microsoft windows_2000 cpe:2.3:o:microsoft:windows_2000:-:sp3:*:*:*:*:*:*
microsoft windows_2000 cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
microsoft windows_98 cpe:2.3:o:microsoft:windows_98:-:*:*:*:*:*:*:*
microsoft windows_98se cpe:2.3:o:microsoft:windows_98se:-:*:*:*:*:*:*:*
microsoft windows_server_2003 cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:itanium:*
microsoft windows_server_2003 cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*
microsoft windows_server_2003 cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:-:*
microsoft windows_server_2003 cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:itanium:*
microsoft windows_xp cpe:2.3:o:microsoft:windows_xp:-:*:x64:*:*:*:*:*
microsoft windows_xp cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*
microsoft windows_xp cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:itanium:*
microsoft windows_xp cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*
oracle solaris 10 cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*
oracle solaris 11 cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*
openpgp openpgp 2.6.2 cpe:2.3:a:openpgp:openpgp:2.6.2:*:*:*:*:*:*:*
mcafee network_data_loss_prevention <= 8.6 cpe:2.3:a:mcafee:network_data_loss_prevention:*:*:*:*:*:*:*:*
mcafee network_data_loss_prevention 9.2.0 cpe:2.3:a:mcafee:network_data_loss_prevention:9.2.0:*:*:*:*:*:*:*
mcafee network_data_loss_prevention 9.2.1 cpe:2.3:a:mcafee:network_data_loss_prevention:9.2.1:*:*:*:*:*:*:*
mcafee network_data_loss_prevention 9.2.2 cpe:2.3:a:mcafee:network_data_loss_prevention:9.2.2:*:*:*:*:*:*:*
netbsd netbsd 1.5 cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*
netbsd netbsd 1.5.1 cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*
netbsd netbsd 1.5.2 cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*
netbsd netbsd 1.5.3 cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*
netbsd netbsd 1.6 cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*
netbsd netbsd 1.6.1 cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*

References for CVE-2004-0230

URL Tags
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc Third Party Advisory Broken Link
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt Third Party Advisory Broken Link
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt Third Party Advisory Broken Link
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt Third Party Advisory Broken Link
ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc Third Party Advisory Broken Link
http://kb.juniper.net/JSA10638 Third Party Advisory
http://marc.info/?l=bugtraq&m=108302060014745&w=2 Mailing List
http://marc.info/?l=bugtraq&m=108506952116653&w=2 Mailing List
http://secunia.com/advisories/11440 Permissions Required Third Party Advisory VDB Entry Broken Link
http://secunia.com/advisories/11458 Permissions Required Third Party Advisory VDB Entry Broken Link
http://secunia.com/advisories/22341 Permissions Required Third Party Advisory VDB Entry Broken Link
http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml Broken Link
http://www.kb.cert.org/vuls/id/415294 Third Party Advisory US Government Resource
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Patch Third Party Advisory
http://www.osvdb.org/4030 Broken Link
http://www.securityfocus.com/archive/1/449179/100/0/threaded Broken Link
http://www.securityfocus.com/bid/10183 Exploit Third Party Advisory VDB Entry
http://www.uniras.gov.uk/vuls/2004/236929/index.htm Broken Link
http://www.us-cert.gov/cas/techalerts/TA04-111A.html Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2006/3983 Permissions Required Broken Link
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019 Third Party Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064 Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15886 Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10053 Patch Third Party Advisory Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711 Broken Link
cvelogic Threat Intelligence