Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5F5:K23440942
HistoryMay 05, 2017 - 12:00 a.m.

K23440942 : Insufficient validation of ICMP error messages CVE-2004-0790 (11.x - 13.x)

2017-05-0500:00:00
my.f5.com
51

6.3 Medium

AI Score

Confidence

Low

0.965 High

EPSS

Percentile

99.6%

JSON

Security Advisory Description

The vulnerability described in this article was initially fixed in earlier versions, but a regression was reintroduced in BIG-IP 12.x through 13.x. For information about earlier versions, refer to K4583: Insufficient validation of ICMP error messages - VU#222750 / CVE-2004-0790 (9.x - 10.x).

Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the “blind connection-reset attack.” NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. (CVE-2004-0790)

Impact

A remote attacker can interfere with the Path MTU Discovery process and cause a performance degradation or reset of FastL4 accelerated TCP connections by spoofing a specifically crafted Internet Control Message Protocol (ICMP) message.

This vulnerability only applies to FastL4 virtual servers on BIG-IP platforms with the embedded Packet Velocity Acceleration (ePVA) chip. The ePVA chip is a hardware acceleration Field Programmable Gate Array (FPGA) that delivers high-performance Layer 4 (L4) IPv4 throughput. ePVA chips are included on the following BIG-IP platforms:

  • B2100 Blade in the VIPRION C2400 or C2200 Chassis
  • B2150 Blade in the VIPRION C2400 or C2200 Chassis
  • B2250 Blade in the VIPRION C2400 or C2200 Chassis
  • B4300 Blade in the VIPRION C4480 or C4800 Chassis
  • B4340 Blade in the VIPRION C4480 or C4800 Chassis
  • BIG-IP 12000 series
  • BIG-IP 10000 series
  • BIG-IP 7000 series
  • BIG-IP 5000 series
  • BIG-IP i5000 series
  • BIG-IP i7000 series
  • BIG-IP i10000 series

Related

ubuntucve 1
nvd 8
cve 8
cvelist 8
nessus 22
securityvulns 5
cert 1
exploitpack 4
seebug 5
exploitdb 4
f5 7
openvas 2
checkpoint_advisories 3
redhat 3
ubuntucve
ubuntucve
CVE-2004-0790
2005-04-12 00:00:00
nvd
nvd
CVE-2004-1060
2004-04-12 04:00:00
CVE-2005-0067
2004-12-22 05:00:00
CVE-2004-0790
2005-04-12 04:00:00
cve
cve
CVE-2005-0065
2005-05-02 04:00:00
CVE-2005-0066
2005-01-19 05:00:00
CVE-2005-0067
2005-01-19 05:00:00
cvelist
cvelist
CVE-2004-0791
2005-04-13 04:00:00
CVE-2005-0065
2005-01-19 05:00:00
CVE-2005-0066
2005-01-19 05:00:00
nessus
nessus
F5 Networks BIG-IP : Insufficient validation of ICMP error messages (K23440942)
2017-05-08 00:00:00
Crafted ICMP Messages Can Cause Denial of Service - Cisco Systems
2010-09-01 00:00:00
HP-UX PHNE_26125 : HP-UX TCP/IP Remote Denial of Service (DoS) (HPSBUX01164 SSRT4884 rev.9)
2005-05-30 00:00:00
securityvulns
securityvulns
UnixWare ICMP Message Handling Denial of Service
2005-09-05 00:00:00
[security bulletin] SSRT4884 HP-UX TCP/IP Remote Denial of Service (DoS)
2005-12-08 00:00:00
HPSBTU01210 SSRT4743, SSRT4884 rev.0 - HP Tru64 UNIX TCP/IP remote Denial of Service (DoS)
2005-07-19 00:00:00
cert
cert
TCP/IP implementations do not adequately validate ICMP error messages
2005-04-12 00:00:00
exploitpack
exploitpack
Multiple Vendor ICMP Implementation - Malformed Path MTU Denial of Service
2005-04-12 00:00:00
Multiple Vendor ICMP Message Handling - Denial of Service
2005-04-12 00:00:00
Multiple OS (Win32AixCisco) - Crafted ICMP Messages Denial of Service (MS05-019)
2005-04-20 00:00:00
seebug
seebug
Multiple Vendor ICMP Message Handling DoS
2014-07-01 00:00:00
Multiple Vendor ICMP Implementation Malformed Path MTU DoS
2014-07-01 00:00:00
Multiple OS (win32/aix/cisco) Crafted ICMP Messages DoS Exploit
2005-04-20 00:00:00
exploitdb
exploitdb
Multiple Vendor ICMP Message Handling - Denial of Service
2005-04-12 00:00:00
Multiple Vendor ICMP Implementation - Malformed Path MTU Denial of Service
2005-04-12 00:00:00
Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service (MS05-019)
2005-04-20 00:00:00
f5
f5
SOL4583 - Insufficient validation of ICMP error messages - VU#222750 / CVE-2004-0790
2007-05-16 00:00:00
Insufficient validation of ICMP error messages VU#222750 / CVE-2004-0790 (9.x - 10.x)
2007-05-17 04:00:00
K15792 : Path MTU discovery vulnerability CVE-2004-1060
2015-09-16 00:00:00
openvas
openvas
Microsoft Windows Internet Protocol Validation RCE Vulnerability
2011-11-21 00:00:00
Microsoft Windows Internet Protocol Validation Remote Code Execution Vulnerability
2011-11-21 00:00:00
checkpoint_advisories
checkpoint_advisories
Multiple Vendor ICMP Connection Reset Denial of Service (CVE-2004-0790)
2010-02-28 00:00:00
Multiple Vendor ICMP Connection Reset Denial of Service - High Confidence (CVE-2004-0790)
2013-04-30 00:00:00
Multiple Vendor ICMP Source Quench Denial of Service (CVE-2004-0791)
2010-02-28 00:00:00
redhat
redhat
(RHSA-2005:043) kernel security update
2005-01-18 00:00:00
(RHSA-2005:016) kernel security update
2005-01-21 00:00:00
(RHSA-2005:017) kernel security update
2005-01-21 00:00:00

6.3 Medium

AI Score

Confidence

Low

0.965 High

EPSS

Percentile

99.6%

JSON
Related for F5:K23440942
ubuntucve1nvd8cve8cvelist8nessus22securityvulns5cert1exploitpack4seebug5exploitdb4f57openvas2checkpoint_advisories3redhat3