medium
5
CWE
NVD-CWE-Other
Advisory Published
Updated

CVE-2005-0356

First published: Tue May 31 2005(Updated: )

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.

Credit: cret@cert.org

Affected SoftwareAffected VersionHow to fix
Cisco Secure Access Control Server=3.2
Cisco MGX 8230=1.2.11
Cisco MGX 8250=1.2.10
Cisco Secure Access Control Server=3.2.2
Cisco Personal Assistant=1.3\(2\)
Cisco Unity Server=2.2
Cisco Secure Access Control Server=2.4
Cisco Secure Access Control Server=3.1.1
Cisco Personal Assistant=1.3\(4\)
Cisco Unity Server=3.0
Cisco Secure Access Control Server=2.6.3
Cisco Unified IP Interactive Voice Response
Cisco Secure Access Control Server=2.42
Cisco CallManager Express=3.0
Cisco CallManager Express=3.1\(3a\)
Cisco Secure Access Control Server=3.3.2
Cisco Unity Server=3.1
Cisco CallManager Express=1.0
Cisco Unity Server=3.3
Cisco Personal Assistant=1.3\(3\)
Cisco Secure Access Control Server=2.1
Cisco Secure Access Control Server=3.3\(1\)
Cisco Secure Access Control Server=2.6.2
Cisco Secure Access Control Server=2.3.6.1
Cisco Technical Support
Cisco CallManager Express=3.2
Cisco CallManager Express=3.1\(2\)
Cisco Personal Assistant=1.4\(2\)
Cisco Unity Server=2.3
Cisco Unity Server=3.2
Cisco Secure Access Control Server=2.0
Cisco Secure Access Control Server=3.0.1
Cisco Secure Access Control Server=2.3
Cisco Unity Server=2.1
Cisco Unity Server=2.46
Cisco CallManager Express=3.3
Cisco Web Collaboration Option
Cisco CallManager Express=2.0
Cisco Secure Access Control Server=3.0
Cisco Secure Access Control Server=2.3
Cisco MGX 8250=1.2.11
Cisco Remote Monitoring Suite Option
Cisco Secure Access Control Server=3.0.3
Cisco Unity Server=2.4
Cisco Unified Contact Center Express
Cisco MGX 8230=1.2.10
Cisco Personal Assistant=1.4\(1\)
Cisco Secure Access Control Server=2.5
Cisco Secure Access Control Server=2.6
Cisco CallManager Express=3.1
Cisco Secure Access Control Server=3.2\(1.20\)
Cisco Secure Access Control Server=3.1
Cisco Intelligent Contact Manager=5.0
Cisco Secure Access Control Server=3.2
Cisco Unity Server=2.0
Cisco Secure Access Control Server=3.3.1
Cisco Secure Access Control Server=3.3
Cisco Secure Access Control Server=2.6.4
Cisco Secure Access Control Server=3.2\(3\)
Cisco Agent Desktop
Cisco Email Manager
Cisco Unified MeetingPlace
Cisco Secure Access Control Server=3.2.1
Cisco CallManager Express=4.0
Cisco CallManager Express=3.3\(3\)
Cisco Secure Access Control Server=3.0
Cisco Secure Access Control Server=2.3.5.1
Cisco Secure Access Control Server=3.2\(1\)
Alaxala Networks=ax
Cisco Secure Access Control Server=3.2\(2\)
Cisco Emergency Responder=1.1
Cisco Packaged Contact Center Enterprise
Cisco Unity Server=4.0
Cisco Personal Assistant=1.3\(1\)
F5 TMOS=9.0.5
F5 TMOS=4.5.12
F5 TMOS=9.0.3
Hitachi GS4000
Cisco SN 5428 Storage Router=2-3.3.1-k9
F5 TMOS=4.6
F5 TMOS=9.0.2
Cisco SN 5428 Storage Router=2-3.3.2-k9
F5 TMOS=4.5
Yamaha Rt250i
F5 TMOS=4.5.6
Yamaha RT105P
Yamaha RTX2000
Cisco Aironet AP350
Cisco SN 5428 Storage Router=2.5.1-k9
Cisco SN 5420 Storage Router
Yamaha RTX1000
hitachi gr3000
Yamaha RT57i firmware
Yamaha RTV700
F5 TMOS=4.3
Yamaha RTX1500
Cisco SN 5428 Storage Router=3.3.2-k9
F5 TMOS=4.0
F5 TMOS=4.6.2
Cisco SN 5428 Storage Router=3.2.2-k9
Yamaha RTX1100
F5 TMOS=9.0
F5 TMOS=4.5.10
Hitachi GS4000
F5 TMOS=4.2
F5 TMOS=4.5.11
Cisco Aironet AP1200
Cisco SN 5428 Storage Router=3.3.1-k9
F5 TMOS=9.0.1
F5 TMOS=4.4
F5 TMOS=9.0.4
F5 TMOS=4.5.9
Cisco SN 5428 Storage Router=3.2.1-k9
Yamaha RT300i
Cisco SN 5420 Storage Router=1.1\(2\)
Cisco SN 5420 Storage Router=1.1\(7\)
Cisco SN 5420 Storage Router=1.1\(3\)
Cisco SN 5420 Storage Router=1.1\(5\)
Cisco SN 5420 Storage Router=1.1.3
Cisco SN 5420 Storage Router=1.1\(4\)
Cisco Ciscoworks Access Control List Manager=1.5
Cisco Ciscoworks Access Control List Manager=1.6
CiscoWorks Common Management Foundation=2.0
CiscoWorks Common Management Foundation=2.1
CiscoWorks Common Management Foundation=2.2
Cisco CiscoWorks Common Services=2.2
Cisco Ciscoworks LAN Management Solution=1.3
Cisco Works VPN/Security Management Solution
Cisco Ciscoworks for Windows
Cisco WebNS=7.10_\(05.07\)s
Cisco WebNS=7.20_\(03.09\)s
Cisco WebNS=7.20_\(03.10\)s
Cisco WebNS=7.30_\(00.08\)s
Cisco WebNS=7.30_\(00.09\)s
Nortel Business Communications Manager=200
Nortel Business Communications Manager=400
Nortel Business Communications Manager=1000
Nortel CallPilot Server=200i
Nortel CallPilot Server=201i
Nortel CallPilot Server=702t
Nortel CallPilot Server=703t
Nortel Contact Center
Cisco Content Services Switch 11000
Cisco Content Services Switch 11050
Cisco Content Services Switch 11150
Cisco Content Services Switch 11500
Cisco Content Services Switch 11501
Cisco Content Services Switch 11503
Cisco Content Services Switch 11506
Cisco Content Services Switch 11800
Nortel 7220 WLAN Access Point
Nortel 7250 WLAN Access Point
Nortel Ethernet Routing Switch 1612
Nortel Ethernet Routing Switch 1624
Nortel Ethernet Routing Switch 1648
Nortel Optical Metro 5000
Nortel Optical Metro 5100
Nortel Optical Metro 5200
Avaya Communication Server 1000 Telephony Manager
nortel survivable remote gateway=1.0
Nortel Universal Signaling Point=5200
Nortel Universal Signaling Point=compact_lite
Cisco Ciscoworks 1105 Hosting Solution Engine
Cisco Wireless LAN Solution Engine
CiscoWorks CD-One (CD1)=1st
CiscoWorks CD-One (CD1)=2nd
CiscoWorks CD-One (CD1)=3rd
CiscoWorks CD-One (CD1)=4th
CiscoWorks CD-One (CD1)=5th
Cisco Ciscoworks Windows WUG
cisco conference connection=1.1\(1\)
cisco conference connection=1.2
FreeBSD FreeBSD=1.1.5.1
FreeBSD FreeBSD=2.0
FreeBSD FreeBSD=2.0.5
FreeBSD FreeBSD=2.1.0
FreeBSD FreeBSD=2.1.5
FreeBSD FreeBSD=2.1.6
FreeBSD FreeBSD=2.1.6.1
FreeBSD FreeBSD=2.1.7.1
FreeBSD FreeBSD=2.2
FreeBSD FreeBSD=2.2.2
FreeBSD FreeBSD=2.2.3
FreeBSD FreeBSD=2.2.4
FreeBSD FreeBSD=2.2.5
FreeBSD FreeBSD=2.2.6
FreeBSD FreeBSD=2.2.8
FreeBSD FreeBSD=3.0
FreeBSD FreeBSD=3.0-releng
FreeBSD FreeBSD=3.1
FreeBSD FreeBSD=3.2
FreeBSD FreeBSD=3.3
FreeBSD FreeBSD=3.4
FreeBSD FreeBSD=3.5
FreeBSD FreeBSD=3.5-stable
FreeBSD FreeBSD=3.5.1
FreeBSD FreeBSD=3.5.1-release
FreeBSD FreeBSD=3.5.1-stable
FreeBSD FreeBSD=4.0
FreeBSD FreeBSD=4.0-alpha
FreeBSD FreeBSD=4.0-releng
FreeBSD FreeBSD=4.1
FreeBSD FreeBSD=4.1.1
FreeBSD FreeBSD=4.1.1-release
FreeBSD FreeBSD=4.1.1-stable
FreeBSD FreeBSD=4.2
FreeBSD FreeBSD=4.2-stable
FreeBSD FreeBSD=4.3
FreeBSD FreeBSD=4.3-release
FreeBSD FreeBSD=4.3-release_p38
FreeBSD FreeBSD=4.3-releng
FreeBSD FreeBSD=4.3-stable
FreeBSD FreeBSD=4.4
FreeBSD FreeBSD=4.4-release_p42
FreeBSD FreeBSD=4.4-releng
FreeBSD FreeBSD=4.4-stable
FreeBSD FreeBSD=4.5
FreeBSD FreeBSD=4.5-release
FreeBSD FreeBSD=4.5-release_p32
FreeBSD FreeBSD=4.5-releng
FreeBSD FreeBSD=4.5-stable
FreeBSD FreeBSD=4.6
FreeBSD FreeBSD=4.6-release
FreeBSD FreeBSD=4.6-release_p20
FreeBSD FreeBSD=4.6-releng
FreeBSD FreeBSD=4.6-stable
FreeBSD FreeBSD=4.6.2
FreeBSD FreeBSD=4.7
FreeBSD FreeBSD=4.7-release
FreeBSD FreeBSD=4.7-release_p17
FreeBSD FreeBSD=4.7-releng
FreeBSD FreeBSD=4.7-stable
FreeBSD FreeBSD=4.8
FreeBSD FreeBSD=4.8-pre-release
FreeBSD FreeBSD=4.8-release_p6
FreeBSD FreeBSD=4.8-releng
FreeBSD FreeBSD=4.9
FreeBSD FreeBSD=4.9-pre-release
FreeBSD FreeBSD=4.9-releng
FreeBSD FreeBSD=4.10
FreeBSD FreeBSD=4.10-release
FreeBSD FreeBSD=4.10-release_p8
FreeBSD FreeBSD=4.10-releng
FreeBSD FreeBSD=4.11-release_p3
FreeBSD FreeBSD=4.11-releng
FreeBSD FreeBSD=4.11-stable
FreeBSD FreeBSD=5.0
FreeBSD FreeBSD=5.0-alpha
FreeBSD FreeBSD=5.0-release_p14
FreeBSD FreeBSD=5.0-releng
FreeBSD FreeBSD=5.1
FreeBSD FreeBSD=5.1-alpha
FreeBSD FreeBSD=5.1-release
FreeBSD FreeBSD=5.1-release_p5
FreeBSD FreeBSD=5.1-releng
FreeBSD FreeBSD=5.2
FreeBSD FreeBSD=5.2.1-release
FreeBSD FreeBSD=5.2.1-releng
FreeBSD FreeBSD=5.3
FreeBSD FreeBSD=5.3-release
FreeBSD FreeBSD=5.3-releng
FreeBSD FreeBSD=5.3-stable
FreeBSD FreeBSD=5.4-pre-release
FreeBSD FreeBSD=5.4-release
Microsoft Windows 2000
Microsoft Windows 2000=sp1
Microsoft Windows 2000=sp2
Microsoft Windows 2000=sp3
Microsoft Windows 2000=sp4
Microsoft Windows 2003 Server=enterprise
Microsoft Windows 2003 Server=enterprise_64-bit
Microsoft Windows 2003 Server=r2
Microsoft Windows 2003 Server=r2
Microsoft Windows 2003 Server=standard
Microsoft Windows 2003 Server=standard_64-bit
Microsoft Windows 2003 Server=web
Microsoft Windows XP
Microsoft Windows XP
Microsoft Windows XP
Microsoft Windows XP
Microsoft Windows XP=gold
Microsoft Windows XP=sp1
Microsoft Windows XP=sp1
Microsoft Windows XP=sp1
Microsoft Windows XP=sp1
Microsoft Windows XP=sp2
OpenBSD=3.0
OpenBSD=3.1
OpenBSD=3.2
OpenBSD=3.3
OpenBSD=3.4
OpenBSD=3.5
OpenBSD=3.6
Alaxala Networks=ax5400s
Alaxala Networks=ax7800r
Alaxala Networks=ax7800s

Remedy

http://secunia.com/advisories/15417/

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2005-0356?

    The severity of CVE-2005-0356 is classified as high due to its potential to cause a denial of service.

  • How do I fix CVE-2005-0356?

    To fix CVE-2005-0356, ensure that your TCP implementation is updated to a version that mitigates this vulnerability.

  • What systems are affected by CVE-2005-0356?

    CVE-2005-0356 affects various Cisco products, including Cisco Secure Access Control Server and Cisco MGX series.

  • Can CVE-2005-0356 be exploited remotely?

    Yes, CVE-2005-0356 can be exploited remotely by sending spoofed packets with large timer values.

  • What impact does CVE-2005-0356 have on network performance?

    CVE-2005-0356 can lead to connection loss and significant degradation of network performance.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203