CVE-2005-3774
First published: Wed Nov 23 2005(Updated: )
Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco PIX Firewall | =6.3 | |
| Cisco PIX Firewall | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html
- http://www.kb.cert.org/vuls/id/853540
- http://securitytracker.com/id?1015256
- http://secunia.com/advisories/17670
- http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml
- http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html
- http://www.securityfocus.com/bid/15525
- http://www.osvdb.org/24140
- http://www.vupen.com/english/advisories/2005/2546
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25079
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25077
- http://www.securityfocus.com/archive/1/427041/100/0/threaded
- http://www.securityfocus.com/archive/1/426991/100/0/threaded
- http://www.securityfocus.com/archive/1/426989/100/0/threaded
- http://www.securityfocus.com/archive/1/417458/30/0/threaded
Frequently Asked Questions
What is the severity of CVE-2005-3774?
CVE-2005-3774 is classified as a high-severity vulnerability due to its potential to cause a denial of service.
How do I fix CVE-2005-3774?
To fix CVE-2005-3774, upgrade to Cisco PIX versions 7.1 or above, which address this vulnerability.
What are the affected versions in CVE-2005-3774?
CVE-2005-3774 affects Cisco PIX versions 6.3 and 7.0.
What type of attack does CVE-2005-3774 enable?
CVE-2005-3774 enables remote attackers to block new connections by exploiting spoofed TCP packets.
What specific mechanism does CVE-2005-3774 use to cause a denial of service?
CVE-2005-3774 causes a denial of service by creating embryonic connections from malformed SYN packets.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/cisco
- canonical/cisco pix
- version/cisco pix/6.3
- version/cisco pix/7.0