VDB
CVE-2005-3774
CVE-2005-3774
PUBLISHED
CVSS 5 MEDIUM
Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.
EPSS 35.14% · 97.1th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
35.14%
97.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | pix | 6.3, 7.0 |
| n/a | n/a | n/a |
Timeline
- Nov 22, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jun 4, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Oct 13, 2023 EPSS Score
References
- 1015256 vdb
- cisco-pix-ttl-dos(25079) vdb
- cisco-pix-tcp-data-field-dos(25077) vdb
- 24140 vdb
- 15525 vdb
- http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html url
- 20051122 Cisco PIX TCP Connection Prevention mailing-list
- 20060307 Cisco PIX embryonic state machine 1b data DoS mailing-list
- 20051128 Response to Cisco PIX TCP Connection Prevention vendor-advisory
- 20060307 Cisco PIX embryonic state machine TTL(n-1) DoS mailing-list
- VU#853540 third-party-advisory
- 17670 third-party-advisory
- 20060307 RE: Cisco PIX embryonic state machine 1b data DoS mailing-list
- ADV-2005-2546 vdb
- 20051122 Cisco PIX TCP Connection Prevention mailing-list
- 20051122 Cisco PIX TCP Connection Prevention mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2005-3774 advisory