CVE-2004-2095

Honeyd before 0.8 replies to TCP packets with the SYN and RST flags set, which allows remote attackers to identify IP addresses that are being simulated by Honeyd.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://marc.info/?l=bugtraq&m=107471181426047&w=2
http://marc.info/?l=bugtraq&m=107473095118505&w=2
http://secunia.com/advisories/10694
http://secunia.com/advisories/10695
http://www.osvdb.org/3690
http://www.securityfocus.com/bid/9464
http://www.securitytracker.com/id?1008818
https://exchange.xforce.ibmcloud.com/vulnerabilities/14905

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:niels_provos:honeyd:0.5:::::::*
	cpe:2.3:a:niels_provos:honeyd:0.6:::::::*
	cpe:2.3:a:niels_provos:honeyd:0.6a:::::::*
	cpe:2.3:a:niels_provos:honeyd:0.7:::::::*
	cpe:2.3:a:niels_provos:honeyd:0.7a:::::::*

History

No history.

Information

Published : 2004-12-31 05:00

Updated : 2017-07-11 01:31

NVD link : CVE-2004-2095

Mitre link : CVE-2004-2095

CVE.ORG link : CVE-2004-2095

JSON object : View

Products Affected

niels_provos

honeyd

CWE

NVD-CWE-Other

{"id": "CVE-2004-2095", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2004-12-31T05:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=107471181426047&w=2", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=107473095118505&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10694", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/10695", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/3690", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/9464", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1008818", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14905", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Honeyd before 0.8 replies to TCP packets with the SYN and RST flags set, which allows remote attackers to identify IP addresses that are being simulated by Honeyd."}], "lastModified": "2017-07-11T01:31:37.733", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:niels_provos:honeyd:0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8BAB9CCB-EA5A-4AF6-A6B0-2AEF29AD2BEC"}, {"criteria": "cpe:2.3:a:niels_provos:honeyd:0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C658CB38-C14B-417C-A4B5-7E62A70F4478"}, {"criteria": "cpe:2.3:a:niels_provos:honeyd:0.6a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0682334-D4EE-4272-9DDA-E8462113C25A"}, {"criteria": "cpe:2.3:a:niels_provos:honeyd:0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C2A952A-F3E4-4397-9B78-4B473E354E62"}, {"criteria": "cpe:2.3:a:niels_provos:honeyd:0.7a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "671D3D8D-D731-4A9C-9FF5-7EC49D706574"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}