CVE-2005-0065
CVE-2005-0065 is a critical-severity vulnerability in Tcp with a CVSS 2.0 base score of 10.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Critical (CVSS 2.0 base score 10.0)
- EPSS exploit prediction: 2% (78th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Tcp
- Published:
- Last modified:
Description
The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
Frequently asked questions
- What is CVE-2005-0065?
- The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
- How severe is CVE-2005-0065?
- CVE-2005-0065 has a CVSS 2.0 base score of 10.0, rated critical severity.
- Is CVE-2005-0065 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (78th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2005-0065?
- CVE-2005-0065 affects Tcp. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2005-0065?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its critical severity, prioritise patching exposed systems.
- When was CVE-2005-0065 published?
- CVE-2005-0065 was published on 2005-05-02 and last updated on 2026-06-16.
References
Affected products (1)
- cpe:2.3:a:tcp:tcp:*:*:*:*:*:*:*:*
More vulnerabilities in Tcp
- CVE-2005-3675 — High (CVSS 7.8): The Transmission Control Protocol (TCP) allows remote attackers to cause a denial of service (bandwidth consumption) by…
- CVE-2005-0068 — Medium (CVSS 5.0): The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it…
- CVE-2005-0066 — Medium (CVSS 5.0): The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an…
- CVE-2005-0067 — Medium (CVSS 5.0): The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which…
- CVE-2004-1060 — Medium (CVSS 5.0): Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause…