Large Window Size in TCP: A Vulnerability Exploiting Sequence Number Guessing for Denial of Service Attacks

Large Window Size in TCP: A Vulnerability Exploiting Sequence Number Guessing for Denial of Service Attacks

CVE-2004-0230 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

Learn more about our Web Application Penetration Testing UK.