Severity Rating: HIGH
Software Affected
•FortiAnalyzer 6.2.3 and below
•FortiManager 6.2.3 and below
Overview
Vulnerability has been reported in TCP implementations which could allow an
attacker to reset TCP sessions and approximate TCP sequence numbers.
Description
A Vulnerability exists inTCP implementations that could allow a remote
attacker to inject a SYN or RST packet into the session, causing it to be
reset and effectively allowing denial-of-service attacks. An attacker could
exploit this vulnerability by guessing sequence numbers and cause a denial
of service to persistent TCP connections by repeatedly injecting a TCP RST
packet, especially in protocols that use long-lived connections, such as
Border Gateway Protocol (BGP).
Successful exploitation of this vulnerability could allow the attacker to
cause a denial of service (DoS) condition.
Solution
Apply appropriate updates as mentioned in:
Vendor Information
FORTINET
References
FORTINET
CVE Name
CVE-2004-0230
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.
![Fwd: [CIVN-2020-0184] Multiple Vulnerabilities in ISC BIND](http://3.bp.blogspot.com/-ZRo8fwgs65M/UZC2jMJpcLI/AAAAAAAAC5Y/EfoFQsr1wzU/s1600/BS+No+Image.gif )