Predictable Hash Vulnerability in SynAttackProtect in Microsoft Windows 2003 and Windows 2000
CVE-2005-3945 · HIGH Severity
AV:N/AC:L/AU:N/C:N/I:N/A:C
The SynAttackProtect protection in Microsoft Windows 2003 before SP1 and Windows 2000 before SP4 with Update Roll-up uses a hash of predictable data, which allows remote attackers to cause a denial of service (CPU consumption) via a flood of SYN packets that produce identical hash values, which slows down the hash table lookups.
Learn more about our Web Application Penetration Testing UK.