Is CVE-2004-0230 a security threat for SpanVA
search cancel

Is CVE-2004-0230 a security threat for SpanVA


Article ID: 246595


Updated On:


CASB Audit CASB Security Advanced CASB Security Premium CASB Security Standard


You would like to know if CASB SpanVA is vulnerable to CVE- 2004-0230.




Broadcom Security Engineering reviewed this issue and has determined that this is not a security threat to the SpanVA appliances for the following reasons:

Modern operating systems like Amazon Linux use a random sequence number, which is difficult to guess, and hence crafting an RST packet is not easy,

Port 80/TCP on which the issue was flagged is not a "long lived" connection, and an attacker has no chance to guess the RST packet sequence number,

This reset functionality is a part of the TCP/IP protocol, and in the case of SpanVA, it will reset the connection (if it ever happens). This is normal behavior and not a security threat.


There is nothing that  Broadcom can do to remedy the situation.  Any fixes, if at all, must come from Amazon Linux for the TCP/IP network stack.