The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
From 神龙GPT (AIGC)
TCP的原始设计不需要随机分配端口号(也称为“端口随机化”)，这使得攻击者更容易伪造特定TCP连接的ICMP错误消息并导致拒绝服务，例如使用(1)盲连接重置攻击伪造“目标不可达”消息，(2)盲吞吐量降低攻击伪造“源阻塞”消息，或(3)盲吞吐量降低攻击伪造伪造的ICMP消息，导致路径最大传输单元(MTU)降低。注意：CVE-2004-0790,CVE-2004-0791和CVE-2004-1060根据不同类型的攻击进行了split;CVE-2005-0065,CVE-2005-0066,CVE-2005-0067和CVE-2005-0068是相关的 identifiers，根据潜在漏洞split。虽然CVE通常根据漏洞split，但基于攻击的 identifiers 存在，这是因为它们解决了攻击而不是潜在漏洞。