• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOTE: this candidate may change significantly as the security community discusses the technical nature of NAPTHA and learns more about the affected applications. This candidate is at a higher level of abstraction than is typical for CVE.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
20001128 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Proposed (20001219)
Votes (Legacy)
ACCEPT(3) Baker, Cole, Renaud
MODIFY(1) Frech
NOOP(2) Magdych, Wall
REVIEWING(1) Christey
Comments (Legacy)
 Baker> Although this is at a high level, the fact is that it is a vulnerability, and as such we need to recognize this, even if we have to recast or modify the description at some later time.
 Christey> This needs to be commented on and reviewed by many Board
 Frech> XF:naptha-resource-starvation(5810)
 Christey> ADDREF SGI:20020304-01-A
 Christey> SGI:20020304-01-A

Proposed (Legacy)
This is an entry on the CVE list, which standardizes names for security problems.