Candidate: CVE-2004-0790
References: 
 MISC:http://www.watersprings.org/pub/id/draft-gont-tcpm-icmp-attacks-03.txt
 MISC:http://www.uniras.gov.uk/niscc/docs/al-20050412-00308.html?lang=en
 MISC:http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
 HP:HPSBTU01210
 URL:http://marc.theaimsgroup.com/?l=bugtraq&m=112861397904255&w=2
 HP:SSRT4743
 URL:http://marc.theaimsgroup.com/?l=bugtraq&m=112861397904255&w=2
 HP:SSRT4884
 URL:http://marc.theaimsgroup.com/?l=bugtraq&m=112861397904255&w=2
 MS:MS05-019
 URL:http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx
 SUNALERT:57746
 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57746-1
 OVAL:OVAL3458
 URL:http://oval.mitre.org/oval/definitions/data/oval3458.html
 OVAL:OVAL1910
 URL:http://oval.mitre.org/oval/definitions/data/oval1910.html
 OVAL:OVAL4804
 URL:http://oval.mitre.org/oval/definitions/data/oval4804.html
Description: 
 Multiple TCP/IP and ICMP implementations allow remote attackers to cause a
 denial of service (reset TCP connections) via spoofed ICMP error messages, aka
 the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and
 CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065,
 CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that
 are SPLIT based on the underlying vulnerability. While CVE normally SPLITs
 based on vulnerability, the attack-based identifiers exist due to the variety
 and number of affected implementations and solutions that address the attacks
 instead of the underlying vulnerabilities.
Notes: 
Bugs: 305655 305664
upstream: 
linux-2.6: 
2.6.8-sarge-security: released (2.6.8-16) [net-ipv4-icmp-quench.dpatch]
2.4.27-sarge-security: released (2.4.27-10) [164_net-ipv4-icmp-quench.diff]
2.4.19-woody-security: 
2.4.18-woody-security: 
2.4.17-woody-security: 
2.4.16-woody-security: 
2.4.17-woody-security-hppa: 
2.4.17-woody-security-ia64: 
2.4.18-woody-security-hppa: