https://live.paloaltonetworks.com/t5/advanced-threat-prevention/cve-2004-0230-guessing-tcp-sequence-numbers-and-injecting-rst/m-p/417664#M1210 <P>Hi All,</P><P>&nbsp;</P><P>CVE-2004-0230 does not seem to show up in the Palo Alto Networks threat database, but the below KB article seems to indicate that PAN have introduced threat mitigation for this CVE in PAN-OS 6.0.</P><P>&nbsp;</P><P><A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CllyCAC" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CllyCAC</A></P><P>&nbsp;</P><P>I am wondering if this is an error in the PA threat database? or if mitigation for this threat has been removed from the PAN OS (which I believe unlikely)?</P><P>&nbsp;</P><P>Can anyone shed any light on this issue?</P><P>&nbsp;</P><P>Thanks in advance.</P> Thu, 08 Jul 2021 00:49:31 GMT Ben-Price 2021-07-08T00:49:31Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/cve-2004-0230-guessing-tcp-sequence-numbers-and-injecting-rst/m-p/417664#M1210 <P>Hi All,</P><P>&nbsp;</P><P>CVE-2004-0230 does not seem to show up in the Palo Alto Networks threat database, but the below KB article seems to indicate that PAN have introduced threat mitigation for this CVE in PAN-OS 6.0.</P><P>&nbsp;</P><P><A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CllyCAC" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CllyCAC</A></P><P>&nbsp;</P><P>I am wondering if this is an error in the PA threat database? or if mitigation for this threat has been removed from the PAN OS (which I believe unlikely)?</P><P>&nbsp;</P><P>Can anyone shed any light on this issue?</P><P>&nbsp;</P><P>Thanks in advance.</P> Thu, 08 Jul 2021 00:49:31 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/cve-2004-0230-guessing-tcp-sequence-numbers-and-injecting-rst/m-p/417664#M1210 Ben-Price 2021-07-08T00:49:31Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/cve-2004-0230-guessing-tcp-sequence-numbers-and-injecting-rst/m-p/418004#M1217 <P>Can anyone assist with this question? Maybe&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/43480">@BPry</a>&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/7608">@reaper</a>&nbsp;could possibly comment.</P> Fri, 09 Jul 2021 04:58:46 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/cve-2004-0230-guessing-tcp-sequence-numbers-and-injecting-rst/m-p/418004#M1217 Ben-Price 2021-07-09T04:58:46Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/cve-2004-0230-guessing-tcp-sequence-numbers-and-injecting-rst/m-p/418102#M1221 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/181759">@Ben-Price</a>,</P><P>I believe the mitigation that the article is talking about was actually PAN fixing the vulnerability within PAN-OS itself and not in direct relation to a threat signature being added to identify the traffic. Just as an FYI though, threat signatures&nbsp;<EM>are&nbsp;</EM>retired and they don't just stick around forever.&nbsp;</P> Fri, 09 Jul 2021 13:48:16 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/cve-2004-0230-guessing-tcp-sequence-numbers-and-injecting-rst/m-p/418102#M1221 BPry 2021-07-09T13:48:16Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/cve-2004-0230-guessing-tcp-sequence-numbers-and-injecting-rst/m-p/418492#M1225 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/43480">@BPry</a>&nbsp;OK thanks for that info. A few questions:<BR />So protection from this threat is built into the PAN OS and no need to configure an action within a Vulnerability profile then?<BR /><BR /></P> Sun, 11 Jul 2021 23:29:19 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/cve-2004-0230-guessing-tcp-sequence-numbers-and-injecting-rst/m-p/418492#M1225 Ben-Price 2021-07-11T23:29:19Z