|
| TC: | 12039 | |
| Description: | When opening a connection on a port, an Initial Sequence Number (ISN) is given. If the ISN is the same for any connection, it makes it easy for an attacker to establish a connection spoofing a legitimate user. This could give access to services that should not be reachable by any outsider. | |
| TC Impact: | Attack |
| Vulnerability Publication: | N.A. | |
| Advisory Copyright: | N.A. | |
| Summary: | It is possible to spoof legitimate users to establish connections to your host. | |
| Risk: | High | |
| CVSS 2.0 metrics: | Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial | |
| CVSS 2.0 Base Score: | 7.5 |
| Vulnerability Impact: |
Attack |
|---|
| Host Impact: | An attacker can use a flaw in the TCP protocol to impersonate an authorized host and launch blind attacks. | |
| Nature of Remediation: | Update the software. |
| Step required to fix the reported vulnerability: | |
***** Solution type: Upgrade Software ***** Check with your vendor for a newer TCP/IP stack. |
| References: | ||
| * XF: tcp-seq-predict http://xforce.iss.net/xforce/xfdb/139 * MISC: Defending Against Sequence Number Attacks: http://www.ietf.org/rfc/rfc1948.txt |
| CVE Link: |
CVE-1999-0077 |
 |
|---|
| Glossary: |
Spoofing TCP |
|---|