ID CVE-2001-0328
Summary TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN.
References
Vulnerable Configurations
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
description Linux kernel 2.2 Predictable TCP Initial Sequence Number Vulnerability. CVE-1999-0077 ,CVE-2000-0916,CVE-2001-0162,CVE-2001-0163,CVE-2001-0288,CVE-2001-0328...
id EDB-ID:19522
last seen 2016-02-02
modified 1999-09-27
published 1999-09-27
reporter Stealth and S. Krahmer
source https://www.exploit-db.com/download/19522/
title Linux kernel 2.2 Predictable TCP Initial Sequence Number Vulnerability
nessus via4
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_26101.NASL
    description s700_800 11.04 (VVOS) cumulative ARPA Transport patch : TCP Initial Sequence Number (ISN) randomization specified in RFC 1948 is available for HP-UX. References: CVE-2001-0328, CERT CA-2001-09.
    last seen 2019-02-21
    modified 2013-04-20
    plugin id 16827
    published 2005-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16827
    title HP-UX PHNE_26101 : HP-UX Running ARPA Transport, Advisory, RFC 1948 ISN Randomization (HPSBUX00205 SSRT080009 rev.3)
  • NASL family CISCO
    NASL id CSCDS04747.NASL
    description Cisco IOS Software contains a flaw that permits the successful prediction of TCP Initial Sequence Numbers. This vulnerability is present in all released versions of Cisco IOS software running on Cisco routers and switches. It only affects the security of TCP connections that originate or terminate on the affected Cisco device itself; it does not apply to TCP traffic forwarded through the affected device in transit between two other hosts. This vulnerability is documented as Cisco bug ID CSCds04747.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 10976
    published 2002-06-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=10976
    title Cisco IOS TCP Sequence Prediction Connection Hijacking (CSCds04747)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_26771.NASL
    description s700_800 11.00 cumulative ARPA Transport patch : TCP Initial Sequence Number (ISN) randomization specified in RFC 1948 is available for HP-UX. References: CVE-2001-0328, CERT CA-2001-09.
    last seen 2019-02-21
    modified 2013-04-20
    plugin id 16742
    published 2005-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16742
    title HP-UX PHNE_26771 : HP-UX Running ARPA Transport, Advisory, RFC 1948 ISN Randomization (HPSBUX00205 SSRT080009 rev.3)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_25644.NASL
    description s700_800 11.11 cumulative ARPA Transport patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060. (HPSBUX01164 SSRT4884) - An HP-UX 11.11 machine with TRANSPORT patches PHNE_24211, PHNE_24506, PHNE_25134, or PHNE_25642 may be exposed to a denial of service through the malicious use of the 'ndd' command. (HPSBUX00192 SSRT071390) - TCP Initial Sequence Number (ISN) randomization specified in RFC 1948 is available for HP-UX. References: CVE-2001-0328, CERT CA-2001-09. (HPSBUX00205 SSRT080009)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 16508
    published 2005-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16508
    title HP-UX PHNE_25644 : s700_800 11.11 cumulative ARPA Transport patch
oval via4
accepted 2008-09-08T04:00:14.026-04:00
class vulnerability
contributors
name Yuzheng Zhou
organization Hewlett-Packard
description TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN.
family ios
id oval:org.mitre.oval:def:4922
status accepted
submitted 2008-05-02T11:06:36.000-04:00
title Multiple Vendor TCP/IP stack Weak Initial Sequence Number Vulnerability
version 3
refmap via4
bid 2682
cert CA-2001-09
sectrack 1033181
secunia 8044
sgi 20030201-01-P
sreason 57
Last major update 28-11-2016 - 14:06
Published 27-06-2001 - 00:00
Last modified 18-10-2017 - 21:29
Back to Top