CVE-2007-2782 - Packeteer PacketShaper uses fixed increments in TCP initial sequence number (ISN) values, which allo

CVE-2007-2782

Summary

Packeteer PacketShaper uses fixed increments in TCP initial sequence number (ISN) values, which allows remote attackers to predict the ISN value, and perform session hijacking or disruption.

References

http://osvdb.org/36226
http://secunia.com/advisories/25344
http://securityreason.com/securityalert/2726
http://www.securityfocus.com/archive/1/468972/100/0/threaded
http://www.securityfocus.com/bid/24048
http://www.vupen.com/english/advisories/2007/1891

Vulnerable Configurations

cpe:2.3:a:packeteer:packetshaper:7.3.0g2:*:*:*:*:*:*:*
cpe:2.3:a:packeteer:packetshaper:7.3.0g2:*:*:*:*:*:*:*
cpe:2.3:a:packeteer:packetshaper:7.5.0g1:*:*:*:*:*:*:*
cpe:2.3:a:packeteer:packetshaper:7.5.0g1:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 16-10-2018 - 16:45)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	24048
bugtraq	20070518 Predictable TCP ISN in Packeteer PacketShaper
osvdb	36226
secunia	25344
sreason	2726
vupen	ADV-2007-1891

Last major update

16-10-2018 - 16:45

Published

21-05-2007 - 23:30

Last modified

16-10-2018 - 16:45