- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19522
- Проверка EDB
-
- Пройдено
- Автор
- STEALTH & S. KRAHMER
- Тип уязвимости
- REMOTE
- Платформа
- LINUX
- CVE
- cve-2004-0641 cve-2002-1463 cve-2001-1104 cve-2001-0751 cve-2001-0328 cve-2001-0288 cve-2001-0163 cve-2001-0162 cve-2000-0916 cve-1999-0077
- Дата публикации
- 1999-09-27
Linux Kernel 2.2 - Predictable TCP Initial Sequence Number
Код:
source: https://www.securityfocus.com/bid/670/info
A vulnerability in the Linux kernel allows remote users to guess the initial sequence number of TCP sessions. This can be used to create spoofed TCP sessions bypassing some types of IP based access controls.
The function 'secure_tcp_sequence_number' in the file 'drivers/char/random.c' at line 1684 is used to generate the initial sequence number. It used the MD4 hash with a set of inputs to generate the new ISN.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19522.tar.gz- Источник
- www.exploit-db.com
