FreeBSD 4.1.1 and previous versions, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote malicious users to spoof TCP connections.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freebsd freebsd 2.0 |
||
freebsd freebsd 4.0 |
||
freebsd freebsd 4.1 |
||
freebsd freebsd 4.1.1 |
||
freebsd freebsd 3.0 |