Published: 27/06/2001 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote malicious users to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN.

Cisco IOS® Software contains a flaw that permits the successful prediction of TCP Initial Sequence Numbers This vulnerability is present in all released versions of Cisco IOS software running on Cisco routers and switches It only affects the security of TCP connections that originate or terminate on the affected Cisco device itself; ...

source: wwwsecurityfocuscom/bid/670/info A vulnerability in the Linux kernel allows remote users to guess the initial sequence number of TCP sessions This can be used to create spoofed TCP sessions bypassing some types of IP based access controls The function 'secure_tcp_sequence_number' in the file 'drivers/char/randomc' at line 1684 ...

NVD-CWE-Other http://www.cert.org/advisories/CA-2001-09.html ftp://patches.sgi.com/support/free/security/advisories/20030201-01-P http://securityreason.com/securityalert/57 http://secunia.com/advisories/8044 http://www.securityfocus.com/bid/2682 http://www.securitytracker.com/id/1033181 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4922 https://support.f5.com/csp/article/K19063943?utm_source=f5support&%3Butm_medium=RSS https://nvd.nist.gov https://www.exploit-db.com/exploits/19522/http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20010301-ios-tcp-isn-random https://www.kb.cert.org/vuls/id/498440

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2001-0328

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect