Linux kernel 2.2 Predictable TCP Initial Sequence Number Vulnerability

1999-09-27T00:00:00
ID EDB-ID:19522
Type exploitdb
Reporter Stealth and S. Krahmer
Modified 1999-09-27T00:00:00

Description

Linux kernel 2.2 Predictable TCP Initial Sequence Number Vulnerability. CVE-1999-0077 ,CVE-2000-0916,CVE-2001-0162,CVE-2001-0163,CVE-2001-0288,CVE-2001-0328...

                                        
                                            source: http://www.securityfocus.com/bid/670/info

A vulnerability in the Linux kernel allows remote users to guess the initial sequence number of TCP sessions. This can be used to create spoofed TCP sessions bypassing some types of IP based access controls.

The function 'secure_tcp_sequence_number' in the file 'drivers/char/random.c' at line 1684 is used to generate the initial sequence number. It used the MD4 hash with a set of inputs to generate the new ISN. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19522.tar.gz