9.4 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
67.0%
The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. (CVE-2002-0510)
Impact
There is no impact; F5 products are not affected by this vulnerability, and F5 does not consider this to be a security issue. There are many ways to identify or fingerprint a system running Linux and various techniques may be used to disguise the operating system. For examples of how to block operating system fingerprinting, refer to A practical approach to defeating Nmap OS-Fingerprinting.
Note: This link takes you to a resource outside of AskF5. The third party could remove the document without our knowledge.
CPE | Name | Operator | Version |
---|---|---|---|
big-ip afm | eq | 11.3.0 | |
big-ip afm | eq | 11.4.0 | |
big-ip afm | eq | 11.4.1 | |
big-ip afm | eq | 11.5.0 | |
big-ip afm | eq | 11.5.1 | |
big-ip afm | eq | 11.5.2 | |
big-ip afm | eq | 11.5.3 | |
big-ip afm | eq | 11.5.4 | |
big-ip afm | eq | 11.5.5 | |
big-ip afm | eq | 11.6.0 |