Symantec Multiple Firewall Predictable TCP ISN Generation

2002-08-02T00:00:00
ID OSVDB:855
Type osvdb
Reporter Kristof Philipsen(kristof.philipsen@ubizen.com)
Modified 2002-08-02T00:00:00

Description

Vulnerability Description

Symantec Firewalls have a flaw that allows a remote attacker to easily predict the TCP sequence numbers. This allows an attacker to more easily spoof packets to appear to come from a trusted host or attempt session hijacking.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Symantec has released a patch to address this vulnerability.

Short Description

Symantec Firewalls have a flaw that allows a remote attacker to easily predict the TCP sequence numbers. This allows an attacker to more easily spoof packets to appear to come from a trusted host or attempt session hijacking.

References:

Vendor Specific Advisory URL Vendor Specific Advisory URL Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html Keyword: Axent ISS X-Force ID: 12836 CVE-2002-1463 Bugtraq ID: 5387