{"edition": 1, "title": "Linux Kernel UDP Implementation IP Identification Field Remote OS Disclosure", "bulletinFamily": "software", "published": "2002-03-19T00:00:00", "lastseen": "2017-04-28T13:20:04", "history": [], "modified": "2002-03-19T00:00:00", "reporter": "OSVDB", "hash": "c75197788d60a9a3bc46cb1ae551352ee6de11f8be5e3e334a5b8c675556fff7", "viewCount": 3, "href": "https://vulners.com/osvdb/OSVDB:9587", "description": "# No description provided by the source\n\n## References:\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-03/0225.html\nISS X-Force ID: 8588\n[CVE-2002-0510](https://vulners.com/cve/CVE-2002-0510)\nBugtraq ID: 4314\n", "affectedSoftware": [], "type": "osvdb", "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "4f17509fa83507bf6a76f1c0c39dafb1"}, {"key": "cvss", "hash": "a792e2393dff1e200b885c5245988f6f"}, {"key": "description", "hash": "29684a42b9ea9736975694634b88b871"}, {"key": "href", "hash": "ea992fb830c45824fe9adafd964a7f31"}, {"key": "modified", "hash": "3b12b26ded6abbbec67ef6b8d671bea1"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "3b12b26ded6abbbec67ef6b8d671bea1"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "cab78258baf72e31b5cf8de962669364"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "references": [], "objectVersion": "1.2", "enchantments": {"score": {"vector": "NONE", "value": 5.0}, "vulnersScore": 5.0}, "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/", "score": 5.0}, "cvelist": ["CVE-2002-0510"], "id": "OSVDB:9587"}

{"cve": [{"lastseen": "2016-09-03T03:22:49", "references": ["http://www.securityfocus.com/bid/4314", "http://www.securityfocus.com/archive/1/262840", "http://www.iss.net/security_center/static/8588.php"], "description": "The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux.", "edition": 1, "reporter": "NVD", "published": "2002-08-12T00:00:00", "title": "CVE-2002-0510", "type": "cve", "enchantments": {"score": {"modified": "2016-09-03T03:22:49", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2002-0510"], "scanner": [], "cpe": ["cpe:/o:linux:linux_kernel:2.4.9", "cpe:/o:linux:linux_kernel:2.4.11", "cpe:/o:linux:linux_kernel:2.4.5", "cpe:/o:linux:linux_kernel:2.4.14", "cpe:/o:linux:linux_kernel:2.4.8", "cpe:/o:linux:linux_kernel:2.4.7", "cpe:/o:linux:linux_kernel:2.4.2", "cpe:/o:linux:linux_kernel:2.4.18", "cpe:/o:linux:linux_kernel:2.4.16", "cpe:/o:linux:linux_kernel:2.4.4", "cpe:/o:linux:linux_kernel:2.4.12", "cpe:/o:linux:linux_kernel:2.4.13", "cpe:/o:linux:linux_kernel:2.4.0", "cpe:/o:linux:linux_kernel:2.4.6", "cpe:/o:linux:linux_kernel:2.4.10", "cpe:/o:linux:linux_kernel:2.4.3", "cpe:/o:linux:linux_kernel:2.4.17", "cpe:/o:linux:linux_kernel:2.4.1", "cpe:/o:linux:linux_kernel:2.4.15"], "modified": "2008-09-05T16:28:13", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0510", "id": "CVE-2002-0510", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "f5": [{"lastseen": "2018-03-15T00:53:27", "references": [], "description": "\nF5 Product Development has assigned ID 511059 to this vulnerability.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the** Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | None | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.0.0 - 11.6.3 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP AAM | None | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.4.0 - 11.6.3 | Not vulnerable | None \nBIG-IP AFM | None | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.3.0 - 11.6.3 | Not vulnerable | None \nBIG-IP Analytics | None | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.0.0 - 11.6.3 | Not vulnerable | None \nBIG-IP APM | None | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.0.0 - 11.6.3 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP ASM | None | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.0.0 - 11.6.3 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP DNS | None | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 | Not vulnerable | None \nBIG-IP Edge Gateway | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP GTM | None | 11.0.0 - 11.6.3 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP Link Controller | None | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.0.0 - 11.6.3 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP PEM | None | 13.0.0 - 13.1.0 \n12.0.0 - 12.1.3 \n11.3.0 - 11.6.3 | Not vulnerable | None \nBIG-IP PSM | None | 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP WebAccelerator | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP WOM | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nARX | None | 6.0.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | None | 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0 | Not vulnerable | None \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | Not vulnerable | None \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \niWorkflow | None | 2.0.0 - 2.3.0 | Not vulnerable | None \nLineRate | None | 2.2.0 - 2.5.0 \n1.6.0 - 1.6.4 | Not vulnerable | None \nF5 WebSafe | None | 1.0.0 | Not vulnerable | None \nTraffix SDC | None | 4.0.0 - 4.1.0 \n3.3.2 - 3.5.1 | Not vulnerable | None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n", "edition": 1, "reporter": "f5", "published": "2015-04-20T19:33:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2002-0510", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "affectedSoftware": [], "bulletinFamily": "software", "cvelist": ["CVE-2002-0510"], "modified": "2018-03-15T00:50:00", "href": "https://support.f5.com/csp/article/K16470", "id": "F5:K16470", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-03-19T09:01:46", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "**Note**: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value.\n\nRecommended Action\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n", "reporter": "f5", "published": "2015-04-20T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "SOL16470 - Linux kernel vulnerability CVE-2002-0510", "type": "f5", "bulletinFamily": "software", "cvelist": ["CVE-2002-0510"], "modified": "2015-04-20T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/400/sol16470.html", "id": "SOL16470", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2018-11-17T03:01:14", "references": ["https://seclists.org/bugtraq/2002/Mar/289", "https://access.redhat.com/security/cve/cve-2002-0510"], "pluginID": "17841", "description": "The remote host appears to be run a version of the Linux kernel that sends UDP responses in which the IP identification field is constant and equal to zero (0).\n\nWith this information, an attacker could mount further, more targeted attacks against this host.\n\nNote that RedHat does not consider this a security issue as there are many ways to identify or fingerprint a Linux host.", "edition": 8, "reporter": "Tenable", "published": "2012-01-20T00:00:00", "title": "Linux Kernel UDP Implementation IP Identification Field Remote OS Disclosure", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2002-0510"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/o:linux:kernel"], "id": "LINUX24_UDP_ID0.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=17841", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(17841);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/15 20:50:22\");\n\n script_cve_id(\"CVE-2002-0510\");\n script_bugtraq_id(4314);\n\n script_name(english:\"Linux Kernel UDP Implementation IP Identification Field Remote OS Disclosure\");\n script_summary(english:\"Looks at id identification field in UDP responses\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote operating system can be identified based on its UDP\nimplementation.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host appears to be run a version of the Linux kernel that\nsends UDP responses in which the IP identification field is constant and\nequal to zero (0).\n\nWith this information, an attacker could mount further, more targeted\nattacks against this host.\n\nNote that RedHat does not consider this a security issue as there are\nmany ways to identify or fingerprint a Linux host.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://seclists.org/bugtraq/2002/Mar/289\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2002-0510\"\n );\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_attribute(attribute:\"risk_factor\", value:\"None\" );\n\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2002-0510\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:linux:kernel\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"General\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_require_keys(\"Settings/PCI_DSS\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"snmp_func.inc\");\n\n\nif (!get_kb_item(\"Settings/PCI_DSS\")) audit(AUDIT_PCI);\n\n\n# nb: max number of requests to make. This should be great enough to\n# be reasonably sure we didn't get an id field of 0 by chance and\n# allow for some fragmented packets.\ntries = 5;\n\ncommunity = get_kb_item(\"SNMP/community\");\nif (community)\n{\n port = get_kb_item(\"SNMP/port\");\n if (!port) port = 161;\n if (get_udp_port_state(port))\n {\n soc = open_sock_udp(port);\n if (soc)\n {\n filter = \"src host \" + get_host_ip() + \" and src port \" + port + \" and dst port \" + get_source_port(soc) + \" and udp\";\n\n oid = \"1.3.6.1.2.1.1.1.0\";\n timeout = 2;\n\n seq = make_list(\n ber_put_oid (oid:oid),\n ber_put_null()\n );\n seq = make_list(ber_put_sequence(seq:seq));\n req = ber_put_int (i:snmp_request_id) + # Request Id\n ber_put_int (i:0) + # Error Status: NO ERROR (0)\n ber_put_int (i:0) + # Error Index (0)\n ber_put_sequence (seq:seq); # Object Identifier\n\n req = ber_put_int (i:SNMP_VERSION) + # version\n ber_put_octet_string (string:community) + # community string\n ber_put_get_pdu (pdu:req); # PDU type\n\n req = ber_put_sequence(seq:make_list(req));\n\n # Check several times\n count = 0;\n for (i=0; i<tries; i++)\n {\n send(socket:soc, data:req);\n res = send_capture(socket:soc, data:req, pcap_filter:filter);\n if (isnull(res)) break;\n\n # Look at non-fragmented packets.\n off = get_ip_element(ip:res, element:\"ip_off\");\n if ((off & (~0x4000)) == 0)\n {\n # Check the id.\n id = get_ip_element(ip:res, element:\"ip_id\");\n if (id == 0)\n {\n count++;\n if (count > 2)\n {\n security_note(port:port, proto:\"udp\");\n exit(0);\n }\n }\n else audit(AUDIT_HOST_NOT, 'affected');\n }\n }\n }\n }\n}\n\naudit(AUDIT_HOST_NOT, 'affected');\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}]}