Lucene search
+L

76 matches found

cve
cve
added 2020/03/05 8:56 a.m.57 views

CVE-2019-2317

CVE-2019-2317 is a vulnerability in Qualcomm Snapdragon components where the secret key used to generate the TCP Initial Sequence Number (ISN) in SYN packets can be brute-forced, enabling prediction of ISNs. Affected products include a wide range of Snapdragon platforms (Auto, Compute, Consumer I...

9.8CVSS9.2AI score0.00674EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2020/03/05 8:56 a.m.28 views

CVE-2019-2317

The secret key used to make the Initial Sequence Number in the TCP SYN packet could be brute forced and therefore can be predicted in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

9.4AI score0.00674EPSS
Exploits0References1
osv
osv
added 2018/11/01 1:29 p.m.6 views

CVE-2018-7356

All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number ISN reuse vulnerability, which can generate easily predictable ISN, and allows remote attackers to spoof connections...

7.5CVSS5.8AI score0.00689EPSS
Exploits0References1
openvas
openvas
added 2013/04/22 12:0 a.m.1367 views

TCP/IP Predictable TCP Initial Sequence Number Vulnerability

The remote host has predictable TCP sequence numbers. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.30873EPSS
Exploits2References6
openvas
openvas
added 2009/05/05 12:0 a.m.41 views

HP-UX Update for ARPA Transport HPSBUX00205

Check for the Version of ARPA Transport OpenVAS Vulnerability Test HP-UX Update for ARPA Transport HPSBUX00205 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

5CVSS1.2AI score0.18125EPSS
Exploits0References2
openvas
openvas
added 2009/05/05 12:0 a.m.28 views

HP-UX Update for ARPA Transport HPSBUX00205

Check for the Version of ARPA Transport OpenVAS Vulnerability Test HP-UX Update for ARPA Transport HPSBUX00205 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

5CVSS1.1AI score0.18125EPSS
Exploits0References2
securityvulns
securityvulns
added 2005/07/19 12:0 a.m.101 views

HPSBTU01210 SSRT4743, SSRT4884 rev.0 - HP Tru64 UNIX TCP/IP remote Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBTU01210 REVISION: 0 SSRT4743, SSRT4884 rev.0 - HP Tru64 UNIX TCP/IP remote Denial of Service DoS NOTICE: There are no restrictions for distribution of this Security Bulletin provided that it remains complete and intact. The...

5CVSS0.80675EPSS
Exploits10
nessus
nessus
added 2005/02/16 12:0 a.m.50 views

HP-UX PHNE_25644 : s700_800 11.11 cumulative ARPA Transport patch

s700800 11.11 cumulative ARPA Transport patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of ServiceDo...

5CVSS7.1AI score0.80675EPSS
Exploits10References7
nessus
nessus
added 2002/08/02 12:0 a.m.1581 views

TCP/IP Initial Sequence Number (ISN) Reuse Weakness

The remote host seems to generate Initial Sequence Numbers ISN in a weak manner which seems to solely depend on the source and dest port of the TCP packets. An attacker may exploit this flaw to establish spoofed connections to the remote host. The Raptor Firewall and Novell NetWare are known to b...

7.5CVSS7.3AI score0.06912EPSS
Exploits0References3
cvelist
cvelist
added 2001/09/12 4:0 a.m.17 views

CVE-1999-1150

Livingston Portmaster routers running ComOS use the same initial sequence number ISN for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions...

6.8AI score0.01362EPSS
Exploits0References2
nvd
nvd
added 2001/06/27 4:0 a.m.24 views

CVE-2001-0328

TCP implementations that use random increments for initial sequence numbers ISN can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN...

5CVSS6.5AI score0.18125EPSS
Exploits0References8
securityvulns
securityvulns
added 2001/05/03 12:0 a.m.745 views

Advisory CA-2001-09

-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2001-09 Statistical Weaknesses in TCP/IP Initial Sequence Numbers Original release date: May 01, 2001 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Systems using TCP stacks...

7.5CVSS7.9AI score0.30873EPSS
Exploits1
cert
cert
added 2001/03/13 12:0 a.m.101 views

Multiple TCP/IP implementations may use statistically predictable initial sequence numbers

Overview Attacks against TCP initial sequence number generation have been discussed for some time now. It has long been recognized that the ability to know or predict ISNs can lead to TCP connection hijacking or spoofing. What was not previously illustrated was just how predictable one...

7.4AI score
Exploits0References20
securityvulns
securityvulns
added 2001/03/03 12:0 a.m.37 views

Cisco Security Advisory: Cisco IOS Software TCP Initial Sequence NumberRandomization Improvements

-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: Cisco IOS Software TCP Initial Sequence Number Randomization Improvements Revision 1.0: INTERIM For Public Release 2001 February 28 18:00 US/Pacific UTC+0800 ------------------------------------------------------------------------ Summar...

6.7AI score
Exploits0
exploitpack
exploitpack
added 1999/09/27 12:0 a.m.16 views

Linux Kernel 2.2 - Predictable TCP Initial Sequence Number

Linux Kernel 2.2 - Predictable TCP Initial Sequence Number source: https://www.securityfocus.com/bid/670/info A vulnerability in the Linux kernel allows remote users to guess the initial sequence number of TCP sessions. This can be used to create spoofed TCP sessions bypassing some types of IP...

0.4AI score
Exploits0
exploitdb
exploitdb
added 1999/09/27 12:0 a.m.134 views

Linux Kernel 2.2 - Predictable TCP Initial Sequence Number

source: https://www.securityfocus.com/bid/670/info A vulnerability in the Linux kernel allows remote users to guess the initial sequence number of TCP sessions. This can be used to create spoofed TCP sessions bypassing some types of IP based access controls. The function 'securetcpsequencenumber'...

7.4AI score
Exploits0
Rows per page
Query Builder