CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1379 matches found

Cvelist•added 2001/05/07 4:0 a.m.•29 views

CVE-2001-0288

Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers ISNs, which allows remote attackers to spoof or hijack TCP connections...

7.5AI score0.03983EPSS

Exploits0References1

CVE•added 2001/05/07 4:0 a.m.•74 views

CVE-2001-0288

CVE-2001-0288 pertains to Cisco IOS devices (notably switches/routers running IOS 12.1 and earlier) where TCP Initial Sequence Numbers (ISNs) are predictable. The ISN predictability enables remote attackers to spoof or hijack TCP connections, with impact described as partial confidentiality, inte...

7.5CVSS7.5AI score0.03983EPSS

Exploits0References1Affected Software1

NVD•added 2001/05/03 4:0 a.m.•18 views

CVE-2001-0288

Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers ISNs, which allows remote attackers to spoof or hijack TCP connections...

7.5CVSS6.6AI score0.03983EPSS

Exploits0References1

securityvulns•added 2001/05/03 12:0 a.m.•739 views

Advisory CA-2001-09

-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2001-09 Statistical Weaknesses in TCP/IP Initial Sequence Numbers Original release date: May 01, 2001 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Systems using TCP stacks...

7.5CVSS7.9AI score0.28624EPSS

Exploits1

CERT•added 2001/03/13 12:0 a.m.•100 views

Multiple TCP/IP implementations may use statistically predictable initial sequence numbers

Overview Attacks against TCP initial sequence number generation have been discussed for some time now. It has long been recognized that the ability to know or predict ISNs can lead to TCP connection hijacking or spoofing. What was not previously illustrated was just how predictable one...

7.4AI score

Exploits0References20

securityvulns•added 2001/03/03 12:0 a.m.•35 views

Cisco Security Advisory: Cisco IOS Software TCP Initial Sequence NumberRandomization Improvements

-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: Cisco IOS Software TCP Initial Sequence Number Randomization Improvements Revision 1.0: INTERIM For Public Release 2001 February 28 18:00 US/Pacific UTC+0800 ------------------------------------------------------------------------ Summar...

6.7AI score

Exploits0

Cvelist•added 2001/01/22 5:0 a.m.•22 views

CVE-2000-0542

Tigris remote access server before 11.5.4.22 does not properly record Radius accounting information when a user fails the initial login authentication but subsequently succeeds...

6.6AI score0.00556EPSS

Exploits0References3

NVD•added 2001/01/01 5:0 a.m.•23 views

CVE-2001-0162

WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers ISNs, which allows remote attackers to spoof or hijack TCP connections...

7.5CVSS6.7AI score0.07309EPSS

Exploits1References1

NVD•added 2001/01/01 5:0 a.m.•14 views

CVE-2001-0163

Cisco AP340 base station produces predictable TCP Initial Sequence Numbers ISNs, which allows remote attackers to spoof or hijack TCP connections...

4.6CVSS6.7AI score0.00494EPSS

Exploits1References1

Positive Technologies•added 2001/01/01 12:0 a.m.•3 views

PT-2001-1393 · Microsoft · Wince

Name of the Vulnerable Software and Affected Versions: WinCE version 3.0.9348 Description: The issue allows remote attackers to spoof or hijack TCP connections due to the generation of predictable TCP Initial Sequence Numbers ISNs. Recommendations: For WinCE version 3.0.9348, at the moment, there...

7.5CVSS7.5AI score0.07309EPSS

Exploits1References4

Positive Technologies•added 2000/01/21 12:0 a.m.•2 views

PT-2000-1082 · Red Hat · Red Hat

Name of the Vulnerable Software and Affected Versions: Red Hat affected versions not specified Description: The issue is related to the use of DES password encryption with crypt for the initial password in Red Hat installations, instead of using md5 encryption. Recommendations: At the moment, the...

10CVSS6.4AI score0.00251EPSS

Exploits0References2

NVD•added 1999/12/31 5:0 a.m.•12 views

CVE-1999-1233

IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability...

7.5CVSS6.5AI score0.10312EPSS

Exploits1References4

Exploit DB•added 1999/09/27 12:0 a.m.•132 views

Linux Kernel 2.2 - Predictable TCP Initial Sequence Number

source: https://www.securityfocus.com/bid/670/info A vulnerability in the Linux kernel allows remote users to guess the initial sequence number of TCP sessions. This can be used to create spoofed TCP sessions bypassing some types of IP based access controls. The function 'securetcpsequencenumber'...

7.4AI score

Exploits0

exploitpack•added 1999/09/27 12:0 a.m.•14 views

Linux Kernel 2.2 - Predictable TCP Initial Sequence Number

Linux Kernel 2.2 - Predictable TCP Initial Sequence Number source: https://www.securityfocus.com/bid/670/info A vulnerability in the Linux kernel allows remote users to guess the initial sequence number of TCP sessions. This can be used to create spoofed TCP sessions bypassing some types of IP...

0.4AI score

Exploits0

NVD•added 1999/08/24 4:0 a.m.•19 views

CVE-2000-0328

Windows NT 4.0 generates predictable random TCP initial sequence numbers ISN, which allows remote attackers to perform spoofing and session hijacking...

5CVSS6.7AI score0.2262EPSS

Exploits0References3

NVD•added 1998/04/07 4:0 a.m.•9 views

CVE-1999-1505

Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service crash and possibly execute arbitrary commands via a long initial connect packet...

7.5CVSS0.01226EPSS

Exploits0References2