NetScreen multiple bugs

Predictable TCP initial sequence numbers, DoS...

iDEFENSE Security Advisory 10.01.02: Sendmail smrsh bypass vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 10.01.02 Sendmail smrsh bypass vulnerabilities DESCRIPTION It is possible for an attacker to bypass the restrictions imposed by The Sendmail Consortium’s Restricted Shell SMRSH and execute a binary of his choosing by inserti...

Strange Attractors and TCP/IP Sequence Number Analysis - One Year Later

Hello, Over a year ago, I published a paper that attempted to analyze the randomness of PRNGs used in TCP/IP stacks on several operating systems. The approach I've chosen resulted in detecting some non-trivial dependencies in several generators, and some amusing 3D pictures. The original RAZOR...

Abyss Web Server 1.0 - Encoded Backslash Directory Traversal

source: https://www.securityfocus.com/bid/5547/info A directory traversal vulnerability has been reported for Abyss Web Server. The issue is related to the failure to properly process the backslash '', encoded as '%5c', character, which may be used as a directory delimiter under these platforms...

Security Advisory: Raptor Firewall Weak ISN Vulnerability

+==================================================================+ | Ubizen Security Advisory: Raptor Firewall Weak ISN Vulnerability | +==================================================================+ | [email protected] Friday August 02, 2002 |...

TCP/IP Initial Sequence Number (ISN) Reuse Weakness

The remote host seems to generate Initial Sequence Numbers ISN in a weak manner which seems to solely depend on the source and dest port of the TCP packets. An attacker may exploit this flaw to establish spoofed connections to the remote host. The Raptor Firewall and Novell NetWare are known to b...

CVE-2002-0197

Technical details (affected products, versions, vulnerabilities, exploitation) are not publicly provided in the connected documents. Monitor for updates.

AdvServer DoS

Title: AdvServer DoS Date: 21.06.02 Author: elab http://elaboration.8bit.co.uk Software: AdvServer Platform: Win32 Tested: Version 1.030000 Vendor: WWW: http://gamecheats.ws Contacted on: 30 May 02 Via: [email protected] && website Response: Within 2 days WARNING: This advisory has NOTHING to do...

Cisco IOS TCP Sequence Prediction Connection Hijacking (CSCds04747)

Cisco IOS Software contains a flaw that permits the successful prediction of TCP Initial Sequence Numbers. This vulnerability is present in all released versions of Cisco IOS software running on Cisco routers and switches. It only affects the security of TCP connections that originate or terminat...

Few bugs in Quantum SNAP

Weak initial TCP sequence number generation, DoS...

2 security problem Quantum SNAP server

2 security problem Quantum SNAP server Problem first discoverd:2001.8.10 Discoverd by: awacs@hawkeye Published: 2002.5.30 I had found 2 security problem on Quantum SNAP server. SNAP server is Network Area Strage server. Tested machine SNAPserver4100/160G Problem 1 : incleasing sequence number. I...

CVE-2001-1104

SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions...

CVE-2001-1104

SonicWALL SOHO is affected by CVE-2001-1104 due to predictable TCP Initial Sequence Numbers, enabling remote attackers to spoof/hijack sessions. The vulnerability affects the firewall component handling TCP connections; exploitation could allow session hijacking without user interaction. A remedi...

CVE-2001-0751

Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers ISN, which allows remote attackers to spoof or hijack TCP connections...

Многочисленные дырки в Alcatel 4400 PBX (multiple bugs)

Пароли по-умолчанию, предсказуемые номера TCP-последовательности, слабые разрешения на файлы и т.д...

CVE-2001-0751

Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers ISN, which allows remote attackers to spoof or hijack TCP connections...

CVE-1999-1150

Livingston Portmaster routers running ComOS use the same initial sequence number ISN for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions...

CVE-1999-1442

Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service crash via a particular sequence of instructions, possibly related to accessing addresses outside of segments...

Weak TCP Sequence Numbers in Sonicwall SOHO Firewall

This may not seem bad, but to me it seems that this defeats the point of NAT if somebody can steal your sessions. Note the section on TCP sequence prediction. This was a Sonicwall SOHO firewall. ======= Host 192.168.1.254 appears to be up ... good. Initiating SYN half-open stealth scan against...

CVE-2001-1104

SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions...