3255 matches found
TCP/IP Predictable ISN (Initial Sequence Number) Generation Weakness
The remote host has predictable TCP sequence numbers. An attacker may use this flaw to establish spoofed TCP connections to this host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10443; scriptversion"1.31"; scriptcvsdate"Date: 2019/03/06 18:38:55"; scriptcveid...
PT-2002-2656 · Pingtel · Pingtel Xpressa
Name of the Vulnerable Software and Affected Versions: Pingtel Xpressa versions 1.2.5 through 2.0.1 Description: The issue allows remote attackers to avoid registering with the SIP registrar by exploiting predictable values in a Session Identification Protocol SIP request, specifically the Call-I...
NetScreen multiple bugs
Predictable TCP initial sequence numbers, DoS...
Predictable TCP Initial Sequence Numbers
Title: NetScreen Security Alert 51897 Date: 25 November 2002 Description: Predictable TCP Initial Sequence Numbers Impact: Circumvention of Defined Security Policies Affected Products: All firewall/VPN appliances and systems Affected Software Releases: ScreenOS 1.7, 2.6, 2.8, 3.0, 3.1, 4.0 Summar...
iDEFENSE Security Advisory 10.01.02: Sendmail smrsh bypass vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 10.01.02 Sendmail smrsh bypass vulnerabilities DESCRIPTION It is possible for an attacker to bypass the restrictions imposed by The Sendmail Consortium’s Restricted Shell SMRSH and execute a binary of his choosing by inserti...
Strange Attractors and TCP/IP Sequence Number Analysis - One Year Later
Hello, Over a year ago, I published a paper that attempted to analyze the randomness of PRNGs used in TCP/IP stacks on several operating systems. The approach I've chosen resulted in detecting some non-trivial dependencies in several generators, and some amusing 3D pictures. The original RAZOR...
Abyss Web Server 1.0 - Encoded Backslash Directory Traversal
source: https://www.securityfocus.com/bid/5547/info A directory traversal vulnerability has been reported for Abyss Web Server. The issue is related to the failure to properly process the backslash '', encoded as '%5c', character, which may be used as a directory delimiter under these platforms...
Security Advisory: Raptor Firewall Weak ISN Vulnerability
+==================================================================+ | Ubizen Security Advisory: Raptor Firewall Weak ISN Vulnerability | +==================================================================+ | [email protected] Friday August 02, 2002 |...
TCP/IP Initial Sequence Number (ISN) Reuse Weakness
The remote host seems to generate Initial Sequence Numbers ISN in a weak manner which seems to solely depend on the source and dest port of the TCP packets. An attacker may exploit this flaw to establish spoofed connections to the remote host. The Raptor Firewall and Novell NetWare are known to b...
CVE-2002-0197
Technical details (affected products, versions, vulnerabilities, exploitation) are not publicly provided in the connected documents. Monitor for updates.
AdvServer DoS
Title: AdvServer DoS Date: 21.06.02 Author: elab http://elaboration.8bit.co.uk Software: AdvServer Platform: Win32 Tested: Version 1.030000 Vendor: WWW: http://gamecheats.ws Contacted on: 30 May 02 Via: [email protected] && website Response: Within 2 days WARNING: This advisory has NOTHING to do...
Cisco IOS TCP Sequence Prediction Connection Hijacking (CSCds04747)
Cisco IOS Software contains a flaw that permits the successful prediction of TCP Initial Sequence Numbers. This vulnerability is present in all released versions of Cisco IOS software running on Cisco routers and switches. It only affects the security of TCP connections that originate or terminat...
2 security problem Quantum SNAP server
2 security problem Quantum SNAP server Problem first discoverd:2001.8.10 Discoverd by: awacs@hawkeye Published: 2002.5.30 I had found 2 security problem on Quantum SNAP server. SNAP server is Network Area Strage server. Tested machine SNAPserver4100/160G Problem 1 : incleasing sequence number. I...
Few bugs in Quantum SNAP
Weak initial TCP sequence number generation, DoS...
CVE-2001-1104
SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions...
CVE-2001-1104
SonicWALL SOHO is affected by CVE-2001-1104 due to predictable TCP Initial Sequence Numbers, enabling remote attackers to spoof/hijack sessions. The vulnerability affects the firewall component handling TCP connections; exploitation could allow session hijacking without user interaction. A remedi...
CVE-2001-0751
Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers ISN, which allows remote attackers to spoof or hijack TCP connections...
Многочисленные дырки в Alcatel 4400 PBX (multiple bugs)
Пароли по-умолчанию, предсказуемые номера TCP-последовательности, слабые разрешения на файлы и т.д...
CVE-2001-0751
Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers ISN, which allows remote attackers to spoof or hijack TCP connections...
CVE-1999-1150
Livingston Portmaster routers running ComOS use the same initial sequence number ISN for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions...