5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.032 Low
EPSS
Percentile
91.1%
The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16
increments the IP ID field when sending a RST after receiving unsolicited
TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan
(nmap -sI) attack, which bypasses intended protections against such
attacks.