Bug 954947 (CVE-2001-0328) - VUL-1: CVE-2001-0328: kernel: random increments for TCP initial sequence numbers
Summary: VUL-1: CVE-2001-0328: kernel: random increments for TCP initial sequence numbers
Status: RESOLVED UPSTREAM
Alias: CVE-2001-0328
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P5 - None : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-11-13 12:20 UTC by Marcus Meissner
Modified: 2015-11-13 12:21 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2015-11-13 12:20:48 UTC 
TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN.

ftp://patches.sgi.com/support/free/security/advisories/20030201-01-P

http://www.cert.org/advisories/CA-2001-09.html CA-2001-09

http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4922 
oval:org.mitre.oval:def:4922

http://secunia.com/advisories/8044
http://securityreason.com/securityalert/57
Comment 1 Marcus Meissner 2015-11-13 12:21:59 UTC 
http://www.cert.org/historical/advisories/CA-2001-09.cfm  has this statement:


Linux

The Linux kernel has used a variant of RFC1948 by default since 1996. Please see:
 

    http://lxr.linux.no/source/drivers/char/ChangeLog#L258
    http://lxr.linux.no/source/drivers/char/random.c#L1855 


so it is fixed since 1996 (20 years).