SecuritySpace - CVE-2015-3963

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2015-3963

Description: Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-3963
BugTraq ID: 75302
http://www.securityfocus.com/bid/75302
https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01
https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A
http://www.securitytracker.com/id/1032730
http://www.securitytracker.com/id/1033181

CVE ID:	CVE-2015-3963
Description:	Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3963 BugTraq ID: 75302 http://www.securityfocus.com/bid/75302 https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01 https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A http://www.securitytracker.com/id/1032730 http://www.securitytracker.com/id/1033181