Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.10201
Category:General
Title:Relative IP Identification number change
Summary:The remote host uses non-random IP IDs, that is, it is; possible to predict the next value of the ip_id field of the ip packets sent by this host.
Description:Summary:
The remote host uses non-random IP IDs, that is, it is
possible to predict the next value of the ip_id field of the ip packets sent by this host.

Vulnerability Impact:
An attacker may use this feature to determine traffic patterns
within your network. A few examples (not at all exhaustive) are:

1. A remote attacker can determine if the remote host sent a packet
in reply to another request. Specifically, an attacker can use your
server as an unwilling participant in a blind portscan of another
network.

2. A remote attacker can roughly determine server requests at certain
times of the day. For instance, if the server is sending much more
traffic after business hours, the server may be a reverse proxy or
other remote access device. An attacker can use this information to
concentrate his/her efforts on the more critical machines.

3. A remote attacker can roughly estimate the number of requests that
a web server processes over a period of time.

Solution:
Contact your vendor for a patch

CVSS Score:
2.6

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:N/A:N

CopyrightCopyright (C) 1999 SecuriTeam

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.