Lucene search
HistoryDec 19, 2000 - 5:00 a.m.
CVE-2000-0916
freebsd
tcp
sequence number
spoofing
vulnerability
nvd
cve-2000-0916
isn
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.6%
FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP connections.
Affected configurations
Node
freebsdfreebsdMatch2.0
ORfreebsdfreebsdMatch3.0
ORfreebsdfreebsdMatch4.0
ORfreebsdfreebsdMatch4.1
ORfreebsdfreebsdMatch4.1.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| freebsd:freebsd | freebsd | eq | 2.0 |
| freebsd:freebsd | freebsd | eq | 3.0 |
| freebsd:freebsd | freebsd | eq | 4.0 |
| freebsd:freebsd | freebsd | eq | 4.1 |
| freebsd:freebsd | freebsd | eq | 4.1.1 |
Related
nvd
nvd
CVE-2000-0916
2000-12-19 05:00:00
cvelist
cvelist
CVE-2000-0916
2000-11-29 05:00:00
securityvulns
securityvulns
Advisory CA-2001-09
2001-05-03 00:00:00
nessus
nessus
TCP/IP Predictable ISN (Initial Sequence Number) Generation Weakness
2003-03-03 00:00:00
openvas
openvas
TCP/IP Predictable TCP Initial Sequence Number Vulnerability
2013-04-22 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.6%
Related for CVE-2000-0916