Lucene search
HistoryAug 17, 2005 - 4:00 a.m.
CVE-2003-1230
freebsd
syn cookies
vulnerability
remote attack
isn guessing
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.009 Low
EPSS
Percentile
82.8%
The implementation of SYN cookies (syncookies) in FreeBSD 4.5 through 5.0-RELEASE-p3 uses only 32-bit internal keys when generating syncookies, which makes it easier for remote attackers to conduct brute force ISN guessing attacks and spoof legitimate traffic.
Affected configurations
Node
freebsdfreebsdMatch4.5release
ORfreebsdfreebsdMatch4.6release
ORfreebsdfreebsdMatch4.7release
ORfreebsdfreebsdMatch4.7stable
ORfreebsdfreebsdMatch5.0release
Related
nvd
nvd
CVE-2003-1230
2003-12-31 05:00:00
cvelist
cvelist
CVE-2003-1230
2005-08-17 04:00:00
cisco
cisco
Cisco IOS Software TCP Initial Sequence Number Randomization Improvements
2001-03-01 02:00:00
openvas
openvas
TCP/IP Predictable TCP Initial Sequence Number Vulnerability
2013-04-22 00:00:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.009 Low
EPSS
Percentile
82.8%
Related for CVE-2003-1230