| VID |
13003 |
| Severity |
20 |
| Port |
|
| Protocol |
IP |
| Class |
Protocol |
| Detailed Description |
The host uses non-random IP IDs, that is, it is possible to predict the next value of the ip_id field of the ip packets sent by the host.
The id field of an IP packet on this host increments by one unit each time a packet is sent, and an attacker can guess the number of packets sent by the host during a certain time interval. The attacker may use this feature to determine if the host sent a packet in reply to another request. This may be used for stealth port-scanning such as idlescan or ipidscan, and other things.
* References:
http://www.securiteam.com/tools/3G5PWR5QAM.html |
| Recommendation |
Contact your vendor for a patch |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
