CVE-2001-0328
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/06/2001
Last modified:
03/04/2025
Description
TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
References to Advisories, Solutions, and Tools
- ftp://patches.sgi.com/support/free/security/advisories/20030201-01-P
- http://secunia.com/advisories/8044
- http://securityreason.com/securityalert/57
- http://www.cert.org/advisories/CA-2001-09.html
- http://www.securityfocus.com/bid/2682
- http://www.securitytracker.com/id/1033181
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4922
- https://support.f5.com/csp/article/K19063943?utm_source=f5support&%3Butm_medium=RSS
- ftp://patches.sgi.com/support/free/security/advisories/20030201-01-P
- http://secunia.com/advisories/8044
- http://securityreason.com/securityalert/57
- http://www.cert.org/advisories/CA-2001-09.html
- http://www.securityfocus.com/bid/2682
- http://www.securitytracker.com/id/1033181
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4922
- https://support.f5.com/csp/article/K19063943?utm_source=f5support&%3Butm_medium=RSS