OSVDB ID: 151

Title: TCP/IP IP ID Field Prediction

Info

Disclosure

Mar 15, 1999

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

This host's TCP/IP stack responds with a predictable IP ID field, allowing an attacker to determine how many packets this machine is sending out. In addition, this host can be used to perform blind port scanning of another host. By spoofing a port scan from this host to a target host, and then continuously polling the IP ID of this system, an attacker can determine which ports are open on the target host. If you are not performing ingress filtering on your gateway devices, this vulnerability could be used to determine hosts and network segments this host has access to.

Classification

Exploit: Exploit Public

Solution

Unknown or Incomplete

Products

Unknown or Incomplete

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/151