OSVDB ID: 151 Title: TCP/IP IP ID Field Prediction |
Info |
|
|
Dates |
||||
|
|
Description |
This host's TCP/IP stack responds with a predictable IP ID field, allowing an attacker to determine how many packets this machine is sending out. In addition, this host can be used to perform blind port scanning of another host. By spoofing a port scan from this host to a target host, and then continuously polling the IP ID of this system, an attacker can determine which ports are open on the target host. If you are not performing ingress filtering on your gateway devices, this vulnerability could be used to determine hosts and network segments this host has access to. |
Classification |
Exploit:
Exploit Public
|
Solution |
Unknown or Incomplete |
Products |
Unknown or Incomplete |
References |
|
Credit |
Unknown or Incomplete |