[ale] TCP Sequence Number Approximation Vulnerability
Derek Atkins
warlord at MIT.EDU
Wed Mar 16 10:40:04 EDT 2011
Chris Fowler <cfowler at outpostsentinel.com> writes:
> A security scan on a device running 2.4.24 came up with 'TCP Sequence
> Number Approximation Vulnerability'. Is this fixed in a later kernel.
I'm pretty sure that yes, this was long since been fixed, like years and
years and years ago.
Why are you still running 2.4.x?
> I've googled and am confused. Most posts say it does not matter but I
> do not control the bank running the scanning tool that is spewing FUD.
Basically it will allow an attacker to guess your TCP Sequence Number
and forge a TCP connection, or possibly intercept your existing one.
> Thanks,
> Chris
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord at MIT.EDU PGP key available
More information about the Ale
mailing list