CVE-2008-1147 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-1147
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-1147

Description: A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "Algorithm X2"), as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as injection into TCP packets and OS fingerprinting.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/40329 http://xforce.iss.net/xforce/xfdb/41155 SAID Secunia Advisory: SA28819 MISC http://www.securiteam.com/securityreviews/5PP0H0UNGW.html http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf CONFIRM http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c?rev=1.10;contenttype= BUGTRAQ http://seclists.org/bugtraq/2008/Feb/0063.html http://seclists.org/bugtraq/2008/Feb/0052.html http://www.securityfocus.com/archive/1/487658 BID 27647

Return to the previous page.