TCP/IP Initial Sequence Number (ISN) Reuse Weakness

This script is Copyright (C) 2002-2015 Tenable Network Security, Inc.

Synopsis :

The remote device seems to generate predictable TCP Initial Sequence

Description :

The remote host seems to generate Initial Sequence Numbers (ISN) in a weak
manner which seems to solely depend on the source and dest port of the TCP

An attacker may exploit this flaw to establish spoofed connections to the
remote host.

The Raptor Firewall and Novell NetWare are known to be vulnerable to this
flaw, although other network devices may be vulnerable as well.

See also :

Solution :

If you are using a Raptor Firewall, install the TCP security hotfix
described in Symantec's advisory. Otherwise, contact your vendor for
a patch.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.5
Public Exploit Available : true

Family: General

Nessus Plugin ID: 11057 ()

Bugtraq ID: 5387

CVE ID: CVE-2002-1463