Linux Kernel UDP Implementation IP Identification Field Remote OS Disclosure

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote operating system can be identified based on its UDP
implementation.

Description :

The remote host appears to be run a version of the Linux kernel that
sends UDP responses in which the IP identification field is constant and
equal to zero (0).

With this information, an attacker could mount further, more targeted
attacks against this host.

Note that RedHat does not consider this a security issue as there are
many ways to identify or fingerprint a Linux host.

See also :

http://archives.neohapsis.com/archives/bugtraq/2002-03/0225.html
http://www.redhat.com/security/data/cve/CVE-2002-0510.html

Solution :

n/a

Risk factor :

None

Family: General

Nessus Plugin ID: 17841 ()

Bugtraq ID: 4314

CVE ID: CVE-2002-0510

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial