Linux Kernel UDP Implementation IP Identification Field Remote OS Disclosure

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote operating system can be identified based on its UDP
implementation.

Description :

The remote host appears to be run a version of the Linux kernel that
sends UDP responses in which the IP identification field is constant and
equal to zero (0).

With this information, an attacker could mount further, more targeted
attacks against this host.

Note that RedHat does not consider this a security issue as there are
many ways to identify or fingerprint a Linux host.

See also :

http://archives.neohapsis.com/archives/bugtraq/2002-03/0225.html
http://www.redhat.com/security/data/cve/CVE-2002-0510.html

Solution :

n/a

Risk factor :

None

Family: General

Nessus Plugin ID: 17841 ()

Bugtraq ID: 4314

CVE ID: CVE-2002-0510