This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.
It may be possible to predict TCP/IP Initial Sequence Numbers for the
The Linux kernel is prone to a security weakness related to TCP
sequence number generation. Attackers can exploit this issue to inject
arbitrary packets into TCP sessions using a brute-force attack.
An attacker may use this vulnerability to create a denial of service
condition or a man-in-the-middle attack.
Note that this plugin may fire as a result of a network device (such
as a load balancer, VPN, IPS, transparent proxy, etc.) that is
vulnerable and that re-writes TCP sequence numbers, rather than the
host itself being vulnerable.
See also :
Contact the OS vendor for a Linux kernel update / patch.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : true
Nessus Plugin ID: 56283 ()
Bugtraq ID: 49289
CVE ID: CVE-2011-3188
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.