Linux Kernel UDP Implementation IP Identification Field Remote OS Disclosure

medium Nessus Plugin ID 17841


The remote operating system can be identified based on its UDP implementation.


The remote host appears to be run a version of the Linux kernel that sends UDP responses in which the IP identification field is constant and equal to zero (0).

With this information, an attacker could mount further, more targeted attacks against this host.

Note that RedHat does not consider this a security issue as there are many ways to identify or fingerprint a Linux host.

See Also

Plugin Details

Severity: Medium

ID: 17841

File Name: linux24_udp_id0.nasl

Version: 1.12

Type: remote

Family: General

Published: 1/20/2012

Updated: 10/7/2019

Risk Information


Risk Factor: Low

Score: 1.4


Risk Factor: Medium

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2002-0510


Risk Factor: Medium

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

CPE: cpe:/o:linux:kernel

Required KB Items: Settings/PCI_DSS

Exploit Available: true

Exploit Ease: No exploit is required

Reference Information

CVE: CVE-2002-0510

BID: 4314