Linux Kernel UDP Implementation IP Identification Field Remote OS Disclosure

medium Nessus Plugin ID 17841

Synopsis

The remote operating system can be identified based on its UDP implementation.

Description

The remote host appears to be run a version of the Linux kernel that sends UDP responses in which the IP identification field is constant and equal to zero (0).

With this information, an attacker could mount further, more targeted attacks against this host.

Note that RedHat does not consider this a security issue as there are many ways to identify or fingerprint a Linux host.

See Also

https://seclists.org/bugtraq/2002/Mar/289

https://access.redhat.com/security/cve/cve-2002-0510

Plugin Details

Severity: Medium

ID: 17841

File Name: linux24_udp_id0.nasl

Version: 1.12

Type: remote

Family: General

Published: 1/20/2012

Updated: 10/7/2019

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2002-0510

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

CPE: cpe:/o:linux:kernel

Required KB Items: Settings/PCI_DSS

Exploit Available: true

Exploit Ease: No exploit is required

Reference Information

CVE: CVE-2002-0510

BID: 4314