NetScreen ScreenOS可预测初始化TCP序列号漏洞发布时间:2002-11-25 更新时间:2002-11-25 严重程度:中 威胁程度:其它 错误类型:设计错误 利用方式:服务器模式 BUGTRAQ ID:6249 受影响系统 NetScreen ScreenOS 3.1.0详细描述 NetScreen报告由ScreenOS生成的TCP序列号可预测,这可以导致使攻击者插入包或者对目标网络会话进行中间人攻击。 利用这个漏洞攻击者必须能访问网络会话通信,即一般需要访问内部网络。 测试代码 尚无 解决方案 升级ScreenOS版本: NetScreen ScreenOS 3.1.0: NetScreen Upgrade ScreenOS 4.0.1 http://www.netscreen.com/support/updates.asp NetScreen ScreenOS 3.0.0: NetScreen Upgrade ScreenOS 4.0.1 http://www.netscreen.com/support/updates.asp NetScreen ScreenOS 1.7: NetScreen Upgrade ScreenOS 4.0.1 http://www.netscreen.com/support/updates.asp NetScreen ScreenOS 2.6: NetScreen Upgrade ScreenOS 4.0.1 http://www.netscreen.com/support/updates.asp NetScreen ScreenOS 2.8: NetScreen Upgrade ScreenOS 4.0.1 http://www.netscreen.com/support/updates.asp NetScreen ScreenOS 4.0: NetScreen Upgrade ScreenOS 4.0.1 http://www.netscreen.com/support/updates.asp 相关信息 Netscreen Security Alert 参考:http://www.netscreen.com/support/alerts/Predictable_TCP_Initial_Sequence_Numbers.html 相关主页:http://www.netscreen.com/index.html |
