Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-3188

Опубликовано: 07 авг. 2011
Источник: redhat
CVSS2: 5.8
EPSS Низкий

Описание

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

Отчет

This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, 6, and Red Hat Enterprise MRG. It has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1386.html, https://rhn.redhat.com/errata/RHSA-2011-1465.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4kernelWill not fix
Red Hat Enterprise Linux 5kernelFixedRHSA-2011:138620.10.2011
Red Hat Enterprise Linux 5.6 EUS - Server OnlykernelFixedRHSA-2011:141901.11.2011
Red Hat Enterprise Linux 6kernelFixedRHSA-2011:146522.11.2011
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2012:001010.01.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=732658kernel: net: improve sequence number generation

EPSS

Процентиль: 84%
0.023
Низкий

5.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-3188

CVSS3: 9.1
ubuntu
больше 13 лет назад

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

nvd логотип

CVE-2011-3188

CVSS3: 9.1
nvd
больше 13 лет назад

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

debian логотип

CVE-2011-3188

CVSS3: 9.1
debian
больше 13 лет назад

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3 ...

github логотип

GHSA-93rr-wh56-p8fw

CVSS3: 9.1
github
больше 3 лет назад

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

fstec логотип

BDU:2015-04359

fstec
около 14 лет назад

Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить доступность защищаемой информации

EPSS

Процентиль: 84%
0.023
Низкий

5.8 Medium

CVSS2