Vulnerability Description
TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN.
CVSS Score
MEDIUM
References
- ftp://patches.sgi.com/support/free/security/advisories/20030201-01-P
- http://secunia.com/advisories/8044
- http://securityreason.com/securityalert/57
- http://www.cert.org/advisories/CA-2001-09.htmlPatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/2682
- http://www.securitytracker.com/id/1033181
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://support.f5.com/csp/article/K19063943?utm_source=f5support&%3Butm_medi
- ftp://patches.sgi.com/support/free/security/advisories/20030201-01-P
- http://secunia.com/advisories/8044
- http://securityreason.com/securityalert/57
- http://www.cert.org/advisories/CA-2001-09.htmlPatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/2682
- http://www.securitytracker.com/id/1033181
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2001-0328?
CVE-2001-0328 is a vulnerability with a CVSS score of 5.0 (MEDIUM). TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ...
How severe is CVE-2001-0328?
CVE-2001-0328 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0328?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.