Vulnerability Description
Packeteer PacketShaper uses fixed increments in TCP initial sequence number (ISN) values, which allows remote attackers to predict the ISN value, and perform session hijacking or disruption.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Packeteer | Packetshaper | 7.3.0g2 |
References
- http://osvdb.org/36226
- http://secunia.com/advisories/25344
- http://securityreason.com/securityalert/2726
- http://www.securityfocus.com/archive/1/468972/100/0/threaded
- http://www.securityfocus.com/bid/24048
- http://www.vupen.com/english/advisories/2007/1891
- http://osvdb.org/36226
- http://secunia.com/advisories/25344
- http://securityreason.com/securityalert/2726
- http://www.securityfocus.com/archive/1/468972/100/0/threaded
- http://www.securityfocus.com/bid/24048
- http://www.vupen.com/english/advisories/2007/1891
FAQ
What is CVE-2007-2782?
CVE-2007-2782 is a vulnerability with a CVSS score of 7.5 (HIGH). Packeteer PacketShaper uses fixed increments in TCP initial sequence number (ISN) values, which allows remote attackers to predict the ISN value, and perform session hijacking or disruption.
How severe is CVE-2007-2782?
CVE-2007-2782 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2782?
Check the references section above for vendor advisories and patch information. Affected products include: Packeteer Packetshaper.