SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Other)  >   VxWorks Vendors:   Intel, Wind River
VxWorks Predictable TCP Sequence Number Generation Lets Remote Users Deny Service or Spoof Connections
SecurityTracker Alert ID:  1033181
SecurityTracker URL:  http://securitytracker.com/id/1033181
CVE Reference:   CVE-2001-0328, CVE-2015-3963   (Links to External Site)
Date:  Aug 5 2015
Impact:   Denial of service via network, Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 6.6 and prior versions (except 5.5.1 with PNE2.2 and 6.0 - 6.4), 6.7.x prior to 6.7.1.1, 6.8 prior to 6.8.3, 6.9 prior to 6.9.4.4, 7.x prior to February 13, 2015
Description:   A vulnerability was reported in VxWorks. A remote user can cause denial of service conditions on the target system. A remote user can spoof TCP connections.

The system generates predictable TCP initial sequence numbers. A remote user may be able to predict the TCP initial sequence numbers from previous generated values to disrupt or spoof TCP connections.

The original advisory is available at:

https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01

Steve Bellovin of AT&T Labs, Tim Newsham of Guardent, Inc., BindView, and Niels Provohs reported this vulnerability as it applies to many TCP implementations in general. Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech (via a research project partially sponsored by the Georgia Tech National Electric Energy Testing Research and Applications Center) reported this vulnerability as it applies specifically to the Wind River VxWorks TCP implementation.

Impact:   A remote user can tear down or disrupt TCP connections.

A remote user can spoof TCP connection.

Solution:   The vendor has issued a fix (6.7.1.1, 6.8.3, 6.9.4.4, 7.x on February 13, 2015).
Vendor URL:  www.windriver.com/ (Links to External Site)
Cause:   Randomization error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC