I just upgraded my system from Linux 2.4.18 to 2.4.19 and noticed that
the nessus scan produced the following security hole. Reverting to the
2.4.18 kernel removed this message. Does anyone have an opinion on
whether this a valid concern or a false positive?
Thanks in advance for any suggestions.
Dave.
. Vulnerability found on port general/tcp :
The remote host seems to generate Initial Sequence Numbers
(ISN) in a weak maner which seems to solely depend
on the source and dest port of the TCP packets.
The Raptor Firewall is known to be vulnerable to this flaw,
as may others be.
An attacker may use this flaw to establish spoofed connections
to the remote host.
Solution : If you are using a Raptor Firewall, see
http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html
or else contact your vendor for a patch
Risk factor : High
-
[EMAIL PROTECTED]: general discussions about Nessus.
* To unsubscribe, send a mail to [EMAIL PROTECTED] with
"unsubscribe nessus" in the body.
