Re: [Openvas-plugins] secpod_tcp_sequence_approx_dos_vuln : id 902815

Wed, 27 Jun 2012 14:25:52 -0700 

i am still fighting with this bug,
the sql base does not store the missing value (cvss and risk factor) :-( 


INSERT INTO "nvts" 
VALUES(14526,'1.3.6.1.4.1.25623.1.0.902815','$Revision: 12953 $','TCP 
Sequence Number Approximation Reset Denial of Service 
Vulnerability','Determine TCP Sequence Number Approximation 
Vulnerability','
  Overview: The host is running TCP services and is prone to denial of 
service

  vulnerability.

  Vulnerability Insight:

  The flaw is triggered when spoofed TCP Reset packets are received by 
the
  targeted TCP stack and will result in loss of availability for the 
attacked

  TCP services.

  Impact:

  Successful exploitation will allow remote attackers to guess sequence 
numbers
  and cause a denial of service to persistent TCP connections by 
repeatedly

  injecting a TCP RST packet.

  Impact Level: System

  Affected Software/OS:
  TCP


  Fix: Please see the referenced advisories for more information on 
obtaining

  and applying fixes.

  References:
  http://www.osvdb.org/4030
  http://xforce.iss.net/xforce/xfdb/15886
  http://www.us-cert.gov/cas/techalerts/TA04-111A.html
  http://www-01.ibm.com/support/docview.wss?uid=isg1IY55949
  http://www-01.ibm.com/support/docview.wss?uid=isg1IY55950
  http://www-01.ibm.com/support/docview.wss?uid=isg1IY62006
  http://www.microsoft.com/technet/security/Bulletin/MS05-019.mspx
  http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx

  
http://www.cisco.com/en/US/products/csa/cisco-sa-20040420-tcp-nonios.html
  
http://www.cisco.com/en/US/products/csa/cisco-sa-20040420-tcp-nonios.html','Copyright 
(C) 2012 
SecPod','CVE-2004-0230','10183','NOXREF','NOTAG','48479FF648DB4530',3,'Denial 
of Service','','');




can someone tell me when(and where) the storage is done ? for me to 
check why the cvss, and risk factor dissapear between plugin_nasl 
script_tag and sqlite3 storage ???



Le 01/06/2012 11:10, Sebastien Aucouturier a écrit :

Hi Team,
can you check this plugin : secpod_tcp_sequence_approx_dos_vuln :
plugin-id 902815 - revision 12953

the 'vuln report for this plugin'  like  'omp get_nvts command with
fulldetail'  does not show cvss and risk factor value,

but looking at the nasl script, they are in ? what's up ?


--
    | Sébastien AUCOUTURIER | Software Design Engineer Lead
    | ITrust | 55 rue l'Occitane BP 67303 31673 LABEGE CEDEX
    | Email: [email protected]
    | Fixe Sdt. 05.67.34.67.80 | Fax. 09.80.08.37.23
    | IT Security Services & SaaS Editor
_______________________________________________
Openvas-plugins mailing list
[email protected]
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins





















					Reply via email to