VULHUB ™

Symantec produces a range of hardware and software firewall products. A number of these products have been reported to have a vulnerability related to the creation of TCP Initial Sequence Numbers (ISNs). Reportedly, vulnerable products will reuse ISN values for connections with the same source and destination IP and port, over a limited time period. An attacker able to gain knowledge of this ISN may spoof new connections from the specified IP address, or inject data into legitimate connections.

Symantec produces a range of hardware and software firewall products. A number of these products have been reported to have a vulnerability related to the creation of TCP Initial Sequence Numbers (ISNs). Reportedly, vulnerable products will reuse ISN values for connections with the same source and destination IP and port, over a limited time period. An attacker able to gain knowledge of this ISN may spoof new connections from the specified IP address, or inject data into legitimate connections.