VULHUB ™

HERT Advisory #3 - The way FreeBSD handles random sequence number incrementing is weak. With 3 consecutive random increments captured from the responses of 4 SYN packets sent to the target, an attacker can rebuild the random state of the remote machine, and predict the next sequence number. Includes proof of concept code.

HERT Advisory #3 - The way FreeBSD handles random sequence number incrementing is weak. With 3 consecutive random increments captured from the responses of 4 SYN packets sent to the target, an attacker can rebuild the random state of the remote machine, and predict the next sequence number. Includes proof of concept code.