Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Advisory Update: ServerIron TCP/IP predictability fixed
From: vision () WHITEHATS COM (Max Vision)
Date: Thu, 16 Mar 2000 19:18:23 -0800

On Tue, 14 Mar 2000, H D Moore wrote:
BeOS 4.0 also has a shoddy tcp/ip stack which increases the ISS by 1 per
connection.   This may been fixed by now, I haven't tested it in over a

I ran across a few systems like this in an audit last year.  As of the
current BeOS release (R4.5.2), the sequence number vulnerability still


Poor ISN generation is an outstanding issue for BeOS.

Max Vision

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]