[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Two kernel security questions

Hello List,

I have been asked to respond to the following two potential security 
problems for my Debian (woody) servers and I am looking for solid 
reference material.  I am running a custom 2.4.18 kernel.

For this seqport problem I have not been able to find any data as to my 
systems vunerability.  I am sure that I do not have a problem, but I 
need to answer with published details.
Name: CVE-1999-0074
Reference: XF:seqport

Listening TCP ports are sequentially allocated, allowing spoofing

For the tcp-seq-predict problem I have found-
which seem to indicate that the problem was fixed in or about the 
2.2.13 kernel time period.  Is this really the case?
Name: CVE-1999-0077
Reference: XF:tcp-seq-predict

Predictable TCP sequence numbers allow spoofing.

Thanks for any help,


Reply to: