漏洞信息详情

Foundry Networks ServerIron TCP/IP序列可预测漏洞

• CNNVD编号：CNNVD-200002-079
• 危害等级： 高危
  
• CVE编号： CVE-2000-0178
• 漏洞类型： 设计错误
• 发布时间： 2000-02-28
• 威胁类型： 远程
• 更新时间： 2006-08-24
• 厂        商： foundrynet
• 漏洞来源： on February 28, 2000.');">This vulnerability...

漏洞简介

Foundry Networks的ServerIron交换机具有可预测的TCP / IP序列号。远程攻击者借助此漏洞可以哄骗或劫持会话。

漏洞公告

Foundry has issued a response to the vulnerabilities descibed. That document is available at: http://www.foundrynet.com/bugTraq.HTML A firmware upgrade, 6.0.03 has been issued which remedies some of the problems presented, as well as adding the ability to run sshd on the machine. A short term solution may be to add ACL's to prevent any machine, except for a trusted one, to connect to the switch. Another possible solution is to disable all services on the switch, and only administer it from its serial console.

参考网址

来源: www.foundrynet.com 链接:http://www.foundrynet.com/bugTraq.HTML 来源: BID 名称: 1017 链接:http://www.securityfocus.com/bid/1017

受影响实体

• Foundrynet Serveriron:5.1.10t12  
• Foundrynet Serveriron:6.0  

补丁

暂无