Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2006-1242

Disclosure Date: March 15, 2006
CVE-2006-1242
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

References

Canonical
CVE-2006-1242 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1242)
BID-17109 (http://www.securityfocus.com/bid/17109)
Advisory
http://www.redhat.com/support/errata/RHSA-2006-0437.html
ADV-2006-2554 (http://www.vupen.com/english/advisories/2006/2554)
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.1
20060315 Re: Linux zero IP ID vulnerability? (http://www.securityfocus.com/archive/1/427753/100/0/threaded)
USN-281-1 (https://usn.ubuntu.com/281-1)
SECUNIA-21136 (http://secunia.com/advisories/21136)
SECUNIA-19402 (http://secunia.com/advisories/19402)
20060316 Re: Linux zero IP ID vulnerability? (http://www.securityfocus.com/archive/1/427893/100/0/threaded)
SECUNIA-21983 (http://secunia.com/advisories/21983)
DSA-1097 (http://www.debian.org/security/2006/dsa-1097)
http://www.redhat.com/support/errata/RHSA-2006-0575.html
20060314 Linux zero IP ID vulnerability? (http://www.securityfocus.com/archive/1/427622/100/0/threaded)
http://www.novell.com/linux/security/advisories/2006-05-31.html
SECUNIA-19955 (http://secunia.com/advisories/19955)
20060323 Re: Linux zero IP ID vulnerability? (http://www.securityfocus.com/archive/1/428605/30/6210/threaded)
http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm
DSA-1103 (http://www.debian.org/security/2006/dsa-1103)
SECUNIA-21465 (http://secunia.com/advisories/21465)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10317
ADV-2006-1140 (http://www.vupen.com/english/advisories/2006/1140)
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
SECUNIA-20398 (http://secunia.com/advisories/20398)
SECUNIA-22417 (http://secunia.com/advisories/22417)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:086
SECUNIA-20671 (http://secunia.com/advisories/20671)
SECUNIA-20157 (http://secunia.com/advisories/20157)
SECUNIA-20914 (http://secunia.com/advisories/20914)

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis