Cisco IOS TCP Sequence Predictability

A vulnerability exists in Cisco’s IOS that allows for initial TCP sequence prediction. This vulnerability affects only TCP connections that start from or end at the affected IOS device.

Ken Pfeil

February 28, 2001

1 Min Read
ITPro Today logo in a gray background | ITPro Today

ReportedMarch 1, 2001, by Cisco Systems.

VERSIONS AFFECTED

AllCisco products using the Internetwork Operating System (IOS), including (but notlimited to):

  • 800, 1000, 1005, 1400, 1600, 1700, 2500, 2600, 3600, MC3810, 4000, 4500, 4700, 6200, 6400 NRP, and 6400 NSP series Cisco routers

  • ubr900 and ubr920 universal broadband routers

  • Catalyst 2900 ATM, 2900XL, 2948g, 3500XL, 4232, 4840g, and 5000 RSFC series switches

  • 5200, 5300, and 5800 series access servers

  • Catalyst 6000 MSM, 6000 Hybrid Mode, 6000 Native Mode, 6000 Supervisor Module, and Catalyst ATM Blade

  • RSM, 7000, 7010, 7100, 7200, ubr7200, 7500, 10000 ESR, and 12000 GSR series Cisco routers

  • DistributedDirector

  • Catalyst 8510CSR, 8510MSR, 8540CSR, and 8540MSR series switches

DESCRIPTION

A vulnerability exists in Cisco’s IOS that allowsfor initial TCP sequence prediction. This vulnerability affects only TCPconnections that start from or end at the affected IOS device. Using TCPsequence predictability, an attacker can potentially inject data packets byusing forged source IP addresses, causing potential man-in-the-middle attacks.Under some circumstances, if an attacker knows the SNMP community read-writestrings, he can configure devices remotely without authorization.

VENDOR RESPONSE

Cisco has issueda noticeregarding this vulnerability.

CREDIT
Discovered byCisco Systems.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like