IT Pro Today is part of the Informa Tech Division of Informa PLC

INFORMA PLC|ABOUT US|INVESTOR RELATIONS|TALENT

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Documents Online Events Advertise About

Newsletter Sign-Up

Cloud

Recent in Cloud

SEE ALL Cloud

Broadcom CEO Hock Tan giving the VMware Explore 2024 Barcelona keynote

VMWare

Broadcom Advances Private Cloud Vision at VMware Explore 2024 Barcelona Broadcom Advances Private Cloud Vision at VMware Explore 2024 Barcelona

bySean Michael Kerner

Nov 6, 2024

4 Min Read

the word "CLOUD" written on blocks

Cloud Computing

Predictions 2025: Clouds Shift From Riches to RAGs Predictions 2025: Clouds Shift From Riches to RAGs

byForrester Blog Network

Oct 24, 2024

3 Min Read

Recent in OS

See All OS

Windows 11 logo on laptop screen

Microsoft Windows

Exploring eBPF for Windows: Opportunities and Limitations Exploring eBPF for Windows: Opportunities and Limitations

byChristopher Tozzi

Nov 4, 2024

4 Min Read

empty cockpit of autonomous car

Operating Systems

What Is a Real-Time Operating System, and Who Needs One?What Is a Real-Time Operating System, and Who Needs One?

byChristopher Tozzi

Mar 5, 2024

6 Min Read

IT Mgmt

Recent in IT Mgmt

See All IT Mgmt

2 people shaking hands in the cloud

IT Management

A Trusted Tech Partner Can Help Cities, Counties Achieve Digital Vision A Trusted Tech Partner Can Help Cities, Counties Achieve Digital Vision

byMichael Keating, American City & County

Nov 8, 2024

1 Min Read

software developer working on computer

DevOps

How to Maximize DevOps Efficiency with Platform Engineering How to Maximize DevOps Efficiency with Platform Engineering

byChristopher Tozzi

Nov 8, 2024

5 Min Read

Career

Recent in Career

See All Career Mgmt

AI concept art

IT Management

The Rise of the CAIO: How AI Is Transforming the Role of the CIO The Rise of the CAIO: How AI Is Transforming the Role of the CIO

byIndustry Perspectives

Oct 30, 2024

4 Min Read

person opening an envelope containing a pink slip

IT Security

Tech Layoffs and Cybersecurity: Why Downsizing Puts Companies at Greater Threat Tech Layoffs and Cybersecurity: Why Downsizing Puts Companies at Greater Threat

byChristopher Tozzi

Oct 29, 2024

4 Min Read

Storage

Recent in Storage

See All Data Storage

A silver and gray cloud data protection icon showing a cloud with a lock inside of it.

Data Backup

Data Protection Is Critical in the Multi-Cloud Data Protection Is Critical in the Multi-Cloud

byBrandon Taylor

Oct 31, 2024

5 Min View

mainframe

IT Infrastructure

Mainframe Technology Is Far From Obsolete Mainframe Technology Is Far From Obsolete

byIndustry Perspectives

Oct 24, 2024

4 Min Read

Security

Recent in Security

See All IT Security

Capitol building

Regulatory Compliance

What a GOP Sweep of Congress Would Mean for Tech Policy What a GOP Sweep of Congress Would Mean for Tech Policy

byThe Washington Post

Nov 8, 2024

4 Min Read

above hands typing on a keyboard there is an alert icon surrounded by binary code

Vulnerabilities & Threats

Cybersecurity Developments & Priorities: November 2024 Cybersecurity Developments & Priorities: November 2024

byITPro Today Staff

Nov 5, 2024

4 Min Read

Dev

Recent in Dev

See All Software Dev

software developer working on computer

DevOps

How to Maximize DevOps Efficiency with Platform Engineering How to Maximize DevOps Efficiency with Platform Engineering

byChristopher Tozzi

Nov 8, 2024

5 Min Read

DevOps logo on top of code

DevOps

DevOps: Key to Faster, More Efficient Government Software Development DevOps: Key to Faster, More Efficient Government Software Development

byChristopher Tozzi

Nov 6, 2024

4 Min Read

Recent in DX

See All Digital Transformation

data going into and out of a cloud

Hybrid Cloud

Navigating the Challenges of Hybrid IT Environments in the Age of Cloud Repatriation Navigating the Challenges of Hybrid IT Environments in the Age of Cloud Repatriation

byIndustry Perspectives

Oct 11, 2024

5 Min Read

ITPro Today's 2024 IT Priorities Report cover

Career Management

ITPro Today’s 2024 IT Priorities Report ITPro Today’s 2024 IT Priorities Report

byChristopher Tozzi

Sep 25, 2024

1 Min Read

Infrastructure

Recent in Infrastructure

See All Infrastructure

mainframe

IT Infrastructure

Mainframe Technology Is Far From Obsolete Mainframe Technology Is Far From Obsolete

byIndustry Perspectives

Oct 24, 2024

4 Min Read

person holding a certification stamp

IT Infrastructure

Today's Most Valuable Network Certifications for IT Professionals Today's Most Valuable Network Certifications for IT Professionals

byJohn Edwards, Network Computing

Oct 18, 2024

1 Min Read

Newsletters
How To…?
Industry Perspectives
Business Resources
Reports/Research
Online Events

Live Events
Videos
White Papers
Advertise With Us
About Us

Resource Library

Cisco Cloud
Cloud Computing
Private Cloud

Cisco IOS TCP Sequence Predictability

A vulnerability exists in Cisco’s IOS that allows for initial TCP sequence prediction. This vulnerability affects only TCP connections that start from or end at the affected IOS device.

Ken Pfeil

February 28, 2001

1 Min Read

ReportedMarch 1, 2001, by Cisco Systems.

VERSIONS AFFECTED

AllCisco products using the Internetwork Operating System (IOS), including (but notlimited to):

800, 1000, 1005, 1400, 1600, 1700, 2500, 2600, 3600, MC3810, 4000, 4500, 4700, 6200, 6400 NRP, and 6400 NSP series Cisco routers
ubr900 and ubr920 universal broadband routers
Catalyst 2900 ATM, 2900XL, 2948g, 3500XL, 4232, 4840g, and 5000 RSFC series switches
5200, 5300, and 5800 series access servers
Catalyst 6000 MSM, 6000 Hybrid Mode, 6000 Native Mode, 6000 Supervisor Module, and Catalyst ATM Blade
RSM, 7000, 7010, 7100, 7200, ubr7200, 7500, 10000 ESR, and 12000 GSR series Cisco routers
DistributedDirector
Catalyst 8510CSR, 8510MSR, 8540CSR, and 8540MSR series switches

DESCRIPTION

A vulnerability exists in Cisco’s IOS that allowsfor initial TCP sequence prediction. This vulnerability affects only TCPconnections that start from or end at the affected IOS device. Using TCPsequence predictability, an attacker can potentially inject data packets byusing forged source IP addresses, causing potential man-in-the-middle attacks.Under some circumstances, if an attacker knows the SNMP community read-writestrings, he can configure devices remotely without authorization.

VENDOR RESPONSE

Cisco has issueda noticeregarding this vulnerability.

CREDIT
Discovered byCisco Systems.

About the Author

Ken Pfeil

See more from Ken Pfeil

Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

Newsletter Sign-Up

Editor's Choice

the interface of the PowerShell search tool with a hand holding a magnifying glass on a background of a blue sky and clouds in the shape of gears

PowerShell

How I Built My Own PowerShell Multi-File Search Tool

Oct 22, 2024

burnout gif featuring a mannequin surrounded by office technology on fire

Career Tips

Am I Burned Out? How To Identify and Address Burnout in IT

Oct 24, 2024

MLOps

Ops and More

Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?

Oct 23, 2024

Exclusive ITPro Resources

BCDR Basics: A Quick Reference Guide for Business Continuity & Disaster Recovery
Oct 10, 2024
|
1 Min Read
ITPro Today’s 2024 IT Priorities Report
Sep 25, 2024
|
1 Min Read
Tech Careers: Quick Reference Guide to IT Job Titles
Sep 13, 2024
|
1 Min Read
Migrating From VMware: Guide to a Successful Transition
Sep 3, 2024
|
1 Min Read