Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Version 2.2 - CVE-2002-1463

    General pfSense Questions
    6
    9
    2894
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Mike_OF last edited by

      Hi All,

      Had to upgrade my "No known issues" 2.1.5 to 2.2 because as the EOL 8.x FreeBSD base was causing us to now fail PCI scans. This issue has been replaced with a failure due to CVE-2002-1463 - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1463.

      "Description: TCP/IP Initial Sequence Number (ISN) Reuse Weakness

      Synopsis: The remote device seems to generate predictable TCP Initial Sequence Numbers.

      Impact: The remote host seems to generate Initial Sequence Numbers (ISN) in a weak manner which seems to solely depend on the source and dest port of the TCP packets.

      An attacker may exploit this flaw to establish spoofed connections to the remote host."

      There any known fix available for this?

      1 Reply Last reply Reply Quote 0
      • K
        kejianshi last edited by

        Didn't see pfsense or bsd in the list:

        Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.

        1 Reply Last reply Reply Quote 0
        • M
          Mike_OF last edited by

          Looks like the scanner is now detecting the OS as OpenBSD 4.0 so may be just assuming that it's vulnerable. Which is a bit ####.

          I've now tested it with NMAP and am getting a difficulty > 250 so the scanner really looks to be wrong.

          I'll query it with the testing company and come back if they have any evidence of vulnerability to back up their fail stamp, in the mean time apologies for the noise.

          1 Reply Last reply Reply Quote 0
          • K
            kejianshi last edited by

            Cool - I'm not the expert of all here, by far.
            However, I didn't see that there was a recent CVE related to the strength of the randomness of TCP Initial Sequence Numbers for Free BSD for 10.1 or pfsense.

            So yeah - I was wondering if there wasn't a mistake.

            1 Reply Last reply Reply Quote 0
            • jimp
              jimp Rebel Alliance Developer Netgate last edited by

              If you have port forwards or some other traffic forwarded to something else that is vulnerable, it could be flagging that and not the firewall itself.

              1 Reply Last reply Reply Quote 0
              • C
                cdburgess75 last edited by

                I got that too, but only after installing haproxy

                1 Reply Last reply Reply Quote 0
                • C
                  cmb last edited by

                  @Mike_OF:

                  Looks like the scanner is now detecting the OS as OpenBSD 4.0 so may be just assuming that it's vulnerable. Which is a bit ####.

                  Yes, that's why. False positive, as OS identification isn't very accurate when you don't have any closed ports that reply. It is indeed a bit "####".  :)

                  1 Reply Last reply Reply Quote 0
                  • W
                    walbog last edited by

                    Yes, that's why. False positive, as OS identification isn't very accurate when you don't have any closed ports that reply.

                    From the description of the original poster mike_of: i'm almost certain, it's a nessus-message…. thats why...  ;)

                    1 Reply Last reply Reply Quote 0
                    • C
                      cmb last edited by

                      @walbog:

                      From the description of the original poster mike_of: i'm almost certain, it's a nessus-message…. thats why...  ;)

                      Well, that too. ;) Yeah it is Nessus. Not that any other vulnerability scanner is better in that regard, they all seem to report their fair share of absurdity.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post

                      Products

                      • Platform Overview
                      • TNSR
                      • pfSense
                      • Appliances

                      Services

                      • Training
                      • Professional Services

                      Support

                      • Subscription Plans
                      • Contact Support
                      • Product Lifecycle
                      • Documentation

                      News

                      • Media Coverage
                      • Press
                      • Events

                      Resources

                      • Blog
                      • FAQ
                      • Find a Partner
                      • Resource Library
                      • Security Information

                      Company

                      • About Us
                      • Careers
                      • Partners
                      • Contact Us
                      • Legal
                      Our Mission

                      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                      Subscribe to our Newsletter

                      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                      © 2021 Rubicon Communications, LLC | Privacy Policy