|
Family: Firewalls --> Category: infos
Remote host replies to SYN+FIN Vulnerability Scan
Vulnerability Scan Summary Sends a SYN+FIN packet and expects a SYN+ACK
Detailed Explanation for this Vulnerability Test
Synopsis :
It may be possible to bypass firewall rules
Description :
The remote host does not discard TCP SYN packets which have
the FIN flag set.
Depending on the kind of firewall you are using, a possible hacker
may use this flaw to bypass its rules.
See also :
http://archives.neohapsis.com/archives/bugtraq/2002-10/0266.html
http://www.kb.cert.org/vuls/id/464113
Solution :
Contact your vendor for a patch
Threat Level:
None / CVSS Base Score : 0
(AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|