Vulnerability-Lookup

CVE-2011-3188 (GCVE-0-2011-3188)

Vulnerability from cvelistv5 – Published: 2012-05-24 23:00 – Updated: 2024-08-06 23:22

Summary

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

FKIE_CVE-2011-3188

Vulnerability from fkie_nvd - Published: 2012-05-24 23:55 - Updated: 2025-04-11 00:51

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Summary

References

URL	Tags
secalert@redhat.com	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
secalert@redhat.com	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f
secalert@redhat.com	http://marc.info/?l=bugtraq&m=139447903326211&w=2	Mailing List, Third Party Advisory
secalert@redhat.com	http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1	Mailing List, Patch, Vendor Advisory
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/08/23/2	Mailing List, Patch, Third Party Advisory
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=732658	Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com	https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec	Patch, Third Party Advisory
secalert@redhat.com	https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f	Patch, Third Party Advisory
secalert@redhat.com	https://support.f5.com/csp/article/K15301?utm_source=f5support&amp%3Butm_medium=RSS
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=139447903326211&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1	Mailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/08/23/2	Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=732658	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K15301?utm_source=f5support&amp%3Butm_medium=RSS

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
redhat	enterprise_linux	4.0
f5	arx	*
f5	big-ip_access_policy_manager	*
f5	big-ip_access_policy_manager	*
f5	big-ip_analytics	*
f5	big-ip_application_security_manager	*
f5	big-ip_application_security_manager	*
f5	big-ip_edge_gateway	*
f5	big-ip_edge_gateway	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_global_traffic_manager	*
f5	big-ip_link_controller	*
f5	big-ip_link_controller	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_local_traffic_manager	*
f5	big-ip_protocol_security_module	*
f5	big-ip_protocol_security_module	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_wan_optimization_manager	*
f5	big-ip_webaccelerator	*
f5	big-ip_webaccelerator	*
f5	enterprise_manager	*
f5	enterprise_manager	3.0.0
f5	firepass	*
f5	firepass	7.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "156989A4-23D9-434A-B512-9C0F3583D13D",
              "versionEndExcluding": "3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:arx:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F20E6644-F925-4283-AD92-7B0696F52310",
              "versionEndIncluding": "6.4.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0483E71B-931F-4566-AD6F-D5ABF64FFA06",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47A1E3F1-F319-4A75-9211-29B273E76F03",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EDED2D2-B85B-4680-9970-A6CE3343422C",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06D3514D-B1C2-4304-96DA-A84847104AF6",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "142D050F-0D22-4D21-AB14-3AD0500A6D3F",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFC44375-AF21-4438-9FF9-244095DEA2B7",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "412829BD-A98B-4AD5-8B93-2C4C20AC15D8",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF7C328A-E18A-425E-B38F-996CC96D402E",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1DB046D-1AC3-4F5C-95BF-31BBCE1C44BE",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
              "versionEndIncluding": "10.2.4",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD1D6A6-50A8-4794-8C7B-E3C3BC48A262",
              "versionEndIncluding": "11.1.0",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ADD1B04-9F78-40B3-8314-6935277073B0",
              "versionEndIncluding": "2.3.0",
              "versionStartIncluding": "2.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15CE213B-F42C-4C2E-AFBD-852AB049FF8A",
              "versionEndIncluding": "6.1.0",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:firepass:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "442D343A-973B-4C33-B99B-1EA2B7670DE5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets."
    },
    {
      "lang": "es",
      "value": "Las implementaciones de (1) IPv4 y (2) IPv6 en el kernel de Linux antes de v3.1 utiliza una versi\u00f3n modificada de algoritmo MD4 para generar n\u00fameros de secuencia y valores de los fragmentos de identificaci\u00f3n, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes remotos causar una denegaci\u00f3n de servicio (red interrumpida) o secuestrar sesiones de red mediante la predicci\u00f3n de estos valores y el env\u00edo de paquetes manipulados."
    }
  ],
  "id": "CVE-2011-3188",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.4,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2012-05-24T23:55:02.213",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/08/23/2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/08/23/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-93RR-WH56-P8FW

Vulnerability from github – Published: 2022-05-13 01:24 – Updated: 2022-05-13 01:24

Details

Severity ?

9.1 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-3188"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-05-24T23:55:00Z",
    "severity": "CRITICAL"
  },
  "details": "The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.",
  "id": "GHSA-93rr-wh56-p8fw",
  "modified": "2022-05-13T01:24:58Z",
  "published": "2022-05-13T01:24:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3188"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp;utm_medium=RSS"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bc0b96b54a21246e377122d54569eef71cec535f"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2011/08/23/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTA-2012-AVI-479

Vulnerability from certfr_avis - Published: 2012-09-03 - Updated: 2012-09-03

De multiples vulnérabilités ont été corrigées dans les produits VMware. Elles concernent les éléments d'éditeurs tiers implémentés dans les solutions. Les éléments suivants ont étés mis à jour :

Java Runtime Environment (JRE) ;
OpenSSL ;
le noyau ;
Perl ;
libxml2 ;
glibc ;
GnuTLS ;
popt et rpm ;
Apache struts.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	N/A	VMware ESX version 4.1 ;
VMware	N/A	VMware vCO version 4.0.
VMware	N/A	VMware vCenter version 5.0 ;
VMware	N/A	VMware vCOps version 1.0.x ;
VMware	ESXi	VMware ESXi version 3.5 ;
VMware	N/A	VMware Update Manager version 5.0 ;
VMware	N/A	VMware Update Manager version 4.0 ;
VMware	N/A	VMware vCO version 4.1 ;
VMware	ESXi	VMware ESXi version 4.1 ;
VMware	N/A	VMware vCenter version 4.0 ;
VMware	N/A	VMware vCenter version 4.1 ;
VMware	N/A	VMware vCOps version 5.0.2 ;
VMware	ESXi	VMware ESXi version 4.0 ;
VMware	N/A	VMware VirtualCenter version 2.5 ;
VMware	N/A	VMware Update Manager version 4.1 ;
VMware	ESXi	VMware ESXi version 5.0 ;
VMware	N/A	VMware ESX version 4.0 ;
VMware	N/A	VMware ESX version 3.5 ;

References

Title

Publication Time

GSD-2011-3188

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2011-3188

Aliases

CVE-2011-3188

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-3188",
    "description": "The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.",
    "id": "GSD-2011-3188",
    "references": [
      "https://www.suse.com/security/cve/CVE-2011-3188.html",
      "https://www.debian.org/security/2011/dsa-2310",
      "https://www.debian.org/security/2011/dsa-2303",
      "https://access.redhat.com/errata/RHSA-2012:0010",
      "https://access.redhat.com/errata/RHSA-2011:1465",
      "https://access.redhat.com/errata/RHSA-2011:1419",
      "https://access.redhat.com/errata/RHSA-2011:1408",
      "https://access.redhat.com/errata/RHSA-2011:1386",
      "https://alas.aws.amazon.com/cve/html/CVE-2011-3188.html",
      "https://linux.oracle.com/cve/CVE-2011-3188.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-3188"
      ],
      "details": "The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.",
      "id": "GSD-2011-3188",
      "modified": "2023-12-13T01:19:09.422455Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2011-3188",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2",
            "refsource": "MISC",
            "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
          },
          {
            "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1",
            "refsource": "MISC",
            "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
          },
          {
            "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec",
            "refsource": "MISC",
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
          },
          {
            "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f",
            "refsource": "MISC",
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2011/08/23/2",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2011/08/23/2"
          },
          {
            "name": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec",
            "refsource": "MISC",
            "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
          },
          {
            "name": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f",
            "refsource": "MISC",
            "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
          },
          {
            "name": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS",
            "refsource": "MISC",
            "url": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=732658",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:firepass:7.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.2.4",
                "versionStartIncluding": "10.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.2.4",
                "versionStartIncluding": "10.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.2.4",
                "versionStartIncluding": "10.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.2.4",
                "versionStartIncluding": "10.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.2.4",
                "versionStartIncluding": "10.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.2.4",
                "versionStartIncluding": "10.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.2.4",
                "versionStartIncluding": "10.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.2.4",
                "versionStartIncluding": "10.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.2.4",
                "versionStartIncluding": "10.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:firepass:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.1.0",
                "versionStartIncluding": "6.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:arx:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.4.0",
                "versionStartIncluding": "6.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.3.0",
                "versionStartIncluding": "2.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "11.1.0",
                "versionStartIncluding": "11.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "11.1.0",
                "versionStartIncluding": "11.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "11.1.0",
                "versionStartIncluding": "11.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "11.1.0",
                "versionStartIncluding": "11.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "11.1.0",
                "versionStartIncluding": "11.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "11.1.0",
                "versionStartIncluding": "11.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "11.1.0",
                "versionStartIncluding": "11.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "11.1.0",
                "versionStartIncluding": "11.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "11.1.0",
                "versionStartIncluding": "11.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "11.1.0",
                "versionStartIncluding": "11.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2011-3188"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=732658",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
            },
            {
              "name": "[oss-security] 20110823 Re: CVE request: kernel: change in how tcp seq numbers are generated",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/08/23/2"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1",
              "refsource": "CONFIRM",
              "tags": [
                "Mailing List",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
            },
            {
              "name": "HPSBGN02970",
              "refsource": "HP",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f",
              "refsource": "MISC",
              "tags": [],
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f"
            },
            {
              "name": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS",
              "refsource": "MISC",
              "tags": [],
              "url": "https://support.f5.com/csp/article/K15301?utm_source=f5support\u0026amp%3Butm_medium=RSS"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec",
              "refsource": "MISC",
              "tags": [],
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.4,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.2
        }
      },
      "lastModifiedDate": "2023-02-13T04:32Z",
      "publishedDate": "2012-05-24T23:55Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-3188 (GCVE-0-2011-3188)

FKIE_CVE-2011-3188

GHSA-93RR-WH56-P8FW

CERTA-2012-AVI-479

Solution

GSD-2011-3188

Tags

Sightings

Nomenclature