https://www.exploit-db.com/exploits/19522
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-199501-001

可预测的TCP序列号允许欺骗。

source: http://www.securityfocus.com/bid/670/info

A vulnerability in the Linux kernel allows remote users to guess the initial sequence number of TCP sessions. This can be used to create spoofed TCP sessions bypassing some types of IP based access controls.

The function 'secure_tcp_sequence_number' in the file 'drivers/char/random.c' at line 1684 is used to generate the initial sequence number. It used the MD4 hash with a set of inputs to generate the new ISN. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/19522.tar.gz

来源:XF
名称:tcp-seq-predict(139)
链接:http://xforce.iss.net/static/139.php