CVE-2011-3188

Published on: 05/24/2012 12:00:00 AM UTC

Last Modified on: 02/13/2023 04:32:00 AM UTC

CVE-2011-3188

Source: Mitre Source: NIST CVE.ORG Print: PDF PDF
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Certain versions of Arx from F5 contain the following vulnerability:

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

  • CVE-2011-3188 has been assigned by URL Logo seca[email protected] to track the vulnerability - currently rated as CRITICAL severity.

CVSS3 Score: 9.1 - CRITICAL

Attack
Vector 		Attack
Complexity		 Privileges
Required		 User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact		 Integrity
Impact		 Availability
Impact
UNCHANGED NONE HIGH HIGH

CVSS2 Score: 6.4 - MEDIUM

Access
Vector		 Access
Complexity		 Authentication
NETWORK LOW NONE
Confidentiality
Impact		 Integrity
Impact		 Availability
Impact
NONE PARTIAL PARTIAL

CVE References

Description Tags Link
oss-security - Re: CVE request: kernel: change in how tcp seq numbers are generated Mailing List
Patch
Third Party Advisory
www.openwall.com
text/html
 URL Logo MLIST [oss-security] 20110823 Re: CVE request: kernel: change in how tcp seq numbers are generated
kernel/git/torvalds/linux.git - Linux kernel source tree web.archive.org
text/html
Inactive LinkNot Archived
 URL Logo MISC git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f
Mailing List
Patch
Vendor Advisory
www.kernel.org
text/plain
 URL Logo CONFIRM www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1
crypto: Move md5_transform to lib/md5.c · torvalds/linux@bc0b96b · GitHub Patch
Third Party Advisory
github.com
text/html
 URL Logo CONFIRM github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f
No Description Provided Third Party Advisory
support.f5.com
text/html
 URL Logo CONFIRM support.f5.com/csp/article/K15301?utm_source=f5support&utm_medium=RSS
net: Compute protocol sequence numbers and fragment IDs using MD5. · torvalds/linux@6e5714e · GitHub Patch
Third Party Advisory
github.com
text/html
 URL Logo CONFIRM github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
No Description Provided support.f5.com
text/html
 URL Logo MISC support.f5.com/csp/article/K15301?utm_source=f5support&%3Butm_medium=RSS
'[security bulletin] HPSBGN02970 rev.1 - HP Rapid Deployment Pack (RDP) or HP Insight Control Server ' - MARC Mailing List
Third Party Advisory
marc.info
text/html
 URL Logo HP HPSBGN02970
No Description Provided Mailing List
Patch
Vendor Advisory
git.kernel.org
text/html
Inactive LinkNot Archived
 URL Logo MISC git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
Bug 732658 – CVE-2011-3188 kernel: net: improve sequence number generation Issue Tracking
Patch
Third Party Advisory
bugzilla.redhat.com
text/html
 URL Logo CONFIRM bugzilla.redhat.com/show_bug.cgi?id=732658
By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationF5ArxAllAllAllAll
ApplicationF5Big-ip Access Policy ManagerAllAllAllAll
ApplicationF5Big-ip Access Policy ManagerAllAllAllAll
ApplicationF5Big-ip AnalyticsAllAllAllAll
ApplicationF5Big-ip Application Security ManagerAllAllAllAll
ApplicationF5Big-ip Application Security ManagerAllAllAllAll
ApplicationF5Big-ip Edge GatewayAllAllAllAll
ApplicationF5Big-ip Edge GatewayAllAllAllAll
ApplicationF5Big-ip Global Traffic ManagerAllAllAllAll
ApplicationF5Big-ip Global Traffic ManagerAllAllAllAll
ApplicationF5Big-ip Link ControllerAllAllAllAll
ApplicationF5Big-ip Link ControllerAllAllAllAll
ApplicationF5Big-ip Local Traffic ManagerAllAllAllAll
ApplicationF5Big-ip Local Traffic ManagerAllAllAllAll
ApplicationF5Big-ip Protocol Security ModuleAllAllAllAll
ApplicationF5Big-ip Protocol Security ModuleAllAllAllAll
ApplicationF5Big-ip Wan Optimization ManagerAllAllAllAll
ApplicationF5Big-ip Wan Optimization ManagerAllAllAllAll
ApplicationF5Big-ip WebacceleratorAllAllAllAll
ApplicationF5Big-ip WebacceleratorAllAllAllAll
ApplicationF5Enterprise Manager3.0.0AllAllAll
ApplicationF5Enterprise Manager3.0.0AllAllAll
ApplicationF5Enterprise ManagerAllAllAllAll
ApplicationF5Firepass7.0.0AllAllAll
ApplicationF5Firepass7.0.0AllAllAll
ApplicationF5FirepassAllAllAllAll
Operating
System		LinuxLinux KernelAllAllAllAll
Operating
System		LinuxLinux KernelAllAllAllAll
Operating
System		RedhatEnterprise Linux4.0AllAllAll
Operating
System		RedhatEnterprise Linux4.0AllAllAll
  • cpe:2.3:a:f5:arx:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:firepass:7.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:firepass:7.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:f5:firepass:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*:
© CVE.report 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report