Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet.
References
Link | Resource |
---|---|
http://docs.info.apple.com/article.html?artnum=61798 | Patch Vendor Advisory |
http://lists.apple.com/mhonarc/security-announce/msg00038.html |
Configurations
Information
Published : 2003-11-02 21:00
Updated : 2008-09-05 13:35
NVD link : CVE-2003-0882
Mitre link : CVE-2003-0882
JSON object : View
CWE
Products Affected
apple
- mac_os_x