CVE-1999-0077
published 2007-09-06CVE-1999-0077: The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly block inbound traffic on TCP port 80, which allows remote…
medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
30.87%
98.0th percentile
The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly block inbound traffic on TCP port 80, which allows remote attackers to connect to the web interface by guessing a TCP sequence number, possibly involving spoofing of an ARP packet, a related issue to CVE-1999-0077.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | ios | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco IOS Software TCP Initial Sequence Number Randomization Improvements
vendor_cisco·2001-03-01
CVE-1999-0077 Cisco IOS Software TCP Initial Sequence Number Randomization Improvements
Cisco IOS Software TCP Initial Sequence Number Randomization Improvements
Cisco IOS�� Software contains a flaw that
permits the successful prediction of TCP Initial Sequence Numbers.
This vulnerability is present in all released versions of Cisco IOS
software running on Cisco routers and switches. It only affects the security of
TCP connections that originate or terminate on the affected Cisco device
itself; it does not apply to TCP traffic forwarded through the affected device
in transit between two other hosts.
To remove the vulnerability, Cisco is offering free software upgrades
for all affected platforms. The defect is described in DDTS record
CSCds04747.
Workarounds are available that limit or deny successful exploitation
of the vulnerability by filtering traffic containing forged
Red Hat
CVE-1999-0077: Predictable TCP sequence numbers allow spoofing
vendor_redhat·CVSS 5.0
CVE-1999-0077 [MEDIUM] CVE-1999-0077: Predictable TCP sequence numbers allow spoofing
Predictable TCP sequence numbers allow spoofing.
Statement: Not vulnerable. This issue did not affect the versions of the Linux kernel as
shipped with Red Hat Enterprise Linux 3, 4, 5, and Red Hat Enterprise MRG. The Linux kernel has implemented secure random number generated initial TCP sequences to prevent TCP hijacking attacks since 1996.
Cisco
Cisco IOS Software TCP Initial Sequence Number Randomization Improvements
vendor_cisco
CVE-1999-0077 Cisco IOS Software TCP Initial Sequence Number Randomization Improvements
CVE-1999-0077: Cisco IOS Software TCP Initial Sequence Number Randomization Improvements
Cisco IOS ?? Software contains a flaw that permits the successful prediction of TCP Initial Sequence Numbers. This vulnerability is present in all released versions of Cisco IOS software running on Cisco routers and switches. It only affects the security of TCP connections that originate or terminate on the affected Cisco device itself; it does not apply to TCP traffic forwarded through the affected device in transit between two other hosts. To remove the vulnerability, Cisco is offering free software upgrades for all affected platforms. The defect is described in DDTS record CSCds04747.
Bug IDs: CSCds04747, CSCds04747
VulDB
Microsoft Windows NT 4.0 TCP Sequence Number authentication spoofing (EDB-19522 / Nessus ID 10443)
vuldb·2026-04-16·CVSS 5.0
CVE-1999-0077 [MEDIUM] Microsoft Windows NT 4.0 TCP Sequence Number authentication spoofing (EDB-19522 / Nessus ID 10443)
A vulnerability, which was classified as critical, was found in Microsoft Windows NT 4.0. Affected is an unknown function of the component TCP Sequence Number Handler. Such manipulation leads to authentication bypass by spoofing.
This vulnerability is traded as CVE-1999-0077. The attack may be launched remotely. Furthermore, there is an exploit available. This vulnerability is notable in history due to its background and the response it received.
You should upgrade the affected component.
GHSA
GHSA-w5wj-83wg-9p94: The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly block inbound traffic on TCP port 80, which allows rem
ghsa_unreviewed·2022-05-01·CVSS 5.0
CVE-2007-4733 [MEDIUM] GHSA-w5wj-83wg-9p94: The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly block inbound traffic on TCP port 80, which allows rem
The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly block inbound traffic on TCP port 80, which allows remote attackers to connect to the web interface by guessing a TCP sequence number, possibly involving spoofing of an ARP packet, a related issue to CVE-1999-0077.
No detection rules found.
CWE
Reliance on Security Through Obscurity
mitre_cwe·CVSS 5.0
[MEDIUM] CWE-656 Reliance on Security Through Obscurity
CWE-656: Reliance on Security Through Obscurity
The product uses a protection mechanism whose strength depends heavily on its obscurity, such that knowledge of its algorithms or key data is sufficient to defeat the mechanism.
This reliance on "security through obscurity" can produce resultant weaknesses if an attacker is able to reverse engineer the inner workings of the mechanism. Note that obscurity can be one small part of defense in depth, since it can create more work for an attacker; however, it is a significant risk if used as the primary means of protection.
Modes of Introduction:
Phase: Architecture and Design
Phase: Implementation
Note: REALIZATION: This weakness is caused during implementation of an architectural security tactic.
Common Consequences:
Scope: Confidentiality,
CWE
Violation of Secure Design Principles
mitre_cwe
CWE-657 Violation of Secure Design Principles
CWE-657: Violation of Secure Design Principles
The product violates well-established principles for secure design.
This can introduce resultant weaknesses or make it easier for developers to introduce related weaknesses during implementation. Because code is centered around design, it can be resource-intensive to fix design problems.
Modes of Introduction:
Phase: Architecture and Design
Common Consequences:
Scope: Other. Impact: Other.
Examples:
Switches may revert their functionality to that of hubs when the table used to map ARP information to the switch interface overflows, such as when under a spoofing attack. This results in traffic being broadcast to an eavesdropper, instead of being sent only on the relevant switch interface. To mitigate this type of problem, the developer coul
CWE
Predictable Exact Value from Previous Values
mitre_cwe·CVSS 6.4
[MEDIUM] CWE-342 Predictable Exact Value from Previous Values
CWE-342: Predictable Exact Value from Previous Values
An exact value or random number can be precisely predicted by observing previous values.
Modes of Introduction:
Phase: Architecture and Design
Phase: Implementation
Common Consequences:
Scope: Other. Impact: Varies by Context.
Potential Mitigations:
Increase the entropy used to seed a PRNG.
[Architecture and Design] Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").
[Implementation] Use a PRNG that periodically re-seeds itself using input from high-quality sources, such as hardware devices with high entropy. However, do not re-seed too frequently, or else the entropy source might block.
Observed Examples:
CVE-2002-1463: Fi
http://osvdb.org/45877http://securityreason.com/securityalert/3093http://securitytracker.com/id?1018641http://www.securityfocus.com/archive/1/478314/100/0/threadedhttp://osvdb.org/45877http://securityreason.com/securityalert/3093http://securitytracker.com/id?1018641http://www.securityfocus.com/archive/1/478314/100/0/threaded
2007-09-06
Published