CVE-2008-1147
published 2008-03-04CVE-2008-1147: A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "Algorithm X2"), as used in OpenBSD 2.6 through 3.4, Mac OS…
PriorityP429medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.77%
75.4th percentile
A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "Algorithm X2"), as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as injection into TCP packets and OS fingerprinting.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cosmicperl | directory_pro | — | — |
| darwin | darwin | — | — |
| darwin | darwin | — | — |
| msrc | microsoft_net_framework_2.0_service_pack_2 | — | — |
| msrc | microsoft_net_framework_3.0_service_pack_2 | — | — |
| msrc | microsoft_net_framework_3.5 | — | — |
| msrc | microsoft_net_framework_3.5.1 | — | — |
| msrc | microsoft_net_framework_3.5_and_4.6.2_4.7_4.7.1_4.7.2 | — | — |
| msrc | microsoft_net_framework_3.5_and_4.6_4.6.1_4.6.2 | — | — |
| msrc | microsoft_net_framework_3.5_and_4.7.1_4.7.2 | — | — |
| msrc | microsoft_net_framework_3.5_and_4.7.2 | — | — |
| msrc | microsoft_net_framework_3.5_and_4.8 | — | — |
| msrc | microsoft_net_framework_4.5.2 | — | — |
| msrc | microsoft_net_framework_4.6 | — | — |
| msrc | microsoft_net_framework_4.6_4.6.1_4.6.2_4.7_4.7.1_4.7.2 | — | — |
| msrc | microsoft_net_framework_4.8 | — | — |
| msrc | microsoft_sharepoint_enterprise_server_2013_service_pack_1 | — | — |
| msrc | microsoft_sharepoint_enterprise_server_2016 | — | — |
| msrc | microsoft_sharepoint_server_2010_service_pack_2 | — | — |
| msrc | microsoft_sharepoint_server_2019 | — | — |
| msrc | microsoft_visual_studio_2017_version_15.9 | — | — |
| msrc | net_core_2.1 | — | — |
| msrc | net_core_3.1 | — | — |
| navision | financials_server | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vendor_msrc7.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://seclists.org/bugtraq/2008/Feb/0052.htmlhttp://seclists.org/bugtraq/2008/Feb/0063.htmlhttp://secunia.com/advisories/28819http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c?rev=1.10%3Bcontenttype=http://www.securiteam.com/securityreviews/5PP0H0UNGW.htmlhttp://www.securityfocus.com/archive/1/487658http://www.securityfocus.com/bid/27647http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdfhttps://exchange.xforce.ibmcloud.com/vulnerabilities/40329https://exchange.xforce.ibmcloud.com/vulnerabilities/41155http://seclists.org/bugtraq/2008/Feb/0052.htmlhttp://seclists.org/bugtraq/2008/Feb/0063.htmlhttp://secunia.com/advisories/28819http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c?rev=1.10%3Bcontenttype=http://www.securiteam.com/securityreviews/5PP0H0UNGW.htmlhttp://www.securityfocus.com/archive/1/487658http://www.securityfocus.com/bid/27647http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdfhttps://exchange.xforce.ibmcloud.com/vulnerabilities/40329https://exchange.xforce.ibmcloud.com/vulnerabilities/41155
2008-03-04
Published