CVE

Id
4902  
CVE No.
CVE-2002-0510  
Status
Candidate  
Description
The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux.  
Phase
Proposed (20020611)  
Votes
ACCEPT(3) Foat, Frech, Green | NOOP(3) Cole, Cox, Wall  
Comments
CHANGE> [Cox changed vote from REVIEWING to NOOP] | Cox> So I asked some kernel guys about this - it"s not considered | an issue. There are several other ways to identify Linux on | the wire and people who care about this kind of thing rewrite | their packets in various ways via firewall technology to trick | the identifier programs.  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
25111 4902 CVE-2002-0510 BUGTRAQ:20020319 Identifying Kernel 2.4.x based Linux machines using UDP  View
25112 4902 CVE-2002-0510 URL:http://www.securityfocus.com/archive/1/262840  View
25113 4902 CVE-2002-0510 BID:4314  View
25114 4902 CVE-2002-0510 URL:http://www.securityfocus.com/bid/4314  View
25115 4902 CVE-2002-0510 XF:linux-udp-fingerprint(8588)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
63733 JVNDB-2002-000060 Linux Kernel の IP スタック実装におけるフィンガープリントの脆弱性 Linux Kernerl の IP スタックの実装において、UDP パケットデータグラムの IP Identification フィールドが常に 0 で送信されてしまうフィンガープリントの脆弱性が存在します。 CVE-2002-0510 4902 5 http://jvndb.jvn.jp/ja/contents/2002/JVNDB-2002-000060.html  View