TCP session hijack vulnerability in the net/ipv4/tcp_input.c in kernel via a blind in-window attack
|ID: oval:org.secpod.oval:def:36751||Date: (C)2016-08-12 (M)2018-01-05|
|Class: VULNERABILITY||Family: unix|
The host is installed with Linux kernel and is prone to a TCP session hijack vulnerability. A flaw is present in the application, which fails to handle a blind in-window attack. Successful exploitation allows man-in-the-middle attackers to hijack TCP sessions.