TCP session hijack vulnerability in the net/ipv4/tcp_input.c in kernel via a blind in-window attack
|ID: oval:org.secpod.oval:def:36754||Date: (C)2016-08-12 (M)2017-10-12|
|Class: VULNERABILITY||Family: unix|
The host is installed with Linux kernel and is prone to a TCP session hijack vulnerability. A flaw is present in the application, which fails to handle a blind in-window attack. Successful exploitation allows man-in-the-middle attackers to hijack TCP sessions.
|Oracle Linux 6|
|Oracle Linux 7|