TCP Sequence Number Approximation Vulnerability

Support for security such as Firewalls and securing linux
Post by gguillen » 2012/05/15 18:11:56


We have a system that is running CentOS 6.2 (2.6.32-220.13.1.el6.x86_64) and we just ran a security audit on it. We're getting a vulnerability flag for a "TCP Sequence Number Approximation Vulnerability". From what I've read, this really isnt an issue with this system - this vulnerability just has an extremely high false positive rate. The issue is that I need to prove that there is no issue before the flag can be overridden. Where can I find documentation to back this up?

Post by pschaff » 2012/05/15 19:05:28

All security bugs reported to [url=]TUV[/url] are [url=]backported[/url] to the code base for release.

If your auditors have specific CVE numbers that they want you to check then:
rpm -q --changelog package_name | grep CVE-xxxx-xxxx
You can also google the [url=]CVE[/url] - for instance:

