TCP Sequence Number Approximation Vulnerability

Support for security such as Firewalls and securing linux
Post Reply
Posts: 1
Joined: 2012/05/15 18:06:21

TCP Sequence Number Approximation Vulnerability

Post by gguillen » 2012/05/15 18:11:56


We have a system that is running CentOS 6.2 (2.6.32-220.13.1.el6.x86_64) and we just ran a security audit on it. We're getting a vulnerability flag for a "TCP Sequence Number Approximation Vulnerability". From what I've read, this really isnt an issue with this system - this vulnerability just has an extremely high false positive rate. The issue is that I need to prove that there is no issue before the flag can be overridden. Where can I find documentation to back this up?

Thank you ahead of time.

Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America

TCP Sequence Number Approximation Vulnerability

Post by pschaff » 2012/05/15 19:05:28

All security bugs reported to [url=]TUV[/url] are [url=]backported[/url] to the code base for release.

If your auditors have specific CVE numbers that they want you to check then:
rpm -q --changelog package_name | grep CVE-xxxx-xxxx
You can also google the [url=]CVE[/url] - for instance:

Post Reply

Return to “CentOS 6 - Security Support”