CVE-2011-3188

Published May 24, 2012

Last updated 2 years ago

CVSS critical 9.1

Overview

Description: The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.1
Impact score: 5.2
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 6.4
Impact score: 4.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "156989A4-23D9-434A-B512-9C0F3583D13D",
            "versionEndExcluding": "3.1"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:arx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F20E6644-F925-4283-AD92-7B0696F52310",
            "versionEndIncluding": "6.4.0",
            "versionStartIncluding": "6.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79618AB4-7A8E-4488-8608-57EC2F8681FE",
            "versionEndIncluding": "10.2.4",
            "versionStartIncluding": "10.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0483E71B-931F-4566-AD6F-D5ABF64FFA06",
            "versionEndIncluding": "11.1.0",
            "versionStartIncluding": "11.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47A1E3F1-F319-4A75-9211-29B273E76F03",
            "versionEndIncluding": "11.1.0",
            "versionStartIncluding": "11.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "667D3780-3949-41AC-83DE-5BCB8B36C382",
            "versionEndIncluding": "10.2.4",
            "versionStartIncluding": "10.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EDED2D2-B85B-4680-9970-A6CE3343422C",
            "versionEndIncluding": "11.1.0",
            "versionStartIncluding": "11.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8347412-DC42-4B86-BF6E-A44A5E1541ED",
            "versionEndIncluding": "10.2.4",
            "versionStartIncluding": "10.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06D3514D-B1C2-4304-96DA-A84847104AF6",
            "versionEndIncluding": "11.1.0",
            "versionStartIncluding": "11.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653",
            "versionEndIncluding": "10.2.4",
            "versionStartIncluding": "10.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "142D050F-0D22-4D21-AB14-3AD0500A6D3F",
            "versionEndIncluding": "11.1.0",
            "versionStartIncluding": "11.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0",
            "versionEndIncluding": "10.2.4",
            "versionStartIncluding": "10.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFC44375-AF21-4438-9FF9-244095DEA2B7",
            "versionEndIncluding": "11.1.0",
            "versionStartIncluding": "11.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB",
            "versionEndIncluding": "10.2.4",
            "versionStartIncluding": "10.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "412829BD-A98B-4AD5-8B93-2C4C20AC15D8",
            "versionEndIncluding": "11.1.0",
            "versionStartIncluding": "11.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C0B4C01-C71E-4E35-B63A-68395984E033",
            "versionEndIncluding": "10.2.4",
            "versionStartIncluding": "10.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF7C328A-E18A-425E-B38F-996CC96D402E",
            "versionEndIncluding": "11.1.0",
            "versionStartIncluding": "11.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC",
            "versionEndIncluding": "10.2.4",
            "versionStartIncluding": "10.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1DB046D-1AC3-4F5C-95BF-31BBCE1C44BE",
            "versionEndIncluding": "11.1.0",
            "versionStartIncluding": "11.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4",
            "versionEndIncluding": "10.2.4",
            "versionStartIncluding": "10.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BD1D6A6-50A8-4794-8C7B-E3C3BC48A262",
            "versionEndIncluding": "11.1.0",
            "versionStartIncluding": "11.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0ADD1B04-9F78-40B3-8314-6935277073B0",
            "versionEndIncluding": "2.3.0",
            "versionStartIncluding": "2.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:enterprise_manager:3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "125C8A19-4F51-42DD-BA11-F299721EFBB5"
          },
          {
            "criteria": "cpe:2.3:a:f5:firepass:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15CE213B-F42C-4C2E-AFBD-852AB049FF8A",
            "versionEndIncluding": "6.1.0",
            "versionStartIncluding": "6.0.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:firepass:7.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "442D343A-973B-4C33-B99B-1EA2B7670DE5"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References