Common Vulnerabilities and Exposures assigned an identifier CVE-2001-0328 to the following vulnerability: TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN. References: [1] ftp://patches.sgi.com/support/free/security/advisories/20030201-01-P [2] http://www.cert.org/advisories/CA-2001-09.html [3] http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4922 [4] http://secunia.com/advisories/8044 [5] http://securityreason.com/securityalert/57 Further Linux kernel related references: [6] http://lkml.indiana.edu/hypermail/linux/kernel/9605.2/0101.html [7] http://lwn.net/Articles/455270/ [8] http://lwn.net/Articles/455131/ [9] http://lwn.net/Articles/455135/ [10] http://www.ietf.org/rfc/rfc1948.txt [11] http://comments.gmane.org/gmane.linux.network.general/1056
Statement: This issue did NOT affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2.