Wind River VxWorks CVE-2015-3963 Predictable TCP Initial Sequence Security Bypass Vulnerability

Bugtraq ID: 75302
Class: Design Error
CVE: CVE-2015-3963
Remote: Yes
Local: No
Published: Jun 18 2015 12:00AM
Updated: Oct 26 2016 05:09AM
Credit: Raheem Beyah, David Formby, and San Shin Jung of Georgia Tech.
Vulnerable: Xerox Phaser 3635MFP 0
Windriver VxWorks 7
Windriver VxWorks 6.9
Windriver VxWorks 6.8
Windriver VxWorks 6.7
Windriver VxWorks 6.6
Schneider-Electric SAGE 3030 RTU 0
Schneider-Electric SAGE 3030 Magnum RTU 0
Schneider-Electric SAGE 2400 RTU 0
Schneider-Electric SAGE 2200 RTU 0
Schneider-Electric SAGE 1450 RTU 0
Schneider-Electric SAGE 1430 RTU 0
Schneider-Electric SAGE 1410 RTU 0
Schneider-Electric SAGE 1350 RTU 0
Schneider-Electric SAGE 1330 RTU 0
Schneider-Electric SAGE 1310 RTU 0
Schneider-Electric SAGE 1250 RTU 0
Schneider-Electric SAGE 1230 RTU 0
Schneider-Electric SAGE 1210 RTU 0
ABB RTU500 Series 11.3
Not Vulnerable: Xerox Phaser 3635MFP 20.105.54.000
Windriver VxWorks 6.8.3
Windriver VxWorks 5.5.1
Windriver VxWorks 6.9.4.4
Windriver VxWorks 6.7.1.1
Windriver VxWorks 6.4
Windriver VxWorks 6.0
Schneider-Electric SAGE 3030 Magnum RTU C3414-500-S02J2
Schneider-Electric SAGE 2400 RTU C3414-500-S02J2
Schneider-Electric SAGE 1450 RTU C3414-500-S02J2
Schneider-Electric SAGE 1430 RTU C3414-500-S02J2
Schneider-Electric SAGE 1410 RTU C3414-500-S02J2
ABB RTU500 Series 11.4.1


 

Privacy Statement
Copyright 2010, SecurityFocus