Affected Software/OS:
TCP/IPv4 implementations that implement RFC1323.
Vulnerability Insight:
The remote host implements TCP timestamps, as defined by RFC1323.
Vulnerability Detection Method:
Special IP packets are forged and sent with a little delay in between to the
target IP. The responses are searched
for
a timestamps.
If found, the timestamps
are reported.
Details:
TCP timestamps
(
OID: 1.3.6.1.4.1.25623.1.0.80091
)
Version used:
$Revision
:
7277
$
CVSS Base Score: 2.6
(
CVSS2#: AV:N/AC:H/Au:N/C:P/I:N/A:N
)
References:
Other:
http://www.ietf.org/rfc/rfc1323.txt
You can see how to resolve this vulnerability from the software vendors.
Additionally,
there are references if you need more information. You’ll also see the results from
providing details about the vulnerability into the Common Vulnerability Scoring Sys‐
tem (CVSS). This provides a score that will provide a sense of how serious the vulner‐
ability is. You can also get a better sense of the details if you understand how to read
the CVSS. For example, the preceding CVSS value indicates the attack vector (AV) is
over the network.
The attack complexity is high, which means attackers need to be
skilled for any attack on the vulnerability to be successful. The rest can be looked up
with explanations at the
CVSS
website
.
Exploiting Systems
With exploits, you can think about a payload. A
payload
determines what will happen
when the exploit is successful. It’s the code that is run after the execution flow of the
program has been compromised. Different payloads will
present you with different
interfaces. Not all payloads will work with all exploits. If you want to see the list of
potential payloads that are compatible with the exploit you want to run,
you can type
show payloads
after you have loaded the module. This presents you a list such as the
one
shown in
Example 5-17
. All of these payloads present a Unix shell so you can
type shell commands. The reason all of them show a Unix shell is that
distcc
is
a Unix
service.
