Network Vulnerability Assessment Report
21.06.2005
Sorted by host names

Session name: HT-HWR54GStart Time:21.06.2005 18:41:53
Finish Time:21.06.2005 18:52:14
Elapsed:0 day(s) 00:10:20
Total records generated:6
high severity:1
Medium severity:0
informational:5


10.0.0.38

ServiceSeverityDescription
www (80/tcp)
Info
Port is open
general/tcp
High

The remote host seems to generate Initial Sequence Numbers (ISN) in a weak
manner which seems to solely depend on the source and dest port of the TCP
packets.

An attacker may exploit this flaw to establish spoofed connections to the
remote host.

The Raptor Firewall and Novell Netware are known to be vulnerable to this
flaw, although other network devices may be vulnerable as well.


Solution :

If you are using a Raptor Firewall, see
http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html

Otherwise, contact your vendor for a patch.

Reference : http://online.securityfocus.com/archive/1/285729

Risk factor : High
CVE : CAN-2002-1463
BID : 5387, 8652
general/tcp
Info
10.0.0.38 resolves as HWR54G.ixbt.lab.
www (80/tcp)
Info
The remote web server type is :

IP_SHARER WEB 1.0


general/udp
Info
For your information, here is the traceroute to 10.0.0.38 :
10.0.0.59
10.0.0.38

www (80/tcp)
Info
A web server is running on this port