We have done a security check on a server and its come back with
Linux Kernel TCP Sequence Number Generation Security Weakness. We are looking to correct this being flagged up on the check
We are using CentOS 5.10 with kernel 2.6.18-371.9.1.el5
We have done a security check on a server and its come back with
Linux Kernel TCP Sequence Number Generation Security Weakness. We are looking to correct this being flagged up on the check
We are using CentOS 5.10 with kernel 2.6.18-371.9.1.el5
Sounds like CVE-2011-3188 which has been fixed since the RedHat kernel 2.6.18-274.7.1.el5.
So either that server isn't running the kernel you mention (installed but not rebooted?), it tested the wrong system (some transparent device between the check and the server?) or it is a false positive (unsure why).