CVE-2008-1147

Name of the Vulnerable Software and Affected Versions OpenBSD versions 2.6 through 3.4 Mac OS X versions 10 through 10.5.1 FreeBSD versions 4.4 through 7.0 DragonFlyBSD versions 1.0 through 1.10.1

Description A pseudo-random number generator (PRNG) algorithm, known as "Algorithm X2", is used in various operating systems. This algorithm allows remote attackers to guess sensitive values, such as IP fragmentation IDs, by observing a sequence of previously generated values. This issue can be leveraged for attacks, including injection into TCP packets and OS fingerprinting.

Recommendations For OpenBSD versions 2.6 through 3.4, update to a version that uses a secure PRNG algorithm. For Mac OS X versions 10 through 10.5.1, update to a version that uses a secure PRNG algorithm. For FreeBSD versions 4.4 through 7.0, update to a version that uses a secure PRNG algorithm. For DragonFlyBSD versions 1.0 through 1.10.1, update to a version that uses a secure PRNG algorithm.