Buffalo Forums

Products => Wireless => : DoctorDOS November 05, 2018, 01:06:20 PM

: AirStation HP N300 DD-WRT CVE-2002-1463 ISN vulnerability
: DoctorDOS November 05, 2018, 01:06:20 PM
A customer has a dedicated Internet connection for their point of sale debit machine.  In order to pass PCI compliance they they have to have their network scanned by a third party. https://www.pcicomplianceguide.org/faq/ .  It's basically a NESSUS scan.  The AIRSTATION_HIGHPOWER_N300_DD-WRT with the most recent firmware failed that test.  From the report...

The remote host seems to generate Initial Sequence Numbers (ISN) in a weak
manner which seems to solely depend on the source and dest port of the TCP

This is a bug that goes way back to 2002 that should have been patched with kernel V 2.4.  Any suggestions or alternative FW that we could try?  I did download the latest DD-WRT FW but it would not load from the web interface and I don't wish to brick the unit.