- Description
- The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.
- Source
- vultures@jpcert.or.jp
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
- nvd@nist.gov
- CWE-399
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsd:bsd:4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "388BB5C2-53B3-4597-913C-7D86E585CCD5"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD85B1ED-1473-4C22-9E1E-53F07CF517E9"
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3C3F588-98DA-4F6F-A083-2B9EE534C561"
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4D84D7A-EB7C-4196-B8B6-7B703C8055C2"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]