[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195549

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2002-0381Date: (C)2002-06-25   (M)2023-12-22


The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
http://online.securityfocus.com/archive/1/262733
20030604-01-I
BID-4309
OSVDB-5308
bsd-broadcast-address(8485)
http://cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diff?r1=1.136&r2=1.137
http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35022
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diff?r1=1.109&r2=1.110

CPE    3
cpe:/o:openbsd:openbsd
cpe:/o:netbsd:netbsd:2.0.4
cpe:/o:freebsd:freebsd:4.5

© SecPod Technologies