Lucene search

[email protected]CVE-2001-0969

HistoryMar 09, 2002 - 5:00 a.m.

CVE-2001-0969

2002-03-0905:00:00

[email protected]

web.nvd.nist.gov

freebsd

ipfw

arbitrary remote connections

vulnerability

nvd

cve-2001-0969

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.7%

JSON

ipfw in FreeBSD does not properly handle the use of “me” in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts.

Affected configurations

NVD

Node

freebsdfreebsdMatch4.3

CPENameOperatorVersion
freebsd:freebsdfreebsdeq4.3

CPE	Name	Operator	Version
freebsd:freebsd	freebsd	eq	4.3

References

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:53.ipfw.asc

www.osvdb.org/1937

www.securityfocus.com/bid/3206

exchange.xforce.ibmcloud.com/vulnerabilities/7002

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.7%

JSON

Related for CVE-2001-0969

cvelist1 nvd1