Lucene search
HistoryDec 12, 2014 - 3:03 a.m.
CVE-2014-7250
cve-2014-7250
tcp stack
denial of service
resource consumption
4.3bsd net/2
freebsd
netbsd
openbsd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.9 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.4%
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.
Affected configurations
Node
bsdbsdMatch4.3
ORfreebsdfreebsdMatch5.4
ORnetbsdnetbsdMatch2.0
ORopenbsdopenbsdMatch3.6
| CPE | Name | Operator | Version |
|---|---|---|---|
| bsd:bsd | bsd | eq | 4.3 |
| freebsd:freebsd | freebsd | eq | 5.4 |
| netbsd:netbsd | netbsd | eq | 2.0 |
| openbsd:openbsd | openbsd | eq | 3.6 |
Related
debiancve
debiancve
CVE-2014-7250
2014-12-12 03:03:47
cvelist
cvelist
CVE-2014-7250
2014-12-12 02:00:00
nvd
nvd
CVE-2014-7250
2014-12-12 03:03:47
prion
prion
Session fixation
2014-12-12 03:03:00
jvn
jvn
JVN#07930208: BSD Operating Systems vulnerable to denial-of-service (DoS)
2014-11-21 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.9 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.4%
Related for CVE-2014-7250