Lucene search

[email protected]CVE-2015-1417

HistoryJul 25, 2017 - 6:29 p.m.

CVE-2015-1417

2017-07-2518:29:00

CWE-400

[email protected]

web.nvd.nist.gov

freebsd

inet module

cve-2015-1417

vnet

denial of service

remote attackers

tcp connections

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.2%

JSON

The inet module in FreeBSD 10.2x before 10.2-PRERELEASE, 10.2-BETA2-p2, 10.2-RC1-p1, 10.1x before 10.1-RELEASE-p16, 9.x before 9.3-STABLE, 9.3-RELEASE-p21, and 8.x before 8.4-STABLE, 8.4-RELEASE-p35 on systems with VNET enabled and at least 16 VNET instances allows remote attackers to cause a denial of service (mbuf consumption) via multiple concurrent TCP connections.

Affected configurations

NVD

Node

freebsdfreebsdMatch8.4-

freebsdfreebsdMatch8.4beta1

freebsdfreebsdMatch8.4p11

freebsdfreebsdMatch8.4p12

freebsdfreebsdMatch8.4p13

freebsdfreebsdMatch8.4p14

freebsdfreebsdMatch8.4p15

freebsdfreebsdMatch8.4p16

freebsdfreebsdMatch8.4p17

freebsdfreebsdMatch8.4p19

freebsdfreebsdMatch8.4p2

freebsdfreebsdMatch8.4p20

freebsdfreebsdMatch8.4p21

freebsdfreebsdMatch8.4p22

freebsdfreebsdMatch8.4p23

freebsdfreebsdMatch8.4p24

freebsdfreebsdMatch8.4p26

freebsdfreebsdMatch8.4p27

freebsdfreebsdMatch8.4p3

freebsdfreebsdMatch8.4p30

freebsdfreebsdMatch8.4p33

freebsdfreebsdMatch8.4p34

freebsdfreebsdMatch8.4p4

freebsdfreebsdMatch8.4p7

freebsdfreebsdMatch8.4p8

freebsdfreebsdMatch8.4p9

freebsdfreebsdMatch9.3-

freebsdfreebsdMatch9.3p1

freebsdfreebsdMatch9.3p10

freebsdfreebsdMatch9.3p12

freebsdfreebsdMatch9.3p13

freebsdfreebsdMatch9.3p16

freebsdfreebsdMatch9.3p19

freebsdfreebsdMatch9.3p2

freebsdfreebsdMatch9.3p20

freebsdfreebsdMatch9.3p3

freebsdfreebsdMatch9.3p5

freebsdfreebsdMatch9.3p6

freebsdfreebsdMatch9.3p7

freebsdfreebsdMatch9.3p8

freebsdfreebsdMatch9.3p9

freebsdfreebsdMatch10.1-

freebsdfreebsdMatch10.1p1

freebsdfreebsdMatch10.1p10

freebsdfreebsdMatch10.1p12

freebsdfreebsdMatch10.1p15

freebsdfreebsdMatch10.1p16

freebsdfreebsdMatch10.1p2

freebsdfreebsdMatch10.1p3

freebsdfreebsdMatch10.1p4

freebsdfreebsdMatch10.1p5

freebsdfreebsdMatch10.1p6

freebsdfreebsdMatch10.1p7

freebsdfreebsdMatch10.1p8

freebsdfreebsdMatch10.1p9

freebsdfreebsdMatch10.2-

CPENameOperatorVersion
freebsd:freebsdfreebsdeq8.4
freebsd:freebsdfreebsdeq9.3
freebsd:freebsdfreebsdeq10.1
freebsd:freebsdfreebsdeq10.2

CPE	Name	Operator	Version
freebsd:freebsd	freebsd	eq	8.4
freebsd:freebsd	freebsd	eq	9.3
freebsd:freebsd	freebsd	eq	10.1
freebsd:freebsd	freebsd	eq	10.2

References

www.securityfocus.com/bid/76112

www.securitytracker.com/id/1033111

www.freebsd.org/security/advisories/FreeBSD-SA-15:15.tcp.asc

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.2%

JSON

Related for CVE-2015-1417

cvelist1 nvd1 freebsd1 nessus1 freebsd_advisory1 prion1 debiancve1