Japan Vulnerability NotesJVN:07930208JVN#07930208: BSD Operating Systems vulnerable to denial-of-service (DoS)
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
75.4%
BSD operating systems contain an issue in the handling of the TCP session timer, which may lead to a denial-of-service (DoS) vulnerability.
Impact
When a sepcially crafted packet from a malicious server is received, a condition where client resources are not released may occur. As a result, clients using an OS listed under “Affected Systems” may be vulnerable to a denial-of-service (DoS) attack.
Solution
Apply an Update
Update to the latest version according to the information provided by the OS developer or distributor.
Products Affected
Operating systems that implement the BSD IP stack based on Net/2 are affected by this vulnerability.
FreeBSD version 5.4 has been confirmed to be vulnerable.
Related
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
75.4%