5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
75.4%
BSD operating systems contain an issue in the handling of the TCP session timer, which may lead to a denial-of-service (DoS) vulnerability.
When a sepcially crafted packet from a malicious server is received, a condition where client resources are not released may occur. As a result, clients using an OS listed under “Affected Systems” may be vulnerable to a denial-of-service (DoS) attack.
Apply an Update
Update to the latest version according to the information provided by the OS developer or distributor.
Operating systems that implement the BSD IP stack based on Net/2 are affected by this vulnerability.
FreeBSD version 5.4 has been confirmed to be vulnerable.