CVE-2014-7250

Name of the Vulnerable Software and Affected Versions FreeBSD version 5.4 NetBSD versions possibly 2.0 OpenBSD versions possibly 3.6

Description The issue is related to the TCP stack implementation, specifically the session timer, which can be exploited by remote attackers to cause a denial of service through resource consumption by sending crafted packets.

Recommendations For FreeBSD version 5.4, update the TCP stack implementation to properly handle session timers. For NetBSD versions possibly 2.0, consider disabling the vulnerable TCP stack functionality until a proper fix is available. For OpenBSD versions possibly 3.6, restrict access to the TCP stack to minimize the risk of exploitation.