PT-1998-1067 · Openbsd+1 · Openbsd+1

Published

1998-02-01

Updated

2018-05-03

CVE-1999-0305

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions OpenBSD versions 2.2 and earlier FreeBSD versions 2.2.5 and earlier

Description The system configuration control facility in BSD-based operating systems does not properly restrict source routed packets, even when the dosourceroute or forwarding variables are set. This allows remote attackers to spoof TCP connections.

Recommendations For OpenBSD versions 2.2 and earlier, update the system configuration to properly restrict source routed packets by adjusting the dosourceroute and forwarding variables. For FreeBSD versions 2.2.5 and earlier, update the system configuration to properly restrict source routed packets by adjusting the dosourceroute and forwarding variables.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-0305

Affected Products

Freebsd

Openbsd

PT-1998-1067 · Openbsd+1 · Openbsd+1

CVE-1999-0305

Related Identifiers

Affected Products

References · 4