The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.
References
Link | Resource |
---|---|
http://jvn.jp/en/jp/JVN07930208/index.html | Vendor Advisory |
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000134 | Vendor Advisory |
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195243 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2014-12-12T02:00:00
Updated: 2014-12-12T02:57:00
Reserved: 2014-09-30T00:00:00
Link: CVE-2014-7250
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-12-12T03:03:47.817
Modified: 2014-12-12T20:28:21.973
Link: CVE-2014-7250
JSON object: View
Redhat Information
No data.
CWE