Vulnerability Name: | CVE-2002-0381 (CCN-8485) |
Assigned: | 2002-03-17 |
Published: | 2002-03-17 |
Updated: | 2008-09-05 |
Summary: | The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.
|
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): Low Integrity (I): None Availibility (A): None |
|
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): Partial Integrity (I): None Availibility (A): None | 5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
| Impact Metrics: | Confidentiality (C): Partial Integrity (I): None Availibility (A): None |
|
Vulnerability Type: | CWE-Other
|
Vulnerability Consequences: | Bypass Security |
References: | Source: CCN Type: SGI Security Advisory 20030604-01-I Imperfect Broadcast Address Checking
Source: SGI Type: UNKNOWN 20030604-01-I
Source: CCN Type: BugTraq Mailing List, Sat Mar 16 2002 - 19:30:53 CST TCP Connections to a Broadcast Address on BSD-Based Systems
Source: MITRE Type: CNA CVE-2002-0381
Source: CCN Type: NetBSD source level patch for tcp_input.c /ftp/cvs/cvsroot/src/sys/netinet/tcp_input.c 1.136 to 1.137 diffs
Source: CONFIRM Type: UNKNOWN http://cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diff?r1=1.136&r2=1.137
Source: BUGTRAQ Type: Exploit, Patch, Vendor Advisory 20020317 TCP Connections to a Broadcast Address on BSD-Based Systems
Source: CCN Type: FreeBSD, Inc. Problem Report misc/35022 network broadcast addresses may be used for communications with the system just as well as if it was her own.
Source: MISC Type: Patch, Vendor Advisory http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35022
Source: XF Type: UNKNOWN bsd-broadcast-address(8485)
Source: CCN Type: OpenBSD source level patch for tcp_input.c /ftp/cvs/cvsroot/src/sys/netinet/tcp_input.c 1.109 to 1.110 diffs
Source: CONFIRM Type: UNKNOWN http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diff?r1=1.109&r2=1.110
Source: OSVDB Type: UNKNOWN 5308
Source: CCN Type: OSVDB ID: 5308 Multiple BSD Broadcast Address Filter Bypass
Source: BID Type: UNKNOWN 4309
Source: CCN Type: BID-4309 BSD TCP/IP Broadcast Connection Check Vulnerability
Source: XF Type: UNKNOWN bsd-broadcast-address(8485)
|
Vulnerable Configuration: | Configuration 1: cpe:/o:freebsd:freebsd:*:*:*:*:*:*:*:* (Version <= 4.5)OR cpe:/o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*OR cpe:/o:openbsd:openbsd:*:*:*:*:*:*:*:* Configuration CCN 1: cpe:/o:freebsd:freebsd:2.2:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:3.0:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.1:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.3:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.3:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.4:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:3.1:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:3.2:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:2.0:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:3.3:-:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:3.4:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:4.0:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:5.0:-:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:3.5:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.4:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:4.1:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.5:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.7:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:4.2:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.5:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.6:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.8:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:4.3:-:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*OR cpe:/o:openbsd:openbsd:3.0:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:4.4:-:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.9:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.10:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.11:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.12:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.13:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.14:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:4.5:-:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.15:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.16:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.0:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.2:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.1:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.10f:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.10m:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.11f:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.11m:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.12f:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.12m:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.13f:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.13m:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.14f:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.14m:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.15f:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.15m:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.2f:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.2m:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.3f:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.3m:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.4f:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.4m:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.5f:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.5m:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.6f:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.6m:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.7f:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.7m:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.8f:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.8m:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.9f:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:6.5.9m:*:*:*:*:*:*:*
Denotes that component is vulnerable |
BACK |