| Vulnerability Name: | CVE-2005-2019 (CCN-21201) | ||||||||
| Assigned: | 2005-06-29 | ||||||||
| Published: | 2005-06-29 | ||||||||
| Updated: | 2008-09-05 | ||||||||
| Summary: | ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) or Uni Processor (UP) systems with the PREEMPTION kernel option enabled, does not sufficiently lock certain resources while performing table lookups, which can cause the cache results to be corrupted during multiple concurrent lookups, allowing remote attackers to bypass intended access restrictions. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||
| References: | Source: CCN Type: FreeBSD Security Advisory FreeBSD-SA-05:13 ipfw packet matching errors with address tables Source: FREEBSD Type: Vendor Advisory FreeBSD-SA-05:13 Source: MITRE Type: CNA CVE-2005-2019 Source: CCN Type: OSVDB ID: 17676 FreeBSD ipfw Cached Entry Packet Matching Issue Source: CCN Type: BID-14102 FreeBSD IPFW Address Table Lookup Atomicity Error Firewall Rule Bypass Vulnerability Source: XF Type: UNKNOWN ipfw-firewall-bypass(21201) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||