Описание
PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default TTL.
Ссылки
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkExploitThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkExploitThird Party AdvisoryVDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.02089
Низкий
5 Medium
CVSS2
Дефекты
CWE-203
Связанные уязвимости
github
больше 3 лет назад
PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default TTL.
EPSS
Процентиль: 83%
0.02089
Низкий
5 Medium
CVSS2
Дефекты
CWE-203