Описание
PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default TTL.
Ссылки
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkExploitThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkExploitThird Party AdvisoryVDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02089
Низкий
5 Medium
CVSS2
Дефекты
CWE-203
Связанные уязвимости
github
почти 4 года назад
PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default TTL.
EPSS
Процентиль: 84%
0.02089
Низкий
5 Medium
CVSS2
Дефекты
CWE-203