CVE-2003-1230

Опубликовано: 31 дек. 2003

Источник: nvd

CVSS2: 6.4

EPSS Низкий

Описание

The implementation of SYN cookies (syncookies) in FreeBSD 4.5 through 5.0-RELEASE-p3 uses only 32-bit internal keys when generating syncookies, which makes it easier for remote attackers to conduct brute force ISN guessing attacks and spoof legitimate traffic.

Ссылки

http://secunia.com/advisories/8142/
Vendor Advisory
http://www.osvdb.org/19785
http://www.securityfocus.com/advisories/5013
Patch
Vendor Advisory
http://www.securityfocus.com/bid/6920
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/11397
http://secunia.com/advisories/8142/
Vendor Advisory
http://www.osvdb.org/19785
http://www.securityfocus.com/advisories/5013
Patch
Vendor Advisory
http://www.securityfocus.com/bid/6920
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/11397

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:4.7:release:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:4.7:stable:*:*:*:*:*:*

cpe:2.3:o:freebsd:freebsd:5.0:release:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00524

Низкий

6.4 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-7hx3-c6gv-rvgg

github

почти 4 года назад