Lucene search

[email protected]CVE-2000-1167

HistoryJan 09, 2001 - 5:00 a.m.

CVE-2000-1167

2001-01-0905:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2000-1167

freebsd 4.1.1

ppp utility

remote attack

system vulnerability

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.3%

JSON

ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the “nat deny_incoming” command, which allows remote attackers to connect to the target system.

CPENameOperatorVersion
freebsd:freebsdfreebsdeq4.1.1
freebsd:freebsdfreebsdeq3.5.1
freebsd:freebsdfreebsdeq4.1
freebsd:freebsdfreebsdeq4.0
freebsd:freebsdfreebsdeq3.5

CPE	Name	Operator	Version
freebsd:freebsd	freebsd	eq	4.1.1
freebsd:freebsd	freebsd	eq	3.5.1
freebsd:freebsd	freebsd	eq	4.1
freebsd:freebsd	freebsd	eq	4.0
freebsd:freebsd	freebsd	eq	3.5

References

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:70.ppp-nat.asc

www.osvdb.org/1655

www.securityfocus.com/bid/1974

exchange.xforce.ibmcloud.com/vulnerabilities/5584

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.3%

JSON