6.9 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
75.2%
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.
CPE | Name | Operator | Version |
---|---|---|---|
bsd:bsd | bsd | eq | 4.3 |
freebsd:freebsd | freebsd | eq | 5.4 |
netbsd:netbsd | netbsd | eq | 2.0 |
openbsd:openbsd | openbsd | eq | 3.6 |