Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD6D472244-6007-11E6-A6C3-14DAE9D210B8
HistoryApr 30, 2014 - 12:00 a.m.

FreeBSD -- TCP reassembly vulnerability

2014-04-3000:00:00
vuxml.freebsd.org
12

0.106 Low

EPSS

Percentile

95.0%

JSON

Problem Description:
FreeBSD may add a reassemble queue entry on the stack
into the segment list when the reassembly queue reaches its
limit. The memory from the stack is undefined after the
function returns. Subsequent iterations of the reassembly
function will attempt to access this entry.
Impact:
An attacker who can send a series of specifically crafted
packets with a connection could cause a denial of service
situation by causing the kernel to crash.
Additionally, because the undefined on stack memory may
be overwritten by other kernel threads, while extremely
difficult, it may be possible for an attacker to construct
a carefully crafted attack to obtain portion of kernel
memory via a connected socket. This may result in the
disclosure of sensitive information such as login credentials,
etc. before or even without crashing the system.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchfreebsd-kernel= 8.4UNKNOWN
FreeBSDanynoarchfreebsd-kernel< 8.4_9UNKNOWN

Related

securityvulns 2
prion 1
cve 1
nessus 3
debiancve 1
checkpoint_security 1
f5 2
cvelist 1
freebsd_advisory 1
osv 1
debian 1
openvas 2
checkpoint_advisories 1
securityvulns
securityvulns
FreeBSD TCP fragments memory corruptions
2014-05-01 00:00:00
FreeBSD Security Advisory FreeBSD-SA-14:08.tcp
2014-05-01 00:00:00
prion
prion
Code injection
2014-05-02 14:55:00
cve
cve
CVE-2014-3000
2014-05-02 14:55:00
nessus
nessus
FreeBSD : FreeBSD -- TCP reassembly vulnerability (6d472244-6007-11e6-a6c3-14dae9d210b8)
2016-08-12 00:00:00
pfSense < 2.1.3 Remote Denial of Service Vulnerability (SA-14_05)
2018-01-31 00:00:00
Debian DSA-2952-1 : kfreebsd-9 - security update
2014-06-09 00:00:00
debiancve
debiancve
CVE-2014-3000
2014-05-02 14:55:00
checkpoint_security
checkpoint_security
Check Point response to TCP reassembly vulnerability (CVE-2014-3000; FreeBSD-SA-14:08.tcp)
2014-05-06 21:00:00
f5
f5
SOL15274 - TCP reassembly vulnerability CVE-2014-3000
2014-05-20 00:00:00
K15274 : TCP reassembly vulnerability CVE-2014-3000
2014-05-20 00:00:00
cvelist
cvelist
CVE-2014-3000
2014-05-02 14:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:08.tcp
2014-04-30 00:00:00
osv
osv
kfreebsd-9 - security update
2014-06-05 00:00:00
debian
debian
[SECURITY] [DSA 2952-1] kfreebsd-9 security update
2014-06-06 01:10:58
openvas
openvas
Debian Security Advisory DSA 2952-1 (kfreebsd-9 - security update)
2014-06-05 00:00:00
Debian: Security Advisory (DSA-2952-1)
2014-06-04 00:00:00
checkpoint_advisories
checkpoint_advisories
Packet Sanity (CVE-1999-0193; CVE-1999-0675; CVE-2000-0221; CVE-2002-1071; CVE-2003-1029; CVE-2004-0247; CVE-2004-1109; CVE-2007-1804; CVE-2007-3026; CVE-2008-7127; CVE-2010-1185; CVE-2011-0975; CVE-2012-6638; CVE-2014-3000)
2019-06-23 00:00:00

0.106 Low

EPSS

Percentile

95.0%

JSON
Related for 6D472244-6007-11E6-A6C3-14DAE9D210B8
securityvulns2prion1cve1nessus3debiancve1checkpoint_security1f52cvelist1freebsd_advisory1osv1debian1openvas2checkpoint_advisories1