Lucene search
FreeBSD Security Advisory (FreeBSD-SA-05:13.ipfw.asc)
🗓️ 04 Sep 2008 00:00:00Reported by Copyright (C) 2008 E-Soft Inc.Type 
openvas🔗 plugins.openvas.org👁 10 Views
The ipfw tables lookup code caching vulnerability in FreeBSD-SA-05:13.ipfw.as
Show more
| Reporter | Title | Published | Views | Family All 7 |
|---|---|---|---|---|
 | FreeBSD Security Advisory FreeBSD-SA-05:13.ipfw | 30 Jun 200500:00 | – | securityvulns |
 | kernel -- ipfw packet matching errors with address tables | 29 Jun 200500:00 | – | freebsd |
 | CVE-2005-2019 | 5 Jul 200504:00 | – | nvd |
| FreeBSD Security Advisory (FreeBSD-SA-05:13.ipfw.asc) | 4 Sep 200800:00 | – | openvas |
 | CVE-2005-2019 | 30 Jun 200504:00 | – | cvelist |
 | CVE-2005-2019 | 5 Jul 200504:00 | – | cve |
 | FreeBSD-SA-05:13.ipfw | 29 Jun 200500:00 | – | freebsd_advisory |
| Source | Link |
|---|---|
| secure1 | www.secure1.securityspace.com/smysecure/catid.html |
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.53974");
script_version("2023-07-26T05:05:09+0000");
script_tag(name:"last_modification", value:"2023-07-26 05:05:09 +0000 (Wed, 26 Jul 2023)");
script_tag(name:"creation_date", value:"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)");
script_cve_id("CVE-2005-2019");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_name("FreeBSD Security Advisory (FreeBSD-SA-05:13.ipfw.asc)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsd", "ssh/login/freebsdpatchlevel");
script_tag(name:"insight", value:"ipfw(8) is a system facility which allows IP packet filtering,
redirecting, and traffic accounting. ipfw lookup tables are a way to
specify many IP addresses which can be used for packet matching in an
efficient manner.
The ipfw tables lookup code caches the result of the last query. The
kernel may process multiple packets concurrently, performing several
concurrent table lookups. Due to an insufficient locking, a cached
result can become corrupted that could cause some addresses to be
incorrectly matched against a lookup table.");
script_tag(name:"solution", value:"Upgrade your system to the appropriate stable release
or security branch dated after the correction date.");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-05:13.ipfw.asc");
script_tag(name:"summary", value:"The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-05:13.ipfw.asc");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-bsd.inc");
vuln = FALSE;
if(patchlevelcmp(rel:"5.4", patchlevel:"3")<0) {
vuln = TRUE;
}
if(vuln) {
security_message(port:0);
} else if (__pkg_match) {
exit(99);
}Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo04 Sep 2008 00:00Current
7.1High risk
Vulners AI Score7.1
CVSS25
EPSS0.00219