5

CVE-1999-0305

EPSS 0.73%
Published 01.02.1998 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections.

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Bsdi ≫ Bsd Os

Freebsd ≫ Freebsd Version2.2

Freebsd ≫ Freebsd Version2.2.5

Openbsd ≫ Openbsd Version2.0

Openbsd ≫ Openbsd Version2.1

Openbsd ≫ Openbsd Version2.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.73%	0.703

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://www.openbsd.org/advisories/sourceroute.txt

http://www.osvdb.org/11502

https://exchange.xforce.ibmcloud.com/vulnerabilities/736

https://nvd.nist.gov/vuln/detail/CVE-1999-0305

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-1999-0305

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-1999-0305

EUVD