5
CVE-2014-7250
- EPSS 4.75%
- Veröffentlicht 12.12.2014 03:03:47
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.75% | 0.907 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
http://jvn.jp/en/jp/JVN07930208/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000134
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195243