ID CVE-2005-0960
Summary Multiple vulnerabilities in the SACK functionality in (1) tcp_input.c and (2) tcp_usrreq.c OpenBSD 3.5 and 3.6 allow remote attackers to cause a denial of service (memory exhaustion or system crash).
References
Vulnerable Configurations
  • cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*
    cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*
  • cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*
    cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 05-09-2008 - 20:47)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 12951
openbsd
  • 20050330 [3.5] 030: RELIABILITY FIX: March 30, 2005
  • 20050330 [3.6] 013: RELIABILITY FIX: March 30, 2005
sectrack 1013611
Last major update 05-09-2008 - 20:47
Published 02-05-2005 - 04:00
Last modified 05-09-2008 - 20:47
Back to Top