Source Routing Vulnerability in OpenBSD and FreeBSD Systems
CVE-1999-0305

Currently unrated

Key Information:

Vendor: FreeBSD
Status: FreeBSD; OpenBSD; Bsd Os
Vendor: CVE Published:; 1 February 1998

What is CVE-1999-0305?

The sysctl configuration facility in BSD-derived operating systems, specifically OpenBSD 2.2 and earlier as well as FreeBSD 2.2.5 and earlier, is susceptible to a security flaw that fails to adequately restrict source-routed packets. Despite the dosourceroute and forwarding variables being set, this oversight enables remote attackers to successfully spoof TCP connections, potentially compromising the integrity and confidentiality of network communications.

References

http://www.openbsd.org/advisories/sourceroute.txt

x_refsource_MISC

http://www.osvdb.org/11502

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/736

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Jun 7, 1999
Vulnerability published
Feb 1, 1998