CVE-1999-0305

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Feb 1, 1998
Updated: May 3, 2018

Summary

CVE-1999-0305 is a vulnerability affecting the system configuration control (sysctl) facility in older versions of OpenBSD (2.2 and earlier) and FreeBSD (2.2.5 and earlier). Unlike what is expected, these operating systems do not effectively restrict source routed packets when the dosourceroute or forwarding variables are set. This oversight allows remote attackers to manipulate TCP connections by spoofing packets, posing a significant security risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • OpenBSD
  • FreeBSD

Affected Vendors

  • OpenBSD Project
  • FreeBSD Project