CVE-1999-0305
CVSS 2.0 Score 5 of 10 (medium)
Details
Published Feb 1, 1998
Updated: May 3, 2018
Summary
CVE-1999-0305 is a vulnerability affecting the system configuration control (sysctl) facility in older versions of OpenBSD (2.2 and earlier) and FreeBSD (2.2.5 and earlier). Unlike what is expected, these operating systems do not effectively restrict source routed packets when the dosourceroute or forwarding variables are set. This oversight allows remote attackers to manipulate TCP connections by spoofing packets, posing a significant security risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- OpenBSD
- FreeBSD
Affected Vendors
- OpenBSD Project
- FreeBSD Project