Vulnerabilities > CVE-2001-0969 - Unspecified vulnerability in Freebsd 4.3

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

freebsd

critical

NVD

Published: 2001-08-31

Updated: 2017-10-10

Summary

ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts.

Vulnerable Configurations

Part	Description	Count
OS	Freebsd Freebsd Freebsd 4.3	1

References

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:53.ipfw.asc
http://www.osvdb.org/1937
http://www.securityfocus.com/bid/3206
https://exchange.xforce.ibmcloud.com/vulnerabilities/7002