Vulnerabilities > CVE-2002-0518 - Unspecified vulnerability in Freebsd 4.5
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The SYN cache (syncache) and SYN cookie (syncookie) mechanism in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (crash) (1) via a SYN packet that is accepted using syncookies that causes a null pointer to be referenced for the socket's TCP options, or (2) by killing and restarting a process that listens on the same socket, which does not properly clear the old inpcb pointer on restart.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 |
References
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:20.syncache.asc
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:20.syncache.asc
- http://www.iss.net/security_center/static/8873.php
- http://www.iss.net/security_center/static/8873.php
- http://www.iss.net/security_center/static/8875.php
- http://www.iss.net/security_center/static/8875.php
- http://www.osvdb.org/6046
- http://www.osvdb.org/6046
- http://www.securityfocus.com/bid/4524
- http://www.securityfocus.com/bid/4524