Vulnerabilities > CVE-2004-1799 - Unspecified vulnerability in Openbsd

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

openbsd

NVD

Published: 2004-12-31

Updated: 2016-10-18

Summary

PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via spoofed packets to other interfaces.

Vulnerable Configurations

Part	Description	Count
OS	Openbsd Openbsd Openbsd 3.0 Openbsd Openbsd 3.1 Openbsd Openbsd 3.2 Openbsd Openbsd 3.3 Openbsd Openbsd 3.4	5

References

http://marc.info/?l=full-disclosure&m=107331321302113&w=2
http://www.osvdb.org/19105
http://www.securityfocus.com/bid/9362