Vulnerabilities > CVE-2014-7250 - Resource Management Errors vulnerability in multiple products

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
bsd
freebsd
netbsd
openbsd
CWE-399

Summary

The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.

Vulnerable Configurations

Part Description Count
OS
Bsd
1
OS
Freebsd
1
OS
Netbsd
1
OS
Openbsd
1

Common Weakness Enumeration (CWE)