CVE-1999-0305

Published: Feb 1, 1998Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections.

Affected (6)

Products: Bsdi: Bsd Os · Freebsd: Freebsd · Openbsd: Openbsd

1 product

1 product

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Bsdi Bsd Os	All versions
Freebsd Freebsd	Version 2.2.5
Freebsd Freebsd	Version 2.2
Openbsd Openbsd	Version 2.0
Openbsd Openbsd	Version 2.1
Openbsd Openbsd	Version 2.2

References (6)

http://www.openbsd.org/advisories/sourceroute.txt

Source: cve@mitre.org

http://www.osvdb.org/11502

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/736

Source: cve@mitre.org

http://www.openbsd.org/advisories/sourceroute.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/11502

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/736

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.