Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-3000

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2014-3000
Last Modified 21 Jun 2014 12:41:20
Published 02 May 2014 10:55:07
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-3000

Summary

The TCP reassembly function in the inet module in FreeBSD 8.3 before p16, 8.4 before p9, 9.1 before p12, 9.2 before p5, and 10.0 before p2 allows remote attackers to cause a denial of service (undefined memory access and system crash) or possibly read system memory via multiple crafted packets, related to moving a reassemble queue entry to the segment list when the queue is full.

Vulnerable Systems

Operating System

  • Freebsd 10.0

  • Freebsd 8.3

  • Freebsd 8.4

  • Freebsd 9.1

  • Freebsd 9.2


References

SECTRACK - 1030172

BID - 67153

FREEBSD - FreeBSD-SA-14:08

SECUNIA - 58293

DEBIAN - DSA-2952

SECUNIA - 59034


Last Updated: 27 May 2016 11:05:36