CVE-1999-0305

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Feb 1, 1998

Updated: Nov 20, 2024

Summary

CVE-1999-0305 is a vulnerability affecting the system configuration control (sysctl) facility in older versions of OpenBSD (2.2 and earlier) and FreeBSD (2.2.5 and earlier). The issue lies in the fact that these operating systems fail to restrict source-routed packets, even when the dosourceroute or forwarding variables are set. This flaw permits remote attackers to spoof TCP connections, posing a significant security risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

OpenBSD
FreeBSD

Affected Vendors

OpenBSD Project
FreeBSD Project

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NEUHZ4
https://www.cve.org/CVERecord?id=CVE-1999-0305
https://nvd.nist.gov/vuln/detail/CVE-1999-0305

Back to Vulnerability Database