CVE-2002-0381 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2002-0381
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2002-0381

Description: The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.

CVE Status: Entry

References: XF http://www.iss.net/security_center/static/8485.php SGI OSVDB 5308 MISC http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35022 CONFIRM http://cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diff?r1=1.136&r2=1.137 http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diff?r1=1.109&r2=1.110 BUGTRAQ http://online.securityfocus.com/archive/1/262733 BID 4309

Return to the previous page.