Vulnerability Details CVE-2000-0314
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.0%
CVSS Severity
CVSS v2 Score 5.0
References
- ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc
- http://marc.info/?l=bugtraq&m=91893782027835&w=2
- http://www.osvdb.org/7574
- ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc
- http://marc.info/?l=bugtraq&m=91893782027835&w=2
- http://www.osvdb.org/7574
Products affected by CVE-2000-0314
-
cpe:2.3:o:debian:debian_linux:2.0.34
-
cpe:2.3:o:digital:unix:4.0
-
cpe:2.3:o:netbsd:netbsd:-
-
cpe:2.3:o:netbsd:netbsd:1.0
-
cpe:2.3:o:netbsd:netbsd:1.1
-
cpe:2.3:o:netbsd:netbsd:1.2
-
cpe:2.3:o:netbsd:netbsd:1.2.1
-
cpe:2.3:o:netbsd:netbsd:1.3
-
cpe:2.3:o:netbsd:netbsd:1.3.1
-
cpe:2.3:o:netbsd:netbsd:1.3.2
-
cpe:2.3:o:netbsd:netbsd:1.3.3
-
cpe:2.3:o:redhat:linux:2.0.34
-
cpe:2.3:o:slackware:slackware_linux:2.0.34