Vulnerability Details CVE-2000-1167
ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the "nat deny_incoming" command, which allows remote attackers to connect to the target system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 72.0%
CVSS Severity
CVSS v2 Score 7.5
References
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:70.ppp-nat.asc
- http://www.osvdb.org/1655
- http://www.securityfocus.com/bid/1974
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5584
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:70.ppp-nat.asc
- http://www.osvdb.org/1655
- http://www.securityfocus.com/bid/1974
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5584
Products affected by CVE-2000-1167
-
cpe:2.3:o:freebsd:freebsd:3.5
-
cpe:2.3:o:freebsd:freebsd:3.5.1
-
cpe:2.3:o:freebsd:freebsd:4.0
-
cpe:2.3:o:freebsd:freebsd:4.1
-
cpe:2.3:o:freebsd:freebsd:4.1.1