CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-7250

The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.037

EPSS Ranking 87.5%

CVSS Severity

CVSS v2 Score 5.0

References

http://jvn.jp/en/jp/JVN07930208/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000134
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195243
http://jvn.jp/en/jp/JVN07930208/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000134
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195243

Products affected by CVE-2014-7250

Bsd » Bsd » Version: 4.3

cpe:2.3:o:bsd:bsd:4.3
Freebsd » Freebsd » Version: 5.4

cpe:2.3:o:freebsd:freebsd:5.4
Netbsd » Netbsd » Version: 2.0

cpe:2.3:o:netbsd:netbsd:2.0
Openbsd » Openbsd » Version: 3.6

cpe:2.3:o:openbsd:openbsd:3.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-7250

Products

Pricing

Contact Us