The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and previous versions, and FreeBSD 2.2.5 and previous versions, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote malicious users to spoof TCP connections.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bsdi bsd os |
||
freebsd freebsd 2.2 |
||
freebsd freebsd 2.2.5 |
||
openbsd openbsd 2.2 |
||
openbsd openbsd 2.0 |
||
openbsd openbsd 2.1 |