CVE-1999-0001

CWE-20Improper Input Validation4 documents4 sources
Severity
5.0MEDIUM
EPSS
1.0%
top 22.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Bsdi BSD OSFreebsd FreebsdOpenbsd Openbsd
Timeline
PublishedDec 30
Latest updateApr 30

Description

ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDbsdi/bsd_os3.1
NVDopenbsd/openbsd2.3, 2.4+1

Also affects: Freebsd 1.0, 1.1, 1.1.5.1, 1.2, 2.0, 2.0.1, 2.0.5, 2.1.5, 2.1.6, 2.1.6.1, 2.1.7, 2.1.7.1, 2.2, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.8, 3.0

🔴Vulnerability Details

2
GHSA
GHSA-q295-vmhf-gfx2: ip_input2022-04-30
CVEList
CVE-1999-0001: ip_input2000-02-04

💥Exploits & PoCs

1
Exploit-DB
Sun Solaris 10 - rpc.ypupdated Remote Code Execution (Metasploit)2008-04-04
CVE-1999-0001 (MEDIUM CVSS 5) | ip_input.c in BSD-derived TCP/IP im | cvebase.io