Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0986Linux vulnerability

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
2.4%
top 15.06%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Debian LinuxLinux KernelRedhat Linux
Timeline
PublishedDec 8
Latest updateApr 30

Description

The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDredhat/linux5.2
NVDlinux/linux_kernel6 versions+5

Also affects: Debian Linux 2.1

🔴Vulnerability Details

2
GHSA
GHSA-9mjp-wq93-cgg3: The ping command in Linux 22022-04-30
CVEList
CVE-1999-0986: The ping command in Linux 22000-01-04

💥Exploits & PoCs

1
Exploit-DB
Linux Kernel 2.0.x (Debian 2.1 / RedHat 5.2) - Packet Length with Options1999-12-08
CVE-1999-0986 — Debian Linux vulnerability | cvebase