CVE-2000-0314

3 documents3 sources

Severity

5.0MEDIUM

EPSS

0.3%

top 45.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netbsd Netbsd Debian Debian Linux Digital Unix +2 more

Timeline

PublishedMar 12

Latest updateMay 3

Description

traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

▶NVDnetbsd/netbsd1.3.3

▶NVDredhat/linux2.0.34

▶NVDslackware/slackware_linux2.0.34

▶NVDdigital/unix4.0

Also affects: Debian Linux 2.0.34

Patches

Patch: ftp.netbsd.org ↗Patch: ftp.netbsd.org ↗

🔴Vulnerability Details

GHSA

GHSA-c4h3-4hjj-m5cr: traceroute in NetBSD 1↗2022-05-03

▶

CVEList

CVE-2000-0314: traceroute in NetBSD 1↗2001-05-07

▶