CVE-2014-7250

NONE EPSS 90.8%
Published Dec 12, 201411y ago · Modified Jun 17, 20262w ago
Find Similar
Published Dec 12, 2014 11y ago
Last Modified Jun 17, 2026 2w ago

Description

The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.

Threat Intelligence

EPSS Exploit Probability
90.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-399

Affected Products 4

VendorProductVersionRange
bsdbsd4.3any
freebsdfreebsd5.4any
netbsdnetbsd2.0any
openbsdopenbsd3.6any

References 3

  • jvn.jp http://jvn.jp/en/jp/JVN07930208/index.html
    Vendor Advisory
  • jvndb.jvn.jp http://jvndb.jvn.jp/jvndb/JVNDB-2014-000134
    Vendor Advisory
  • bugs.freebsd.org https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195243

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.