QwikSec

Security Database

CVE

CWE

Training

CVE-2002-0381

Published: Apr 2, 2003

Modified: Aug 8, 2024

PUBLISHED

Description

The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20020317 TCP Connections to a Broadcast Address on BSD-Based Systems

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_BID

http://cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diff?r1=1.136&r2=1.137

x_refsource_CONFIRM

bsd-broadcast-address(8485)

vdb-entry

x_refsource_XF

http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diff?r1=1.109&r2=1.110

x_refsource_CONFIRM

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35022

x_refsource_MISC

vdb-entry

x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.