CVE Vulnerabilities

CVE-2004-1799

Published: Dec 31, 2004 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via spoofed packets to other interfaces.

Affected Software

Name Vendor Start Version End Version
Openbsd Openbsd 3.0 (including) 3.0 (including)
Openbsd Openbsd 3.1 (including) 3.1 (including)
Openbsd Openbsd 3.2 (including) 3.2 (including)
Openbsd Openbsd 3.3 (including) 3.3 (including)
Openbsd Openbsd 3.4 (including) 3.4 (including)

References