vulnerability
FreeBSD: VID-729c4a9f-6007-11e6-a6c3-14dae9d210b8 (CVE-2004-0230): FreeBSD -- Denial of Service in TCP packet processing
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Aug 11, 2016 | Dec 10, 2025 | Dec 10, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Aug 11, 2016
Added
Dec 10, 2025
Modified
Dec 10, 2025
Description
Problem Description: When a segment with the SYN flag for an already existing connection arrives, the TCP stack tears down the connection, bypassing a check that the sequence number in the segment is in the expected window. Impact: An attacker who has the ability to spoof IP traffic can tear down a TCP connection by sending only 2 packets, if they know both TCP port numbers. In case one of the two port numbers is unknown, a successful attack requires less than 2**17 packets spoofed, which can be generated within less than a second on a decent connection to the Internet.
Solutions
freebsd-upgrade-base-10_0-release-p9freebsd-upgrade-base-9_3-release-p2freebsd-upgrade-base-9_2-release-p12freebsd-upgrade-base-9_1-release-p19freebsd-upgrade-base-8_4-release-p16
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.