vulnerability

Pulse Secure Pulse Connect Secure: CVE-2019-5599: Multiple Linux Kernel and FreeBSD vulnerabilities (SA44193)

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

Jul 2, 2019

Added

Oct 28, 2020

Modified

Feb 15, 2024

Description

In FreeBSD 12.0-STABLE before r349197 and 12.0-RELEASE before 12.0-RELEASE-p6, a bug in the non-default RACK TCP stack can allow an attacker to cause several linked lists to grow unbounded and cause an expensive list traversal on every packet being processed, leading to resource exhaustion and a denial of service.

Solutions

pulse-secure-pulse-connect-secure-upgrade-9_0r5pulse-secure-pulse-connect-secure-upgrade-9_1r3pulse-secure-pulse-connect-secure-upgrade-9_1r5

References

CERT-VN-905115
CVE-2019-5599
https://attackerkb.com/topics/CVE-2019-5599
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report