Denial of Service Vulnerability in SYN Cache and SYN Cookie Mechanism in FreeBSD 4.5 and Earlier

Denial of Service Vulnerability in SYN Cache and SYN Cookie Mechanism in FreeBSD 4.5 and Earlier

CVE-2002-0518 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The SYN cache (syncache) and SYN cookie (syncookie) mechanism in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (crash) (1) via a SYN packet that is accepted using syncookies that causes a null pointer to be referenced for the socket's TCP options, or (2) by killing and restarting a process that listens on the same socket, which does not properly clear the old inpcb pointer on restart.

Learn more about our Web Application Penetration Testing UK.