Vulnerability Details : CVE-2001-0969
ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts.
Exploit prediction scoring system (EPSS) score for CVE-2001-0969
Probability of exploitation activity in the next 30 days: 0.40%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 71 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2001-0969
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2001-0969
-
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:53.ipfw.asc
Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/3206
Patch;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/7002
Products affected by CVE-2001-0969
- cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*