Vulnerability Description
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freebsd | Freebsd | 3.2 |
| Linux | Linux Kernel | <= 2.2.10 |
References
- http://marc.info/?l=bugtraq&m=93277426802802&w=2
- http://marc.info/?l=bugtraq&m=93277766505061&w=2
- http://www.iss.net/security_center/static/7257.php
- http://www.kernel.org/pub/linux/kernel/v2.2/patch-2.2.11.gz
- http://www.osvdb.org/6105
- http://marc.info/?l=bugtraq&m=93277426802802&w=2
- http://marc.info/?l=bugtraq&m=93277766505061&w=2
- http://www.iss.net/security_center/static/7257.php
- http://www.kernel.org/pub/linux/kernel/v2.2/patch-2.2.11.gz
- http://www.osvdb.org/6105
FAQ
What is CVE-1999-1339?
CVE-1999-1339 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic)...
How severe is CVE-1999-1339?
CVE-1999-1339 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1339?
Check the references section above for vendor advisories and patch information. Affected products include: Freebsd Freebsd, Linux Linux Kernel.