CVE-2005-2068

FreeBSD 4.x through 4.11 and 5.x through 5.4 allows remote attackers to modify certain TCP options via a TCP packet with the SYN flag set for an already established session.

Published: Jul 5, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-2068
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
freebsd / freebsd	5.2.1	5.2.1.x
freebsd / freebsd	5.4	5.4.x
freebsd / freebsd	5.3	5.3.x
freebsd / freebsd	4.11	4.11.x
freebsd / freebsd	4.5	4.5.x
freebsd / freebsd	4.7	4.7.x
freebsd / freebsd	4.1	4.1.x
freebsd / freebsd	4.4	4.4.x
freebsd / freebsd	5.1	5.1.x
freebsd / freebsd	5.2	5.2.x
freebsd / freebsd	4.8	4.8.x
freebsd / freebsd	4.2	4.2.x
freebsd / freebsd	4.0	4.0.x
freebsd / freebsd	4.1.1	4.1.1.x
freebsd / freebsd	4.6	4.6.x
freebsd / freebsd	4.3	4.3.x
freebsd / freebsd	4.10	4.10.x
freebsd / freebsd	5.0	5.0.x
freebsd / freebsd	4.9	4.9.x
freebsd / freebsd	4.6.2	4.6.2.x

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc

Vulnerability Database

290,301

CVE-2005-2068