Bug 195243

Summary: [Vulnerability info disclosed] CVE-2014-7250
Product: Base System Reporter: Kenji Rikitake <kenji>
Component: kernAssignee: Security Team <secteam>
Status: New ---    
Severity: Affects Many People CC: emaste, tablosazi.farahan
Priority: ---    
Version: 10.1-RELEASE   
Hardware: Any   
OS: Any   

Description Kenji Rikitake 2014-11-21 09:35:55 UTC 
Japan IPA has disclosed the following vulnerability report on DDoS possibilities regarding the BSD Net/2 TCP Timer implementation. The report says FreeBSD 5.4 is vulnerable and *BSD OSes have possibilities to be attacked. 

http://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000134.html

IPA says the assigned CVE number is CVE-2014-7250.

A release of necessary patches from the FreeBSD Security Team ASAP is appreciated.

(Note that this information does not specify the vulnerable versions of the FreeBSD OS, so I set the version to 10.1-RELEASE just as a placeholder.)
Comment 1 vali gholami 2017-12-17 07:12:51 UTC 
MARKED AS SPAM