CVE-2001-0969
First published: Fri Aug 31 2001(Updated: )
ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| FreeBSD Kernel | =4.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-0969?
CVE-2001-0969 has a moderate severity rating due to its potential to allow unauthorized access to systems.
What software is affected by CVE-2001-0969?
CVE-2001-0969 specifically affects FreeBSD version 4.3.
How do I fix CVE-2001-0969?
To fix CVE-2001-0969, update FreeBSD to a version that addresses this vulnerability.
What is the nature of the vulnerability in CVE-2001-0969?
CVE-2001-0969 occurs when ipfw fails to properly handle rules using "me" on point-to-point interfaces, allowing unintended connections.
Can CVE-2001-0969 be exploited remotely?
Yes, CVE-2001-0969 can be exploited by remote attackers due to the improper handling of ipfw rules.
- agent/type
- agent/softwarecombine
- agent/remedy
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/author
- agent/weakness
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/freebsd
- canonical/freebsd kernel
- version/freebsd kernel/4.3