What is the severity of CVE-2014-3955?

CVE-2014-3955 has a severity rating that indicates it can lead to denial of service due to an assertion failure in the routed daemon.

How do I fix CVE-2014-3955?

To remediate CVE-2014-3955, you should upgrade your FreeBSD system to a version where this vulnerability is patched, following the guidance provided in FreeBSD security advisories.

What versions of FreeBSD are affected by CVE-2014-3955?

CVE-2014-3955 affects FreeBSD versions from 8.4 to 10.1-RC2.

What is the impact of CVE-2014-3955?

The impact of CVE-2014-3955 is that remote attackers can exploit it to cause a denial of service, resulting in the routed daemon exiting.

Is CVE-2014-3955 exploitable from a remote location?

Yes, CVE-2014-3955 can be exploited by remote attackers sending RIP requests from sources not on a directly connected network.

Vulnerability/
CVE-2014-3955

medium

CWE

27/10/2014

6/8/2024

CVE-2014-3955: Input Validation

First published: Mon Oct 27 2014(Updated: )

routed in FreeBSD 8.4 through 10.1-RC2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RIP request from a source not on a directly connected network.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
FreeBSD Kernel	=8.4
FreeBSD Kernel	=9.0
FreeBSD Kernel	=9.0-beta1
FreeBSD Kernel	=9.0-beta2
FreeBSD Kernel	=9.0-beta3
FreeBSD Kernel	=9.1
FreeBSD Kernel	=9.1-p4
FreeBSD Kernel	=9.1-p5
FreeBSD Kernel	=9.2
FreeBSD Kernel	=9.2-prerelease
FreeBSD Kernel	=9.2-rc1
FreeBSD Kernel	=9.2-rc2
FreeBSD Kernel	=9.3
FreeBSD Kernel	=9.3-rc1
FreeBSD Kernel	=9.3-rc2
FreeBSD Kernel	=10.0
FreeBSD Kernel	=10.0-rc1
FreeBSD Kernel	=10.0-rc2
FreeBSD Kernel	=10.1
FreeBSD Kernel	=10.1-rc1
FreeBSD Kernel	=10.1-rc2

Remedy

https://www.freebsd.org/security/advisories/FreeBSD-SA-14:21.routed.asc

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-3955?
CVE-2014-3955 has a severity rating that indicates it can lead to denial of service due to an assertion failure in the routed daemon.
How do I fix CVE-2014-3955?
To remediate CVE-2014-3955, you should upgrade your FreeBSD system to a version where this vulnerability is patched, following the guidance provided in FreeBSD security advisories.
What versions of FreeBSD are affected by CVE-2014-3955?
CVE-2014-3955 affects FreeBSD versions from 8.4 to 10.1-RC2.
What is the impact of CVE-2014-3955?
The impact of CVE-2014-3955 is that remote attackers can exploit it to cause a denial of service, resulting in the routed daemon exiting.
Is CVE-2014-3955 exploitable from a remote location?
Yes, CVE-2014-3955 can be exploited by remote attackers sending RIP requests from sources not on a directly connected network.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/remedy
agent/author
agent/weakness
agent/references
agent/severity
agent/last-modified-date
agent/description
agent/event
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/freebsd
canonical/freebsd kernel
version/freebsd kernel/8.4
version/freebsd kernel/9.0
version/freebsd kernel/9.0-beta1
version/freebsd kernel/9.0-beta2
version/freebsd kernel/9.0-beta3
version/freebsd kernel/9.1
version/freebsd kernel/9.1-p4
version/freebsd kernel/9.1-p5
version/freebsd kernel/9.2
version/freebsd kernel/9.2-prerelease
version/freebsd kernel/9.2-rc1
version/freebsd kernel/9.2-rc2
version/freebsd kernel/9.3
version/freebsd kernel/9.3-rc1
version/freebsd kernel/9.3-rc2
version/freebsd kernel/10.0
version/freebsd kernel/10.0-rc1
version/freebsd kernel/10.0-rc2
version/freebsd kernel/10.1
version/freebsd kernel/10.1-rc1
version/freebsd kernel/10.1-rc2