CVE-1999-0116

Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
ftp://patches.sgi.com/support/free/security/advisories/19961202-01-PX
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/136
ftp://patches.sgi.com/support/free/security/advisories/19961202-01-PX
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/136

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:ibm:aix:3.2.5:::::::*
	cpe:2.3:o:ibm:aix:4.1:::::::*
	cpe:2.3:o:ibm:aix:4.2:::::::*

Configuration 2 (hide)

OR	cpe:2.3:h:ibm:sng:2.1:::::::*
	cpe:2.3:h:ibm:sng:2.2:::::::*

History

20 Nov 2024, 23:27

Type	Values Removed	Values Added
References	~~() ftp://patches.sgi.com/support/free/security/advisories/19961202-01-PX -~~	() ftp://patches.sgi.com/support/free/security/advisories/19961202-01-PX -
References	~~() http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/136 -~~	() http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/136 -

Information

Published : 1996-09-19 04:00

Updated : 2024-11-20 23:27

NVD link : CVE-1999-0116

Mitre link : CVE-1999-0116

CVE.ORG link : CVE-1999-0116

JSON object : View

Products Affected

ibm

sng
aix

CWE

NVD-CWE-Other

{"id": "CVE-1999-0116", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "1996-09-19T04:00:00.000", "references": [{"url": "ftp://patches.sgi.com/support/free/security/advisories/19961202-01-PX", "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/136", "source": "cve@mitre.org"}, {"url": "ftp://patches.sgi.com/support/free/security/advisories/19961202-01-PX", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/136", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood."}], "lastModified": "2024-11-20T23:27:53.777", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3C00FC9-AD97-4226-A0EA-7DB14AA592DE"}, {"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079"}, {"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ibm:sng:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FAC4577-5CC1-4099-8CBE-8AD5C1AF3807"}, {"criteria": "cpe:2.3:h:ibm:sng:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E223FC83-3079-4EB8-940F-5546DCD6F473"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}