CVE-2014-3955
FreeBSD Security Advisory - routed(8) Remote Denial of Service
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
routed in FreeBSD 8.4 through 10.1-RC2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RIP request from a source not on a directly connected network.
routed en FreeBSD 8.4 hasta 10.1-RC2 permite a atacantes remotos causar una denegación de servicio (fallo de aserción y salida de demonio) a través de una solicitud RIP de una fuente que no está en una red conectada directamente.
The input path in routed(8) will accept queries from any source and attempt to answer them. However, the output path assumes that the destination address for the response is on a directly connected network. Upon receipt of a query from a source which is not on a directly connected network, routed(8) will trigger an assertion and terminate. The affected system's routing table will no longer be updated. If the affected system is a router, its routes will eventually expire from other routers' routing tables, and its networks will no longer be reachable unless they are also connected to another router.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-06-03 CVE Reserved
- 2014-10-22 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/61865 | Third Party Advisory | |
| http://www.securitytracker.com/id/1031099 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.freebsd.org/security/advisories/FreeBSD-SA-14:21.routed.asc | 2019-03-18 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 8.4 Search vendor "Freebsd" for product "Freebsd" and version "8.4" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 9.0 Search vendor "Freebsd" for product "Freebsd" and version "9.0" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 9.0 Search vendor "Freebsd" for product "Freebsd" and version "9.0" | beta1 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 9.0 Search vendor "Freebsd" for product "Freebsd" and version "9.0" | beta2 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 9.0 Search vendor "Freebsd" for product "Freebsd" and version "9.0" | beta3 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 9.1 Search vendor "Freebsd" for product "Freebsd" and version "9.1" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 9.1 Search vendor "Freebsd" for product "Freebsd" and version "9.1" | p4 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 9.1 Search vendor "Freebsd" for product "Freebsd" and version "9.1" | p5 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 9.2 Search vendor "Freebsd" for product "Freebsd" and version "9.2" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 9.2 Search vendor "Freebsd" for product "Freebsd" and version "9.2" | prerelease |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 9.2 Search vendor "Freebsd" for product "Freebsd" and version "9.2" | rc1 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 9.2 Search vendor "Freebsd" for product "Freebsd" and version "9.2" | rc2 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 9.3 Search vendor "Freebsd" for product "Freebsd" and version "9.3" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 9.3 Search vendor "Freebsd" for product "Freebsd" and version "9.3" | rc1 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 9.3 Search vendor "Freebsd" for product "Freebsd" and version "9.3" | rc2 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 10.0 Search vendor "Freebsd" for product "Freebsd" and version "10.0" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 10.0 Search vendor "Freebsd" for product "Freebsd" and version "10.0" | rc1 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 10.0 Search vendor "Freebsd" for product "Freebsd" and version "10.0" | rc2 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 10.1 Search vendor "Freebsd" for product "Freebsd" and version "10.1" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 10.1 Search vendor "Freebsd" for product "Freebsd" and version "10.1" | rc1 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 10.1 Search vendor "Freebsd" for product "Freebsd" and version "10.1" | rc2 |
Affected
| ||||||