CVE-2008-1058 : The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 allows att

The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 allows attackers to cause a denial of service (panic) via crafted TCP packets. NOTE: some of these details are obtained from third party information.

Published 2008-02-28 19:44:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2008-1058

Openbsd » Openbsd » Version: 4.2
cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*
Matching versions
Openbsd » Openbsd » Version: 4.1
cpe:2.3:o:openbsd:openbsd:4.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2008-1058

EPSS FAQ

0.32%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 54 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2008-1058

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C	10.0	6.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

References for CVE-2008-1058

http://www.securityfocus.com/bid/27949

Patch
http://www.vupen.com/english/advisories/2008/0660

CVEs referencing this url
http://www.openbsd.org/errata42.html#007_tcprespond

Patch
http://www.securitytracker.com/id?1019495
http://secunia.com/advisories/29078

Patch;Vendor Advisory

CVEs referencing this url
http://www.openbsd.org/errata41.html#013_tcprespond

Patch

Jump to

Vulnerability Details : CVE-2008-1058

Products affected by CVE-2008-1058

Exploit prediction scoring system (EPSS) score for CVE-2008-1058

CVSS scores for CVE-2008-1058

References for CVE-2008-1058