Unrated severityNVD Advisory· Published Jun 25, 2002· Updated Jun 16, 2026

CVE-2002-0381

Description

The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

FreeBSD/FreeBSD2 versions
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*range: <=4.5
- (no CPE)
NetBSD/NetBSD2 versions
cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*
- (no CPE)
OpenBSD/OpenBSD2 versions
cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
- (no CPE)

Patches

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

www.freebsd.org/cgi/query-pr.cginvdPatchVendor Advisory
online.securityfocus.com/archive/1/262733nvdExploitPatchVendor Advisory
patches.sgi.com/support/free/security/advisories/20030604-01-Invd
cvsweb.netbsd.org/bsdweb.cgi/syssrc/sys/netinet/tcp_input.c.diffnvd
www.iss.net/security_center/static/8485.phpnvd
www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/tcp_input.c.diffnvd
www.osvdb.org/5308nvd
www.securityfocus.com/bid/4309nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000