VYPR

PF

by OpenBSD

CVEs (2)

  • CVE-2006-0381Jan 25, 2006
    risk 0.01cvss epss 0.06

    A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a…

  • CVE-2004-1799Dec 31, 2004
    risk 0.00cvss epss 0.01

    PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via spoofed packets to other interfaces.