FreeBSD <= 4.2 - Unauthenticated Access Restriction Bypass via TCP ECE Flag
ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an established connection.