Exploitation Summary
EIP tracks 1 public exploit for CVE-2000-0279. PoCs published by Tim Newsham.
AI-analyzed exploit summary The exploit sends malformed IP packets with an invalid length field to crash the BeOS networking process. For TCP, the length is set to 39 (less than the required 40), and for UDP, it is set to 27 (less than the required 28).
Description
BeOS allows remote attackers to cause a denial of service via malformed packets whose length field is less than the length of the headers.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Tim Newsham · localbeos
https://www.exploit-db.com/exploits/19841
The exploit sends malformed IP packets with an invalid length field to crash the BeOS networking process. For TCP, the length is set to 39 (less than the required 40), and for UDP, it is set to 27 (less than the required 28).
Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:
BeOS networking process
No auth needed
Prerequisites:
Network access to the target BeOS system
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Various Sources x_refsource_misc
http://bebugs.be.com/devbugs/detail.php3?oid=2505312
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-04/0029.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1100
Scores
EPSS
0.0728
EPSS Percentile
93.6%
Details
Status
published
Products (3)
be/beos
4.0
be/beos
4.5
be/beos
5.0
Published
Apr 07, 2000
Tracked Since
Feb 18, 2026