CVE-2000-0440

Freebsd - Denial of Service

Title source: rule

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0440. PoCs published by y3t1.

AI-analyzed exploit summary This exploit targets a vulnerability in NetBSD 1.4.x and FreeBSD 4.x kernels by sending malformed IP packets with unaligned IP timestamp options, causing a kernel panic on Alpha and SPARC architectures. The code crafts ICMP echo packets with specific IP options to trigger the DoS condition.

Description

NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option.

Exploits (1)

exploitdb WORKING POC VERIFIED

by y3t1 · cdosbsd

https://www.exploit-db.com/exploits/19896

View Code ZIP pw:eip

This exploit targets a vulnerability in NetBSD 1.4.x and FreeBSD 4.x kernels by sending malformed IP packets with unaligned IP timestamp options, causing a kernel panic on Alpha and SPARC architectures. The code crafts ICMP echo packets with specific IP options to trigger the DoS condition.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: NetBSD 1.4.x, FreeBSD 4.x

No auth needed

Prerequisites: Network access to target · Raw socket permissions

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1173

Vendor Advisory vendor-advisory x_refsource_netbsd

ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-002.txt.asc

Third Party Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2000-05/0088.html

Scores

EPSS 0.0324

EPSS Percentile 86.7%

Details

Status published

Products (5)

freebsd/freebsd 3.4

freebsd/freebsd 4.0

freebsd/freebsd 5.0

netbsd/netbsd 1.4.1

netbsd/netbsd 1.4.2

Published May 01, 2000

Tracked Since Feb 18, 2026