Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0405

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0405
Last Modified 05 Sep 2008 04:24:01
Published 02 Jul 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0405

Summary

ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall.

Vulnerable Systems

Operating System

  • Linux Kernel 2.4.0

  • Linux Kernel 2.4.1

  • Linux Kernel 2.4.2

  • Linux Kernel 2.4.3


References

BID - 2602

BUGTRAQ - 20010416 Tempest Security Techonologies -- Adivsory #01/2001 -- Linux IPTables

REDHAT - RHSA-2001:052

XF - linux-netfilter-iptables(6390)

REDHAT - RHSA-2001:084

MANDRAKE - MDKSA-2001:071


Last Updated: 27 May 2016 10:36:15