Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1056

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1056
Last Modified 05 Sep 2008 04:25:34
Published 30 Jul 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1056

Summary

IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid request and allow the connection to the port specified in the DCC SEND request.

Vulnerable Systems

Operating System

  • Linux Kernel 2.0.18

  • Linux Kernel 2.2.18


References

BID - 3117

BUGTRAQ - 20010730 Re: [RAZOR] Linux kernel IP masquerading vulnerability (_actual_ patch)

BUGTRAQ - 20010730 [RAZOR] Linux kernel IP masquerading vulnerability

OSVDB - 1916

XF - linux-ipmasqirc-bypass-protection(6923)


Last Updated: 27 May 2016 10:36:30