Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0060

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0060
Last Modified 05 Sep 2008 04:27:04
Published 08 Mar 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0060

Summary

IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions.

Vulnerable Systems

Operating System

  • Linux Kernel 2.4.18


References

CERT-VN - VU#230307

CONFIRM - http://www.netfilter.org/security/2002-02-25-irc-dcc-mask.html

BUGTRAQ - 20020227 security advisory linux 2.4.x ip_conntrack_irc

XF - linux-dcc-port-access(8302)

HP - HPSBUX0203-027

BID - 4188

REDHAT - RHSA-2002:028

VULN-DEV - 20020227 Fwd: [ANNOUNCE] Security Advisory about IRC DCC connection tracking

MANDRAKE - MDKSA-2002:041


Last Updated: 27 May 2016 10:36:46