Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1978

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1978
Last Modified 03 Apr 2009 12:00:00
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1978

Summary

IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.

Vulnerable Systems

Application

  • Darren Reed Ipfilter 3.1.1

  • Darren Reed Ipfilter 3.1.10

  • Darren Reed Ipfilter 3.1.2

  • Darren Reed Ipfilter 3.1.3

  • Darren Reed Ipfilter 3.1.4

  • Darren Reed Ipfilter 3.1.5

  • Darren Reed Ipfilter 3.1.6

  • Darren Reed Ipfilter 3.1.7

  • Darren Reed Ipfilter 3.1.8

  • Darren Reed Ipfilter 3.1.9

  • Darren Reed Ipfilter 3.2.1

  • Darren Reed Ipfilter 3.2.10

  • Darren Reed Ipfilter 3.2.11

  • Darren Reed Ipfilter 3.2.12

  • Darren Reed Ipfilter 3.2.13

  • Darren Reed Ipfilter 3.2.14

  • Darren Reed Ipfilter 3.2.15

  • Darren Reed Ipfilter 3.2.16

  • Darren Reed Ipfilter 3.2.17

  • Darren Reed Ipfilter 3.2.18

  • Darren Reed Ipfilter 3.2.19

  • Darren Reed Ipfilter 3.2.2

  • Darren Reed Ipfilter 3.2.20

  • Darren Reed Ipfilter 3.2.21

  • Darren Reed Ipfilter 3.2.22

  • Darren Reed Ipfilter 3.2.3

  • Darren Reed Ipfilter 3.2.4

  • Darren Reed Ipfilter 3.2.5

  • Darren Reed Ipfilter 3.2.6

  • Darren Reed Ipfilter 3.2.7

  • Darren Reed Ipfilter 3.2.8

  • Darren Reed Ipfilter 3.2.9

  • Darren Reed Ipfilter 3.3.1

  • Darren Reed Ipfilter 3.3.10

  • Darren Reed Ipfilter 3.3.11

  • Darren Reed Ipfilter 3.3.12

  • Darren Reed Ipfilter 3.3.13

  • Darren Reed Ipfilter 3.3.14

  • Darren Reed Ipfilter 3.3.15

  • Darren Reed Ipfilter 3.3.16

  • Darren Reed Ipfilter 3.3.17

  • Darren Reed Ipfilter 3.3.18

  • Darren Reed Ipfilter 3.3.19

  • Darren Reed Ipfilter 3.3.2

  • Darren Reed Ipfilter 3.3.20

  • Darren Reed Ipfilter 3.3.21

  • Darren Reed Ipfilter 3.3.22

  • Darren Reed Ipfilter 3.3.3

  • Darren Reed Ipfilter 3.3.4

  • Darren Reed Ipfilter 3.3.5

  • Darren Reed Ipfilter 3.3.6

  • Darren Reed Ipfilter 3.3.7

  • Darren Reed Ipfilter 3.3.8

  • Darren Reed Ipfilter 3.3.9

  • Darren Reed Ipfilter 3.4.1

  • Darren Reed Ipfilter 3.4.10

  • Darren Reed Ipfilter 3.4.11

  • Darren Reed Ipfilter 3.4.12

  • Darren Reed Ipfilter 3.4.13

  • Darren Reed Ipfilter 3.4.14

  • Darren Reed Ipfilter 3.4.15

  • Darren Reed Ipfilter 3.4.16

  • Darren Reed Ipfilter 3.4.17

  • Darren Reed Ipfilter 3.4.18

  • Darren Reed Ipfilter 3.4.19

  • Darren Reed Ipfilter 3.4.2

  • Darren Reed Ipfilter 3.4.20

  • Darren Reed Ipfilter 3.4.21

  • Darren Reed Ipfilter 3.4.22

  • Darren Reed Ipfilter 3.4.23

  • Darren Reed Ipfilter 3.4.24

  • Darren Reed Ipfilter 3.4.25

  • Darren Reed Ipfilter 3.4.26

  • Darren Reed Ipfilter 3.4.27

  • Darren Reed Ipfilter 3.4.28

  • Darren Reed Ipfilter 3.4.3

  • Darren Reed Ipfilter 3.4.4

  • Darren Reed Ipfilter 3.4.5

  • Darren Reed Ipfilter 3.4.6

  • Darren Reed Ipfilter 3.4.7

  • Darren Reed Ipfilter 3.4.8

  • Darren Reed Ipfilter 3.4.9


References

CERT-VN - VU#328867

BID - 6010

XF - ip-filter-bypass-firewall(10409)

SECTRACK - 1005442

NETBSD - NetBSD-SA2002-024


Last Updated: 27 May 2016 10:37:34