Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2254

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2002-2254
Last Modified 05 Sep 2008 04:32:44
Published 31 Dec 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-2254

Summary

The experimental IP packet queuing feature in Netfilter / IPTables in Linux kernel 2.4 up to 2.4.19 and 2.5 up to 2.5.31, when a privileged process exits and network traffic is not being queued, may allow a later process with the same Process ID (PID) to access certain network traffic that would otherwise be restricted.

Vulnerable Systems

Operating System

  • Linux Kernel 2.4.0

  • Linux Kernel 2.4.1

  • Linux Kernel 2.4.10

  • Linux Kernel 2.4.11

  • Linux Kernel 2.4.12

  • Linux Kernel 2.4.13

  • Linux Kernel 2.4.14

  • Linux Kernel 2.4.15

  • Linux Kernel 2.4.16

  • Linux Kernel 2.4.17

  • Linux Kernel 2.4.18

  • Linux Kernel 2.4.19

  • Linux Kernel 2.5.0

  • Linux Kernel 2.5.1

  • Linux Kernel 2.5.10

  • Linux Kernel 2.5.11

  • Linux Kernel 2.5.12

  • Linux Kernel 2.5.13

  • Linux Kernel 2.5.14

  • Linux Kernel 2.5.15

  • Linux Kernel 2.5.16

  • Linux Kernel 2.5.17

  • Linux Kernel 2.5.18

  • Linux Kernel 2.5.19

  • Linux Kernel 2.5.2

  • Linux Kernel 2.5.20

  • Linux Kernel 2.5.21

  • Linux Kernel 2.5.22

  • Linux Kernel 2.5.23

  • Linux Kernel 2.5.24

  • Linux Kernel 2.5.25

  • Linux Kernel 2.5.26

  • Linux Kernel 2.5.27

  • Linux Kernel 2.5.28

  • Linux Kernel 2.5.29

  • Linux Kernel 2.5.3

  • Linux Kernel 2.5.30

  • Linux Kernel 2.5.31


References

BID - 6305

XF - linux-netfilter-obtain-information(10756)

BUGTRAQ - 20021203 Local Netfilter / IPTables IP Queue PID Wrap Flaw


Last Updated: 27 May 2016 10:37:40