Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2317

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2317
Last Modified 05 Sep 2008 04:51:27
Published 19 Jul 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2317

Summary

Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before 2.0.17, when MACLIST_TTL is greater than 0 or MACLIST_DISPOSITION is set to ACCEPT, allows remote attackers with an accepted MAC address to bypass other firewall rules or policies.

Vulnerable Systems

Application

  • Shorewall 2.0.0

  • Shorewall 2.0.0a

  • Shorewall 2.0.0b

  • Shorewall 2.0.1

  • Shorewall 2.0.10

  • Shorewall 2.0.11

  • Shorewall 2.0.12

  • Shorewall 2.0.13

  • Shorewall 2.0.14

  • Shorewall 2.0.15

  • Shorewall 2.0.16

  • Shorewall 2.0.2

  • Shorewall 2.0.2a

  • Shorewall 2.0.2b

  • Shorewall 2.0.2c

  • Shorewall 2.0.2d

  • Shorewall 2.0.2e

  • Shorewall 2.0.2f

  • Shorewall 2.0.3

  • Shorewall 2.0.3a

  • Shorewall 2.0.3b

  • Shorewall 2.0.3c

  • Shorewall 2.0.4

  • Shorewall 2.0.5

  • Shorewall 2.0.6

  • Shorewall 2.0.7

  • Shorewall 2.0.8

  • Shorewall 2.0.9

  • Shorewall 2.2.0

  • Shorewall 2.2.1

  • Shorewall 2.2.2

  • Shorewall 2.2.3

  • Shorewall 2.2.4

  • Shorewall 2.4.0

  • Shorewall 2.4.0 Rc1

  • Shorewall 2.4.0 Rc2


References

CONFIRM - http://shorewall.net/News.htm#20050717

SECUNIA - 16087

FULLDISC - 20050718 Shorewall MACLIST Problem

UBUNTU - USN-197-1

BID - 14292

GENTOO - GLSA-200507-20

DEBIAN - DSA-849

SECUNIA - 17113

SECUNIA - 17110


Last Updated: 27 May 2016 10:40:28