Lucene search
HistorySep 18, 2001 - 4:00 a.m.
CVE-2001-0405
linux 2.4
ip_conntrack_ftp
cve-2001-0405
firewall vulnerability
ftp server
access bypass
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.9
Confidence
Low
EPSS
0.019
Percentile
88.5%
ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall.
Affected configurations
Node
linuxlinux_kernelMatch2.4.0
ORlinuxlinux_kernelMatch2.4.0test1
ORlinuxlinux_kernelMatch2.4.1
ORlinuxlinux_kernelMatch2.4.2
ORlinuxlinux_kernelMatch2.4.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | 2.4.1 | cpe:/o:linux:linux_kernel:2.4.1::: |
| linux | linux_kernel | 2.4.0 | cpe:/o:linux:linux_kernel:2.4.0::: |
| linux | linux_kernel | 2.4.2 | cpe:/o:linux:linux_kernel:2.4.2::: |
| linux | linux_kernel | 2.4.0 | cpe:/o:linux:linux_kernel:2.4.0:test1:: |
| linux | linux_kernel | 2.4.3 | cpe:/o:linux:linux_kernel:2.4.3::: |
References
Related
nessus
nessus
Mandrake Linux Security Advisory : kernel (MDKSA-2001:071)
2004-07-31 00:00:00
cvelist
cvelist
CVE-2001-0405
2001-09-18 04:00:00
nvd
nvd
CVE-2001-0405
2001-07-02 04:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.9
Confidence
Low
EPSS
0.019
Percentile
88.5%
Related for CVE-2001-0405