Lucene search

MitreCVE-2002-0060

HistoryJun 25, 2002 - 4:00 a.m.

CVE-2002-0060

2002-06-2504:00:00

mitre

web.nvd.nist.gov

linux

netfilter

firewall bypass

cve-2002-0060

remote attackers

dcc connections.

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

High

EPSS

0.013

Percentile

86.0%

JSON

IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions.

Affected configurations

Nvd

Node

linuxlinux_kernelRange≤2.4.18pre9

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:pre9:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::pre9::::::*

References

frontal2.mandriva.com/security/advisories?name=MDKSA-2002:041

marc.info/?l=bugtraq&m=101483396412051&w=2

marc.info/?l=vuln-dev&m=101486352429653&w=2

www.kb.cert.org/vuls/id/230307

www.netfilter.org/security/2002-02-25-irc-dcc-mask.html

www.redhat.com/support/errata/RHSA-2002-028.html

www.securityfocus.com/bid/4188

www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0203-027

exchange.xforce.ibmcloud.com/vulnerabilities/8302

Social References

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

High

EPSS

0.013

Percentile

86.0%

JSON

Related for CVE-2002-0060