CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
86.0%
IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions.
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:pre9:*:*:*:*:*:* |
frontal2.mandriva.com/security/advisories?name=MDKSA-2002:041
marc.info/?l=bugtraq&m=101483396412051&w=2
marc.info/?l=vuln-dev&m=101486352429653&w=2
www.kb.cert.org/vuls/id/230307
www.netfilter.org/security/2002-02-25-irc-dcc-mask.html
www.redhat.com/support/errata/RHSA-2002-028.html
www.securityfocus.com/bid/4188
www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0203-027
exchange.xforce.ibmcloud.com/vulnerabilities/8302
More