NuFW 2.2.3, and certain other versions after 2.0, allows remote attackers to bypass time-based packet filtering rules via certain “out of period” choices of packet transmission time.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 9 | all | nufw | < 2.4.3-3.4 | nufw_2.4.3-3.4_all.deb |