Linux Distros Unpatched Vulnerability : CVE-2012-2663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - extensions/libxttcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewa...

SUSE: Security Advisory (SUSE-SU-2012:1391-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-2663

extensions/libxttcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant...

Code injection

The tcprcvstateprocess function in net/ipv4/tcpinput.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service kernel resource consumption via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663...

Linux kernel 2.6.x iptables '--syn'规则安全绕过漏洞

Bugtraq ID: 53733 CVE ID：CVE-2012-2663 Linux是一款开源的操作系统。 Linux Kernel iptables在某些情况下不正确处理SYN+FIN，攻击者可以发送SYN/FIN绕过所有包含--syn的访问规则，未授权创建连接。 0 Linux kernel 2.6.x 厂商解决方案 Linux ----- 用户可参考如下供应商提供的安全公告获得补丁信息：...