CVE-2025-68206

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload IP, port on the ftp control connection. This can requi...

CVE-2025-68206 netfilter: nft_ct: add seqadj extension for natted connections

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload IP, port on the ftp control connection. This can requi...

PT-2025-51619

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the netfilter module related to Network Address Translation NAT and connection tracking conntrack. Specifically, the problem arises when handlin...

firewall-bypass NSE Script

Detects a vulnerability in netfilter and other firewalls that use helpers to dynamically open ports for protocols such as ftp and sip. The script works by spoofing a packet from the target server asking for opening a related connection to a target port which will be fulfilled by the firewall...