3 matches found
SUSE CVE-2011-1927
The ipexpire function in net/ipv4/ipfragment.c in the Linux kernel before 2.6.39 does not properly construct ICMPTIMEEXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service invalid pointer dereference via crafted fragmented packets...
firewalk NSE Script
Tries to discover firewall rules using an IP TTL expiration technique known as firewalking. To determine a rule on a given gateway, the scanner sends a probe to a metric located behind the gateway, with a TTL one higher than the gateway. If the probe is forwarded by the gateway, then we can expec...
CVE-2008-5849
CVE-2008-5849 affects Check Point VPN-1 with Port Address Translation (PAT) enabled (notably Check Point VPN-1 R55 and R65). The issue is information disclosure: an attacker can remotely send a crafted packet to the firewall management port (18264/tcp) and trigger an ICMP TIMXCEED_INTRANS respons...