3.4.3

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

high complexity

darren-reed

NVD

Published: 2000-05-26

Updated: 2017-10-10

Summary

Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping "return-rst" and "keep state" rules, allows remote attackers to bypass access restrictions.

Vulnerable Configurations

Part	Description	Count
Application	Darren_Reed Darren Reed Ipfilter 3.3.15 Darren Reed Ipfilter 3.4.3	2

References

http://archives.neohapsis.com/archives/bugtraq/2000-05/0326.html
http://www.osvdb.org/1377
http://www.securityfocus.com/bid/1308
https://exchange.xforce.ibmcloud.com/vulnerabilities/4994