Vulnerabilities > CVE-2001-1387 - Information Exposure Through Discrepancy vulnerability in Netfilter Iptables

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

netfilter

CWE-203

NVD

Published: 2001-11-05

Updated: 2024-02-14

Summary

iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "--reject-with tcp-reset," which causes iptables to generate different responses than specified by the administrator, possibly leading to an information leak.

Vulnerable Configurations

Part	Description	Count
Application	Netfilter Netfilter Iptables 1.0.0 Netfilter Iptables 1.1.0 Netfilter Iptables 1.1.1 Netfilter Iptables 1.1.2 Netfilter Iptables 1.2.0 Netfilter Iptables 1.2.1 Netfilter Iptables 1.2.1A Netfilter Iptables 1.2.2 Netfilter Iptables 1.2.3	11

Common Weakness Enumeration (CWE)

CWE-203 - Information Exposure Through Discrepancy

Redhat

advisories

rhsa

id	RHSA-2001:144

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Redhat

References