Vulnerabilities > CVE-2002-0515 - Information Exposure Through Discrepancy vulnerability in Phildev Ipfilter 3.4.25

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

phildev

CWE-203

NVD

Published: 2002-08-12

Updated: 2024-02-14

Summary

IPFilter 3.4.25 and earlier sets a different TTL when a port is being filtered than when it is not being filtered, which allows remote attackers to identify filtered ports by comparing TTLs.

Vulnerable Configurations

Part	Description	Count
Application	Phildev Phildev Ipfilter - Phildev Ipfilter 3.4.25	2

Common Weakness Enumeration (CWE)

CWE-203 - Information Exposure Through Discrepancy

References

http://www.iss.net/security_center/static/8738.php
http://www.securityfocus.com/bid/4403
http://www.securityfocus.com/archive/1/265188