Vulnerability Description
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Darren Reed | Ipfilter | <= 3.4.16 |
| Freebsd | Freebsd | <= 4.1 |
| Openbsd | Openbsd | 2.8 |
References
- http://archives.neohapsis.com/archives/freebsd/2001-04/0338.htmlPatchVendor Advisory
- http://marc.info/?l=bugtraq&m=98679734015538&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6331
- http://archives.neohapsis.com/archives/freebsd/2001-04/0338.htmlPatchVendor Advisory
- http://marc.info/?l=bugtraq&m=98679734015538&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6331
FAQ
What is CVE-2001-0402?
CVE-2001-0402 is a vulnerability with a CVSS score of 7.5 (HIGH). IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port...
How severe is CVE-2001-0402?
CVE-2001-0402 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0402?
Check the references section above for vendor advisories and patch information. Affected products include: Darren Reed Ipfilter, Freebsd Freebsd, Openbsd Openbsd.