Vulnerability Description
ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.4.0 |
References
- http://archives.neohapsis.com/archives/bugtraq/2001-04/0271.htmlExploitPatchVendor Advisory
- http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-071.php3
- http://www.redhat.com/support/errata/RHSA-2001-052.htmlVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2001-084.html
- http://www.securityfocus.com/bid/2602ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6390
- http://archives.neohapsis.com/archives/bugtraq/2001-04/0271.htmlExploitPatchVendor Advisory
- http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-071.php3
- http://www.redhat.com/support/errata/RHSA-2001-052.htmlVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2001-084.html
- http://www.securityfocus.com/bid/2602ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6390
FAQ
What is CVE-2001-0405?
CVE-2001-0405 is a vulnerability with a CVSS score of 7.5 (HIGH). ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, w...
How severe is CVE-2001-0405?
CVE-2001-0405 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0405?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.