← back
CVE-2001-0402

CVE-2001-0402

EPSS 2.4%
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/20730unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/freebsd/2001-04/0338.htmlhttp://marc.info/?l=bugtraq&m=98679734015538&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/6331