Описание
Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before 2.0.17, when MACLIST_TTL is greater than 0 or MACLIST_DISPOSITION is set to ACCEPT, allows remote attackers with an accepted MAC address to bypass other firewall rules or policies.
Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before 2.0.17, when MACLIST_TTL is greater than 0 or MACLIST_DISPOSITION is set to ACCEPT, allows remote attackers with an accepted MAC address to bypass other firewall rules or policies.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-2317
- http://seclists.org/lists/fulldisclosure/2005/Jul/0409.html
- http://secunia.com/advisories/16087
- http://secunia.com/advisories/17110
- http://secunia.com/advisories/17113
- http://shorewall.net/News.htm#20050717
- http://www.debian.org/security/2005/dsa-849
- http://www.gentoo.org/security/en/glsa/glsa-200507-20.xml
- http://www.securityfocus.com/bid/14292
- http://www.ubuntu.com/usn/usn-197-1
EPSS
CVE ID
Связанные уязвимости
Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before 2.0.17, when MACLIST_TTL is greater than 0 or MACLIST_DISPOSITION is set to ACCEPT, allows remote attackers with an accepted MAC address to bypass other firewall rules or policies.
Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before 2.0.17, when MACLIST_TTL is greater than 0 or MACLIST_DISPOSITION is set to ACCEPT, allows remote attackers with an accepted MAC address to bypass other firewall rules or policies.
Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before 2.0 ...
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS