Описание
IPFilter 3.4.25 and earlier sets a different TTL when a port is being filtered than when it is not being filtered, which allows remote attackers to identify filtered ports by comparing TTLs.
Ссылки
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkExploitThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB EntryVendor Advisory
- Broken LinkExploitThird Party AdvisoryVDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.4.25 (включая)
cpe:2.3:a:phildev:ipfilter:*:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.02089
Низкий
5 Medium
CVSS2
Дефекты
CWE-203
Связанные уязвимости
github
больше 3 лет назад
IPFilter 3.4.25 and earlier sets a different TTL when a port is being filtered than when it is not being filtered, which allows remote attackers to identify filtered ports by comparing TTLs.
EPSS
Процентиль: 83%
0.02089
Низкий
5 Medium
CVSS2
Дефекты
CWE-203