Описание
TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) set, which was not correctly discarded by the Linux TCP stack after firewalling.
Ссылки
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- ExploitMailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryUS Government Resource
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- ExploitMailing ListThird Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.4.20 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04663
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 7.5
ubuntu
около 4 лет назад
firewalls might let some TCP flags combinations pass (e.g. all with RST flag set) and the OS (e.g. Linux) stack would in turn accept a TCP session it might not have accepted otherwise.
CVSS3: 7.5
github
около 3 лет назад
TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) set, which was not correctly discarded by the Linux TCP stack after firewalling.
EPSS
Процентиль: 89%
0.04663
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-287