Vulnerability Details : CVE-2001-1387
iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "--reject-with tcp-reset," which causes iptables to generate different responses than specified by the administrator, possibly leading to an information leak.
Vulnerability category: Information leak
Exploit prediction scoring system (EPSS) score for CVE-2001-1387
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2001-1387
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST |
CWE ids for CVE-2001-1387
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2001-1387
-
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=50500
Exploit;Issue Tracking;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2001-144.html
Broken Link
Products affected by CVE-2001-1387
- cpe:2.3:a:netfilter:iptables:*:*:*:*:*:*:*:*