Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows local users to gain privileges via vectors involving a long hostname in a URL.
Max CVSS
7.2
EPSS Score
0.04%
Published
2009-05-26
Updated
2017-08-17
IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.
Max CVSS
7.5
EPSS Score
0.63%
Published
2002-12-31
Updated
2009-04-03
IPFilter 3.4.25 and earlier sets a different TTL when a port is being filtered than when it is not being filtered, which allows remote attackers to identify filtered ports by comparing TTLs.
Max CVSS
5.0
EPSS Score
0.67%
Published
2002-08-12
Updated
2008-09-05
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
Max CVSS
7.5
EPSS Score
2.58%
Published
2001-06-18
Updated
2017-10-10
Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping "return-rst" and "keep state" rules, allows remote attackers to bypass access restrictions.
Max CVSS
2.6
EPSS Score
0.33%
Published
2000-05-26
Updated
2017-10-10
IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file.
Max CVSS
7.2
EPSS Score
0.05%
Published
1999-04-15
Updated
2017-12-19
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!