CVE-2001-0402
published 2001-06-18CVE-2001-0402: IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by…
PriorityP432high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.44%
82.3th percentile
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| darren_reed | ipfilter | <= 3.4.16 | — |
| freebsd | freebsd | <= 4.1 | — |
| openbsd | openbsd | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/freebsd/2001-04/0338.htmlhttp://marc.info/?l=bugtraq&m=98679734015538&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/6331http://archives.neohapsis.com/archives/freebsd/2001-04/0338.htmlhttp://marc.info/?l=bugtraq&m=98679734015538&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/6331
2001-06-18
Published