CVE-2001-0405
published 2001-07-02CVE-2001-0405: ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists…
PriorityP340high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
10.25%
95.1th percentile
ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qphq-fjvj-6855: ip_conntrack_ftp in the IPTables firewall for Linux 2
ghsa_unreviewed·2022-04-30
CVE-2001-0405 [HIGH] GHSA-qphq-fjvj-6855: ip_conntrack_ftp in the IPTables firewall for Linux 2
ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall.
Red Hat
security flaw
vendor_redhat·2001-04-16·CVSS 7.5
CVE-2001-0405 [HIGH] security flaw
security flaw
ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall.
Suricata
GPL FTP CWD overflow attempt
suricata·2010-09-23
CVE-1999-0219 GPL FTP CWD overflow attempt
GPL FTP CWD overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL FTP CWD overflow attempt"; flow:established,to_server; content:"CWD"; nocase; isdataat:100,relative; pcre:"/^CWD\s[^\n]{100}/smi"; reference:bugtraq,11069; reference:bugtraq,1227; reference:bugtraq,1690; reference:bugtraq,6869; reference:bugtraq,7251; reference:bugtraq,7950; reference:cve,1999-0219; reference:cve,1999-1058; reference:cve,1999-1510; reference:cve,2000-1035; reference:cve,2000-1194; reference:cve,2001-0781; reference:cve,2002-0126; reference:cve,2002-0405; classtype:attempted-admin; sid:2101919; rev:25; metadata:created_at 2010_09_23, cve CVE_1999_0219, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
http://archives.neohapsis.com/archives/bugtraq/2001-04/0271.htmlhttp://www.linux-mandrake.com/en/security/2001/MDKSA-2001-071.php3http://www.redhat.com/support/errata/RHSA-2001-052.htmlhttp://www.redhat.com/support/errata/RHSA-2001-084.htmlhttp://www.securityfocus.com/bid/2602https://exchange.xforce.ibmcloud.com/vulnerabilities/6390http://archives.neohapsis.com/archives/bugtraq/2001-04/0271.htmlhttp://www.linux-mandrake.com/en/security/2001/MDKSA-2001-071.php3http://www.redhat.com/support/errata/RHSA-2001-052.htmlhttp://www.redhat.com/support/errata/RHSA-2001-084.htmlhttp://www.securityfocus.com/bid/2602https://exchange.xforce.ibmcloud.com/vulnerabilities/6390
2001-07-02
Published