Darren Reed Ipfilter vulnerabilities
5 known vulnerabilities affecting darren_reed/ipfilter.
Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH4LOW1
Vulnerabilities
Page 1 of 1
CVE-2001-0402P4HIGHCVSS 7.5PoC≤ 3.4.162001-06-18
CVE-2001-0402 [HIGH] CVE-2001-0402: IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allo
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
nvd
CVE-2002-1978P4HIGHCVSS 7.5v3.1.1v3.1.2+80 more2002-12-31
CVE-2002-1978 [HIGH] CWE-264 CVE-2002-1978: IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV com
IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.
nvd
CVE-2009-1476P4HIGHCVSS 7.2v4.1.312009-05-26
CVE-2009-1476 [HIGH] CWE-119 CVE-2009-1476: Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows l
Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows local users to gain privileges via vectors involving a long hostname in a URL.
nvd
CVE-1999-1244P4HIGHCVSS 7.2v3.2.3v3.2.4+6 more1999-04-15
CVE-1999-1244 [HIGH] CVE-1999-1244: IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on t
IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file.
nvd
CVE-2000-0553P4LOWCVSS 2.6v3.3.15v3.4.32000-05-26
CVE-2000-0553 [LOW] CVE-2000-0553: Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping "return-rst"
Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping "return-rst" and "keep state" rules, allows remote attackers to bypass access restrictions.
nvd