Search
Find a vulnerability
Search criteria
10 vulnerabilities by darren_reed
CVE-2009-1476 (GCVE-0-2009-1476)
Vulnerability from nvd – Published: 2009-05-26 15:16 – Updated: 2024-08-07 05:13
VLAI
Summary
Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows local users to gain privileges via vectors involving a long hostname in a URL.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/35076 | vdb-entryx_refsource_BID |
| http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/… | x_refsource_CONFIRM |
| http://www.securitytracker.com/id?1022272 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/… | x_refsource_CONFIRM |
| http://securityreason.com/achievement_securityalert/62 | third-party-advisoryx_refsource_SREASONRES |
Date Public
2009-05-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.568Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35076",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35076"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c"
},
{
"name": "1022272",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022272"
},
{
"name": "ipfilter-loadhttp-bo(50716)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50716"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c.diff?r1=1.1\u0026r2=1.2\u0026f=h"
},
{
"name": "20090522 IPFilter (ippool) 4.1.31 lib/load_http.c buffer overflow",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/62"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows local users to gain privileges via vectors involving a long hostname in a URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35076",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35076"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c"
},
{
"name": "1022272",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022272"
},
{
"name": "ipfilter-loadhttp-bo(50716)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50716"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c.diff?r1=1.1\u0026r2=1.2\u0026f=h"
},
{
"name": "20090522 IPFilter (ippool) 4.1.31 lib/load_http.c buffer overflow",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/62"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows local users to gain privileges via vectors involving a long hostname in a URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35076",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35076"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c"
},
{
"name": "1022272",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022272"
},
{
"name": "ipfilter-loadhttp-bo(50716)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50716"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c.diff?r1=1.1\u0026r2=1.2\u0026f=h",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c.diff?r1=1.1\u0026r2=1.2\u0026f=h"
},
{
"name": "20090522 IPFilter (ippool) 4.1.31 lib/load_http.c buffer overflow",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/62"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1476",
"datePublished": "2009-05-26T15:16:00.000Z",
"dateReserved": "2009-04-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:13:25.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1978 (GCVE-0-2002-1978)
Vulnerability from nvd – Published: 2005-06-28 04:00 – Updated: 2024-08-08 03:43
VLAI
Summary
IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/10409.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/6010 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1005442 | vdb-entryx_refsource_SECTRACK |
| http://www.kb.cert.org/vuls/id/328867 | third-party-advisoryx_refsource_CERT-VN |
| ftp://ftp.netbsd.org/pub/NetBSD/security/advisori… | vendor-advisoryx_refsource_NETBSD |
Date Public
2002-10-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:33.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ip-filter-bypass-firewall(10409)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10409.php"
},
{
"name": "6010",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6010"
},
{
"name": "1005442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1005442"
},
{
"name": "VU#328867",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/328867"
},
{
"name": "NetBSD-SA2002-024",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-024.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-04-03T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ip-filter-bypass-firewall(10409)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10409.php"
},
{
"name": "6010",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6010"
},
{
"name": "1005442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1005442"
},
{
"name": "VU#328867",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/328867"
},
{
"name": "NetBSD-SA2002-024",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-024.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1978",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ip-filter-bypass-firewall(10409)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10409.php"
},
{
"name": "6010",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6010"
},
{
"name": "1005442",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1005442"
},
{
"name": "VU#328867",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/328867"
},
{
"name": "NetBSD-SA2002-024",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-024.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1978",
"datePublished": "2005-06-28T04:00:00.000Z",
"dateReserved": "2005-06-29T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:43:33.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0402 (GCVE-0-2001-0402)
Vulnerability from nvd – Published: 2001-09-18 04:00 – Updated: 2024-08-08 04:21
VLAI
Summary
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/freebsd/20… | vendor-advisoryx_refsource_FREEBSD |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://marc.info/?l=bugtraq&m=98679734015538&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2001-04-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:21:38.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-01:32",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0338.html"
},
{
"name": "ipfilter-access-ports(6331)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6331"
},
{
"name": "20010408 A fragmentation attack against IP Filter",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98679734015538\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-01:32",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0338.html"
},
{
"name": "ipfilter-access-ports(6331)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6331"
},
{
"name": "20010408 A fragmentation attack against IP Filter",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98679734015538\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0402",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-01:32",
"refsource": "FREEBSD",
"url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0338.html"
},
{
"name": "ipfilter-access-ports(6331)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6331"
},
{
"name": "20010408 A fragmentation attack against IP Filter",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98679734015538\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0402",
"datePublished": "2001-09-18T04:00:00.000Z",
"dateReserved": "2001-05-24T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:21:38.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0553 (GCVE-0-2000-0553)
Vulnerability from nvd – Published: 2000-10-13 04:00 – Updated: 2024-08-08 05:21
VLAI
Summary
Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping "return-rst" and "keep state" rules, allows remote attackers to bypass access restrictions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/1308 | vdb-entryx_refsource_BID |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/1377 | vdb-entryx_refsource_OSVDB |
Date Public
2000-05-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ipfilter-firewall-race-condition(4994)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4994"
},
{
"name": "1308",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1308"
},
{
"name": "20000525 Security Vulnerability in IPFilter 3.3.15 and 3.4.3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0326.html"
},
{
"name": "1377",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1377"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping \"return-rst\" and \"keep state\" rules, allows remote attackers to bypass access restrictions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ipfilter-firewall-race-condition(4994)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4994"
},
{
"name": "1308",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1308"
},
{
"name": "20000525 Security Vulnerability in IPFilter 3.3.15 and 3.4.3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0326.html"
},
{
"name": "1377",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1377"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping \"return-rst\" and \"keep state\" rules, allows remote attackers to bypass access restrictions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ipfilter-firewall-race-condition(4994)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4994"
},
{
"name": "1308",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1308"
},
{
"name": "20000525 Security Vulnerability in IPFilter 3.3.15 and 3.4.3",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0326.html"
},
{
"name": "1377",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1377"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0553",
"datePublished": "2000-10-13T04:00:00.000Z",
"dateReserved": "2000-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-08T05:21:31.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1244 (GCVE-0-1999-1244)
Vulnerability from nvd – Published: 2001-09-12 04:00 – Updated: 2024-08-01 17:02
VLAI
Summary
IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/13303 | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
1999-04-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990415 FSA-99.04-IPFILTER-v3.2.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/13303"
},
{
"name": "ipfilter-temp-file(2087)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2087"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-04-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990415 FSA-99.04-IPFILTER-v3.2.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/13303"
},
{
"name": "ipfilter-temp-file(2087)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2087"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990415 FSA-99.04-IPFILTER-v3.2.10",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/13303"
},
{
"name": "ipfilter-temp-file(2087)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2087"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1244",
"datePublished": "2001-09-12T04:00:00.000Z",
"dateReserved": "2001-08-31T00:00:00.000Z",
"dateUpdated": "2024-08-01T17:02:53.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1476 (GCVE-0-2009-1476)
Vulnerability from cvelistv5 – Published: 2009-05-26 15:16 – Updated: 2024-08-07 05:13
VLAI
Summary
Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows local users to gain privileges via vectors involving a long hostname in a URL.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/35076 | vdb-entryx_refsource_BID |
| http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/… | x_refsource_CONFIRM |
| http://www.securitytracker.com/id?1022272 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/… | x_refsource_CONFIRM |
| http://securityreason.com/achievement_securityalert/62 | third-party-advisoryx_refsource_SREASONRES |
Date Public
2009-05-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.568Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35076",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35076"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c"
},
{
"name": "1022272",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022272"
},
{
"name": "ipfilter-loadhttp-bo(50716)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50716"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c.diff?r1=1.1\u0026r2=1.2\u0026f=h"
},
{
"name": "20090522 IPFilter (ippool) 4.1.31 lib/load_http.c buffer overflow",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/62"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows local users to gain privileges via vectors involving a long hostname in a URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35076",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35076"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c"
},
{
"name": "1022272",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022272"
},
{
"name": "ipfilter-loadhttp-bo(50716)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50716"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c.diff?r1=1.1\u0026r2=1.2\u0026f=h"
},
{
"name": "20090522 IPFilter (ippool) 4.1.31 lib/load_http.c buffer overflow",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/62"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows local users to gain privileges via vectors involving a long hostname in a URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35076",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35076"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c"
},
{
"name": "1022272",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022272"
},
{
"name": "ipfilter-loadhttp-bo(50716)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50716"
},
{
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c.diff?r1=1.1\u0026r2=1.2\u0026f=h",
"refsource": "CONFIRM",
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/dist/ipf/lib/load_http.c.diff?r1=1.1\u0026r2=1.2\u0026f=h"
},
{
"name": "20090522 IPFilter (ippool) 4.1.31 lib/load_http.c buffer overflow",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/62"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1476",
"datePublished": "2009-05-26T15:16:00.000Z",
"dateReserved": "2009-04-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:13:25.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1978 (GCVE-0-2002-1978)
Vulnerability from cvelistv5 – Published: 2005-06-28 04:00 – Updated: 2024-08-08 03:43
VLAI
Summary
IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/10409.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/6010 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1005442 | vdb-entryx_refsource_SECTRACK |
| http://www.kb.cert.org/vuls/id/328867 | third-party-advisoryx_refsource_CERT-VN |
| ftp://ftp.netbsd.org/pub/NetBSD/security/advisori… | vendor-advisoryx_refsource_NETBSD |
Date Public
2002-10-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:33.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ip-filter-bypass-firewall(10409)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10409.php"
},
{
"name": "6010",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6010"
},
{
"name": "1005442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1005442"
},
{
"name": "VU#328867",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/328867"
},
{
"name": "NetBSD-SA2002-024",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-024.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-04-03T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ip-filter-bypass-firewall(10409)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10409.php"
},
{
"name": "6010",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6010"
},
{
"name": "1005442",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1005442"
},
{
"name": "VU#328867",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/328867"
},
{
"name": "NetBSD-SA2002-024",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-024.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1978",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ip-filter-bypass-firewall(10409)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10409.php"
},
{
"name": "6010",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6010"
},
{
"name": "1005442",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1005442"
},
{
"name": "VU#328867",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/328867"
},
{
"name": "NetBSD-SA2002-024",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-024.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1978",
"datePublished": "2005-06-28T04:00:00.000Z",
"dateReserved": "2005-06-29T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:43:33.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0402 (GCVE-0-2001-0402)
Vulnerability from cvelistv5 – Published: 2001-09-18 04:00 – Updated: 2024-08-08 04:21
VLAI
Summary
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/freebsd/20… | vendor-advisoryx_refsource_FREEBSD |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://marc.info/?l=bugtraq&m=98679734015538&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2001-04-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:21:38.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-01:32",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0338.html"
},
{
"name": "ipfilter-access-ports(6331)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6331"
},
{
"name": "20010408 A fragmentation attack against IP Filter",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98679734015538\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-01:32",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0338.html"
},
{
"name": "ipfilter-access-ports(6331)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6331"
},
{
"name": "20010408 A fragmentation attack against IP Filter",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98679734015538\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0402",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-01:32",
"refsource": "FREEBSD",
"url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0338.html"
},
{
"name": "ipfilter-access-ports(6331)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6331"
},
{
"name": "20010408 A fragmentation attack against IP Filter",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98679734015538\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0402",
"datePublished": "2001-09-18T04:00:00.000Z",
"dateReserved": "2001-05-24T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:21:38.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1244 (GCVE-0-1999-1244)
Vulnerability from cvelistv5 – Published: 2001-09-12 04:00 – Updated: 2024-08-01 17:02
VLAI
Summary
IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/13303 | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
1999-04-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990415 FSA-99.04-IPFILTER-v3.2.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/13303"
},
{
"name": "ipfilter-temp-file(2087)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2087"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-04-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990415 FSA-99.04-IPFILTER-v3.2.10",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/13303"
},
{
"name": "ipfilter-temp-file(2087)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2087"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990415 FSA-99.04-IPFILTER-v3.2.10",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/13303"
},
{
"name": "ipfilter-temp-file(2087)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2087"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1244",
"datePublished": "2001-09-12T04:00:00.000Z",
"dateReserved": "2001-08-31T00:00:00.000Z",
"dateUpdated": "2024-08-01T17:02:53.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0553 (GCVE-0-2000-0553)
Vulnerability from cvelistv5 – Published: 2000-10-13 04:00 – Updated: 2024-08-08 05:21
VLAI
Summary
Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping "return-rst" and "keep state" rules, allows remote attackers to bypass access restrictions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/1308 | vdb-entryx_refsource_BID |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/1377 | vdb-entryx_refsource_OSVDB |
Date Public
2000-05-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ipfilter-firewall-race-condition(4994)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4994"
},
{
"name": "1308",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1308"
},
{
"name": "20000525 Security Vulnerability in IPFilter 3.3.15 and 3.4.3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0326.html"
},
{
"name": "1377",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1377"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping \"return-rst\" and \"keep state\" rules, allows remote attackers to bypass access restrictions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ipfilter-firewall-race-condition(4994)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4994"
},
{
"name": "1308",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1308"
},
{
"name": "20000525 Security Vulnerability in IPFilter 3.3.15 and 3.4.3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0326.html"
},
{
"name": "1377",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1377"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping \"return-rst\" and \"keep state\" rules, allows remote attackers to bypass access restrictions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ipfilter-firewall-race-condition(4994)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4994"
},
{
"name": "1308",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1308"
},
{
"name": "20000525 Security Vulnerability in IPFilter 3.3.15 and 3.4.3",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0326.html"
},
{
"name": "1377",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1377"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0553",
"datePublished": "2000-10-13T04:00:00.000Z",
"dateReserved": "2000-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-08T05:21:31.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}