FKIE_CVE-2005-2317

Vulnerability from fkie_nvd - Published: 2005-07-19 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before 2.0.17, when MACLIST_TTL is greater than 0 or MACLIST_DISPOSITION is set to ACCEPT, allows remote attackers with an accepted MAC address to bypass other firewall rules or policies.
References
cve@mitre.orghttp://seclists.org/lists/fulldisclosure/2005/Jul/0409.htmlPatch, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/16087Patch, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/17110
cve@mitre.orghttp://secunia.com/advisories/17113
cve@mitre.orghttp://shorewall.net/News.htm#20050717Patch, Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2005/dsa-849
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200507-20.xml
cve@mitre.orghttp://www.securityfocus.com/bid/14292
cve@mitre.orghttp://www.ubuntu.com/usn/usn-197-1
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/lists/fulldisclosure/2005/Jul/0409.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16087Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17110
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17113
af854a3a-2127-422b-91ae-364da2661108http://shorewall.net/News.htm#20050717Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-849
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200507-20.xml
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/14292
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-197-1
Impacted products
Vendor Product Version
shorewall shorewall 2.0.0
shorewall shorewall 2.0.0a
shorewall shorewall 2.0.0b
shorewall shorewall 2.0.1
shorewall shorewall 2.0.2
shorewall shorewall 2.0.2a
shorewall shorewall 2.0.2b
shorewall shorewall 2.0.2c
shorewall shorewall 2.0.2d
shorewall shorewall 2.0.2e
shorewall shorewall 2.0.2f
shorewall shorewall 2.0.3
shorewall shorewall 2.0.3a
shorewall shorewall 2.0.3b
shorewall shorewall 2.0.3c
shorewall shorewall 2.0.4
shorewall shorewall 2.0.5
shorewall shorewall 2.0.6
shorewall shorewall 2.0.7
shorewall shorewall 2.0.8
shorewall shorewall 2.0.9
shorewall shorewall 2.0.10
shorewall shorewall 2.0.11
shorewall shorewall 2.0.12
shorewall shorewall 2.0.13
shorewall shorewall 2.0.14
shorewall shorewall 2.0.15
shorewall shorewall 2.0.16
shorewall shorewall 2.2.0
shorewall shorewall 2.2.1
shorewall shorewall 2.2.2
shorewall shorewall 2.2.3
shorewall shorewall 2.2.4
shorewall shorewall 2.4.0
shorewall shorewall 2.4.0_rc1
shorewall shorewall 2.4.0_rc2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "70091128-56A5-4C02-B725-1B41345CAF11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E685B64-A5B8-4DBF-944C-B81A0CB00028",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2DC4AB0-6195-4F96-A5E6-7D28D4481FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA3C10C9-AB0C-4CDB-82C2-606FC92799E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "444C2974-82B2-49D9-B6D2-6E6BB19A100B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "62537239-2821-4CF0-AA6E-82FC0B930BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6548FF8-CF63-4D34-A1A7-494BC1AE4116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.2c:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC5BD1C-D56E-4821-BEF3-42C247801F74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.2d:*:*:*:*:*:*:*",
              "matchCriteriaId": "58C47587-030E-4F62-8B5D-DC6199ED6097",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.2e:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A98B9C7-2157-4440-A01E-525A9CAF62DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.2f:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA9C770-4709-471B-9710-06DF0F43A452",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF76A1B4-3B30-408B-9E8D-627BA55B44B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "62DFAFFC-D77C-49DF-ABC8-BF1412EF00D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.3b:*:*:*:*:*:*:*",
              "matchCriteriaId": "59C8CB53-676E-41E2-BB6D-E40D1ACD3F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.3c:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1431560-779E-42A4-A1DB-772D7DE65EE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCFC6E96-EEEC-4BC3-8E9C-8168AC2F5D5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "36D144DD-7D0B-47D3-9E56-68A50ED26A14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D9AB855-4E2B-43C6-AAAE-68CBA8D1ABA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D4CF78-242D-4041-8C3B-15B16EB032D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5109BC69-4BE8-485D-AA12-7C4D2EABCA83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "11E01705-E997-4A0D-BC24-185BE7C1F474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "871F8DD6-8E45-454D-8C0C-BA84D2062C49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF98E55C-A058-4B23-BF34-D3DD0977E0E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D9499C-4C76-42A2-B8B3-041561B4C567",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDF3FD3B-A82A-4225-9434-1411F6B8C9EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6279364-8CCB-4169-94E0-9377FCDB2237",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "4989AB77-E04C-4AD2-B3C3-FFA492F1EAC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF0327D7-489E-44DD-94B1-FC3AFF077A8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "23557434-3D75-4251-97F1-9E4472DDF2F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F735D977-390F-4F84-BD00-180100E268EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF248034-12FF-4500-B106-9B3BC1495214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A21A6C8-3419-41B9-8883-722A156E8DA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5DFA137-145D-4E14-AB14-A0D19D86B4BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBCFDB74-32A2-4D13-A51B-40BACE9A8F4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.4.0_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8362D306-890B-4010-AEC6-A537CE960858",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:shorewall:shorewall:2.4.0_rc2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B2831D9-9B51-452F-88F5-518D72570146",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before 2.0.17, when MACLIST_TTL is greater than 0 or MACLIST_DISPOSITION is set to ACCEPT, allows remote attackers with an accepted MAC address to bypass other firewall rules or policies."
    },
    {
      "lang": "es",
      "value": "Shorewall 2.4.x anteiror a 2.4.1, 2.2.x anteiror a 2.2.5, cuando MACLIST_TTL es mayor que 0 o MACLIST_DIPOSITION se fija en ACCEPT, permite que atacantes remotos con una direcci\u00f3n MAC aceptada se salten otras reglas de firewall."
    }
  ],
  "id": "CVE-2005-2317",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-07-19T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://seclists.org/lists/fulldisclosure/2005/Jul/0409.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16087"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17110"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17113"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://shorewall.net/News.htm#20050717"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2005/dsa-849"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200507-20.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/14292"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-197-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://seclists.org/lists/fulldisclosure/2005/Jul/0409.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17110"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17113"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://shorewall.net/News.htm#20050717"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-849"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200507-20.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/14292"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-197-1"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.