CVE Vulnerabilities

CVE-2001-0183

Published: Mar 26, 2001 | Modified: Oct 10, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an established connection.

Affected Software

Name Vendor Start Version End Version
Freebsd Freebsd 3.0 3.0
Freebsd Freebsd 3.1 3.1
Freebsd Freebsd 3.3 3.3
Freebsd Freebsd 3.4 3.4
Freebsd Freebsd 3.5 3.5
Freebsd Freebsd 3.5.1 3.5.1
Freebsd Freebsd 4.0 4.0
Freebsd Freebsd 4.0 4.0
Freebsd Freebsd 4.1 4.1
Freebsd Freebsd 4.1.1 4.1.1
Freebsd Freebsd 4.2 4.2

References