IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ipfilter | Darren_reed | * | 3.4.16 (including) |