Vulnerabilities (CVE)

Filtered by vendor Darren Reed Subscribe
Filtered by product Ipfilter
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-1476 1 Darren Reed 1 Ipfilter 2024-11-21 7.2 HIGH N/A
Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows local users to gain privileges via vectors involving a long hostname in a URL.
CVE-2002-1978 1 Darren Reed 1 Ipfilter 2024-11-20 7.5 HIGH N/A
IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.
CVE-2001-0402 3 Darren Reed, Freebsd, Openbsd 3 Ipfilter, Freebsd, Openbsd 2024-11-20 7.5 HIGH N/A
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
CVE-2000-0553 1 Darren Reed 1 Ipfilter 2024-11-20 2.6 LOW N/A
Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping "return-rst" and "keep state" rules, allows remote attackers to bypass access restrictions.
CVE-1999-1244 1 Darren Reed 1 Ipfilter 2024-11-20 7.2 HIGH N/A
IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file.