MidnightBSD

Advisories for darren_reed

CVE-1999-1244 HIGH

IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
darren_reed ipfilter 3.2.9
darren_reed ipfilter 3.2.8
darren_reed ipfilter 3.2.6
darren_reed ipfilter 3.2.10
darren_reed ipfilter 3.2.7
darren_reed ipfilter 3.2.3
darren_reed ipfilter 3.2.4
darren_reed ipfilter 3.2.5
CVE-2000-0553 LOW

Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping "return-rst" and "keep state" rules, allows remote attackers to bypass access restrictions.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
darren_reed ipfilter 3.3.15
darren_reed ipfilter 3.4.3
CVE-2001-0402 HIGH

IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd *
darren_reed ipfilter *
openbsd openbsd 2.8
CVE-2002-1978 HIGH

IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
darren_reed ipfilter 3.4.1
darren_reed ipfilter 3.4.28
darren_reed ipfilter 3.2.22
darren_reed ipfilter 3.3.14
darren_reed ipfilter 3.2.6
darren_reed ipfilter 3.2.10
darren_reed ipfilter 3.3.2
darren_reed ipfilter 3.3.11
darren_reed ipfilter 3.4.18
darren_reed ipfilter 3.3.10
darren_reed ipfilter 3.3.16
darren_reed ipfilter 3.4.22
darren_reed ipfilter 3.3.21
darren_reed ipfilter 3.2.14
darren_reed ipfilter 3.4.16
darren_reed ipfilter 3.4.27
darren_reed ipfilter 3.2.20
darren_reed ipfilter 3.4.20
darren_reed ipfilter 3.3.12
darren_reed ipfilter 3.2.16
darren_reed ipfilter 3.4.10
darren_reed ipfilter 3.2.1
darren_reed ipfilter 3.4.23
darren_reed ipfilter 3.4.12
darren_reed ipfilter 3.4.3
darren_reed ipfilter 3.1.2
darren_reed ipfilter 3.2.3
darren_reed ipfilter 3.2.5
darren_reed ipfilter 3.2.2
darren_reed ipfilter 3.2.9
darren_reed ipfilter 3.1.9
darren_reed ipfilter 3.3.1
darren_reed ipfilter 3.2.17
darren_reed ipfilter 3.4.24
darren_reed ipfilter 3.1.6
darren_reed ipfilter 3.1.7
darren_reed ipfilter 3.3.8
darren_reed ipfilter 3.3.18
darren_reed ipfilter 3.2.7
darren_reed ipfilter 3.2.13
darren_reed ipfilter 3.4.25
darren_reed ipfilter 3.4.5
darren_reed ipfilter 3.1.10
darren_reed ipfilter 3.1.8
darren_reed ipfilter 3.3.5
darren_reed ipfilter 3.3.6
darren_reed ipfilter 3.3.3
darren_reed ipfilter 3.3.19
darren_reed ipfilter 3.4.6
darren_reed ipfilter 3.2.18
darren_reed ipfilter 3.2.11
darren_reed ipfilter 3.3.17
darren_reed ipfilter 3.4.7
darren_reed ipfilter 3.1.3
darren_reed ipfilter 3.2.12
darren_reed ipfilter 3.3.22
darren_reed ipfilter 3.4.15
darren_reed ipfilter 3.4.19
darren_reed ipfilter 3.1.4
darren_reed ipfilter 3.4.26
darren_reed ipfilter 3.4.14
darren_reed ipfilter 3.4.11
darren_reed ipfilter 3.3.20
darren_reed ipfilter 3.2.19
darren_reed ipfilter 3.3.15
darren_reed ipfilter 3.4.17
darren_reed ipfilter 3.1.1
darren_reed ipfilter 3.3.9
darren_reed ipfilter 3.2.4
darren_reed ipfilter 3.4.9
darren_reed ipfilter 3.3.4
darren_reed ipfilter 3.4.8
darren_reed ipfilter 3.2.8
darren_reed ipfilter 3.1.5
darren_reed ipfilter 3.2.15
darren_reed ipfilter 3.3.7
darren_reed ipfilter 3.4.4
darren_reed ipfilter 3.4.2
darren_reed ipfilter 3.2.21
darren_reed ipfilter 3.4.13
darren_reed ipfilter 3.3.13
darren_reed ipfilter 3.4.21