CVE-2012-2663

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2012-2663
extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://www.spinics.net/lists/netfilter-devel/msg21248.html Patch Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=826702 Issue Tracking Mitigation Patch Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:netfilter:iptables:*:*:*:*:*:*:*:*
History

07 Nov 2023, 02:10

Type Values Removed Values Added
Summary extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant. extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.

13 Feb 2023, 00:25

Type Values Removed Values Added
Summary extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant. extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.

01 Feb 2021, 14:12

Type Values Removed Values Added
References (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=826702 - (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=826702 - Issue Tracking, Mitigation, Patch, Third Party Advisory
References (MLIST) http://www.spinics.net/lists/netfilter-devel/msg21248.html - (MLIST) http://www.spinics.net/lists/netfilter-devel/msg21248.html - Patch, Third Party Advisory
CWE CWE-20 NVD-CWE-noinfo
CPE cpe:2.3:a:netfilter_core_team:iptables:1.4.19:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.17:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.11.1:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.20:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.12:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.18:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.16.1:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.3.1:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.16.2:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.15:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.14:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.16:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.16.3:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.9.1:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.9:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.12.1:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.11:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.12.2:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.13:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.10:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:1.4.19.1:*:*:*:*:*:*:*
cpe:2.3:a:netfilter_core_team:iptables:*:*:*:*:*:*:*:*		 cpe:2.3:a:netfilter:iptables:*:*:*:*:*:*:*:*
Information

Published : 2014-02-15 14:57

Updated : 2023-12-10 11:31

NVD link : CVE-2012-2663

Mitre link : CVE-2012-2663

CVE.ORG link : CVE-2012-2663

JSON object : View

Products Affected

netfilter

  • iptables
CWE
NVD-CWE-noinfo