extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.
References
Link | Resource |
---|---|
http://www.spinics.net/lists/netfilter-devel/msg21248.html | Patch Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=826702 | Issue Tracking Mitigation Patch Third Party Advisory |
Configurations
History
07 Nov 2023, 02:10
Type | Values Removed | Values Added |
---|---|---|
Summary | extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant. |
13 Feb 2023, 00:25
Type | Values Removed | Values Added |
---|---|---|
Summary | extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant. |
01 Feb 2021, 14:12
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=826702 - Issue Tracking, Mitigation, Patch, Third Party Advisory | |
References | (MLIST) http://www.spinics.net/lists/netfilter-devel/msg21248.html - Patch, Third Party Advisory | |
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:netfilter_core_team:iptables:1.4.17:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.4:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.11.1:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.6:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.3.2:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.20:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.12:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.3:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.2:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.18:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.7:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.16.1:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.3.1:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.16.2:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.1:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.15:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.5:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.14:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.16:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.16.3:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.9.1:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.9:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.12.1:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.8:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.0:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.11:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.12.2:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.13:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.10:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:1.4.19.1:*:*:*:*:*:*:* cpe:2.3:a:netfilter_core_team:iptables:*:*:*:*:*:*:*:* |
cpe:2.3:a:netfilter:iptables:*:*:*:*:*:*:*:* |
Information
Published : 2014-02-15 14:57
Updated : 2023-12-10 11:31
NVD link : CVE-2012-2663
Mitre link : CVE-2012-2663
CVE.ORG link : CVE-2012-2663
JSON object : View
Products Affected
netfilter
- iptables
CWE