7.5

CVE-2002-0704

The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.4.4 <= 2.4.18
LinuxLinux Kernel Version2.4.19 Updatepre1
LinuxLinux Kernel Version2.4.19 Updatepre2
LinuxLinux Kernel Version2.4.19 Updatepre3
LinuxLinux Kernel Version2.4.19 Updatepre4
LinuxLinux Kernel Version2.4.19 Updatepre5
LinuxLinux Kernel Version2.4.19 Updatepre6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.24% 0.867
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer

The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors.

http://marc.info/?l=bugtraq&m=102088521517722&w=2
Mailing List
http://online.securityfocus.com/advisories/4116
Third Party Advisory
Broken Link
VDB Entry
http://www.iss.net/security_center/static/9043.php
Patch
Vendor Advisory
Broken Link
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-030.php
Broken Link
http://www.redhat.com/support/errata/RHSA-2002-086.html
Patch
Vendor Advisory
Broken Link
http://www.securityfocus.com/bid/4699
Patch
Third Party Advisory
Vendor Advisory
Broken Link
VDB Entry