7.5

CVE-2002-2438

Exploit
TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) set, which was not correctly discarded by the Linux TCP stack after firewalling.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 2.4.20
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.66% 0.889
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://www.openwall.com/lists/oss-security/2012/02/03/7
Patch
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2012/05/29/8
Patch
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2012/05/30/11
Third Party Advisory
Exploit
Mailing List
http://www.openwall.com/lists/oss-security/2012/05/30/2
Patch
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2012/05/31/3
Patch
Third Party Advisory
Mailing List
https://www.kb.cert.org/vuls/id/464113
Third Party Advisory
US Government Resource
https://www.openwall.com/lists/oss-security/2012/02/03/7
Patch
Third Party Advisory
Mailing List