5

CVE-2004-2252

The firewall in Astaro Security Linux before 4.024 sends responses to SYN-FIN packets, which makes it easier for remote attackers to obtain information about the system and construct specialized attacks.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SophosAstaro Security Linux Version < 4.024
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.19% 0.896
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-203 Observable Discrepancy

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

http://secunia.com/advisories/13089
Patch
Vendor Advisory
Broken Link
http://securitytracker.com/id?1012065
Third Party Advisory
Broken Link
VDB Entry
http://www.astaro.org/showflat.php?Cat=&Number=51459&page=0&view=collapsed&sb=5&o=&fpart=1#51459
Patch
Broken Link
http://www.osvdb.org/11407
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/17960
Third Party Advisory
VDB Entry