Vendor
Netfilter
Products
2
CVEs
4
Across products
4
Status
Private
Products
2- 3 CVEs
- 1 CVE
Recent CVEs
4| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-6496 | 0.00 | — | 0.03 | Aug 24, 2015 | conntrackd in conntrack-tools 1.4.2 and earlier does not ensure that the optional kernel modules are loaded before using them, which allows remote attackers to cause a denial of service (crash) via a (1) DCCP, (2) SCTP, or (3) ICMPv6 packet. | ||
| CVE-2012-2663 | 0.00 | — | 0.00 | Feb 15, 2014 | extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant. | ||
| CVE-2001-1387 | 0.00 | — | 0.00 | Nov 5, 2001 | iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "--reject-with tcp-reset," which causes iptables to generate different responses than specified by the administrator, possibly leading to an information leak. | ||
| CVE-2001-1388 | 0.00 | — | 0.00 | Nov 5, 2001 | iptables before 1.2.4 does not accurately convert rate limits that are specified on the command line, which could allow attackers or users to generate more or less traffic than intended by the administrator. |