Vulnerability Name:

CVE-2002-0060 (CCN-8302)

Assigned:2002-02-27
Published:2002-02-27
Updated:2017-10-10
Summary:IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: BugTraq Mailing List, Wed Feb 27 2002 - 08:02:50 CST
security advisory linux 2.4.x ip_conntrack_irc

Source: MITRE
Type: CNA
CVE-2002-0060

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2002:041

Source: BUGTRAQ
Type: UNKNOWN
20020227 security advisory linux 2.4.x ip_conntrack_irc

Source: VULN-DEV
Type: UNKNOWN
20020227 Fwd: [ANNOUNCE] Security Advisory about IRC DCC connection tracking

Source: CCN
Type: RHSA-2002-028
Updated 2.4 kernel available

Source: CCN
Type: US-CERT VU#230307
Linux kernel netfilter IRC DCC helper module creates overly permissive firewall rules

Source: CERT-VN
Type: US Government Resource
VU#230307

Source: CCN
Type: Netfilter Web site
security/2002-02-25-irc-dcc-mask.body

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.netfilter.org/security/2002-02-25-irc-dcc-mask.html

Source: CCN
Type: OSVDB ID: 5391
Linux Kernel IPTables / Netfilter IRC Connection Tracking Module Firewall Bypass

Source: REDHAT
Type: UNKNOWN
RHSA-2002:028

Source: BID
Type: UNKNOWN
4188

Source: CCN
Type: BID-4188
Linux Kernel IRC DCC Connection Tracking Module Arbitrary Port Access Vulnerability

Source: HP
Type: UNKNOWN
HPSBUX0203-027

Source: XF
Type: UNKNOWN
linux-dcc-port-access(8302)

Source: XF
Type: UNKNOWN
linux-dcc-port-access(8302)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:linux:linux_kernel:*:pre9:*:*:*:*:*:* (Version <= 2.4.18)

    • Configuration CCN 1:
  • cpe:/o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:2.4.18:pre9:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    linux linux kernel * pre9
    linux linux kernel 2.4.18 pre1
    linux linux kernel 2.4.18 pre2
    linux linux kernel 2.4.18 pre3
    linux linux kernel 2.4.18 pre4
    linux linux kernel 2.4.18 pre5
    linux linux kernel 2.4.18 pre6
    linux linux kernel 2.4.18 pre7
    linux linux kernel 2.4.18 pre8
    linux linux kernel 2.4.18 pre9
    redhat linux 7
    redhat linux 7.1
    redhat linux 7.2
    redhat linux 7.3