FKIE_CVE-2002-1978

Vulnerability from fkie_nvd - Published: 2002-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.
References
cve@mitre.orgftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-024.txt.asc
cve@mitre.orghttp://securitytracker.com/id?1005442Patch
cve@mitre.orghttp://www.iss.net/security_center/static/10409.phpPatch
cve@mitre.orghttp://www.kb.cert.org/vuls/id/328867US Government Resource
cve@mitre.orghttp://www.securityfocus.com/bid/6010Patch
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-024.txt.asc
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1005442Patch
af854a3a-2127-422b-91ae-364da2661108http://www.iss.net/security_center/static/10409.phpPatch
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/328867US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/6010Patch
Impacted products
Vendor Product Version
darren_reed ipfilter 3.1.1
darren_reed ipfilter 3.1.2
darren_reed ipfilter 3.1.3
darren_reed ipfilter 3.1.4
darren_reed ipfilter 3.1.5
darren_reed ipfilter 3.1.6
darren_reed ipfilter 3.1.7
darren_reed ipfilter 3.1.8
darren_reed ipfilter 3.1.9
darren_reed ipfilter 3.1.10
darren_reed ipfilter 3.2.1
darren_reed ipfilter 3.2.2
darren_reed ipfilter 3.2.3
darren_reed ipfilter 3.2.4
darren_reed ipfilter 3.2.5
darren_reed ipfilter 3.2.6
darren_reed ipfilter 3.2.7
darren_reed ipfilter 3.2.8
darren_reed ipfilter 3.2.9
darren_reed ipfilter 3.2.10
darren_reed ipfilter 3.2.11
darren_reed ipfilter 3.2.12
darren_reed ipfilter 3.2.13
darren_reed ipfilter 3.2.14
darren_reed ipfilter 3.2.15
darren_reed ipfilter 3.2.16
darren_reed ipfilter 3.2.17
darren_reed ipfilter 3.2.18
darren_reed ipfilter 3.2.19
darren_reed ipfilter 3.2.20
darren_reed ipfilter 3.2.21
darren_reed ipfilter 3.2.22
darren_reed ipfilter 3.3.1
darren_reed ipfilter 3.3.2
darren_reed ipfilter 3.3.3
darren_reed ipfilter 3.3.4
darren_reed ipfilter 3.3.5
darren_reed ipfilter 3.3.6
darren_reed ipfilter 3.3.7
darren_reed ipfilter 3.3.8
darren_reed ipfilter 3.3.9
darren_reed ipfilter 3.3.10
darren_reed ipfilter 3.3.11
darren_reed ipfilter 3.3.12
darren_reed ipfilter 3.3.13
darren_reed ipfilter 3.3.14
darren_reed ipfilter 3.3.15
darren_reed ipfilter 3.3.16
darren_reed ipfilter 3.3.17
darren_reed ipfilter 3.3.18
darren_reed ipfilter 3.3.19
darren_reed ipfilter 3.3.20
darren_reed ipfilter 3.3.21
darren_reed ipfilter 3.3.22
darren_reed ipfilter 3.4.1
darren_reed ipfilter 3.4.2
darren_reed ipfilter 3.4.3
darren_reed ipfilter 3.4.4
darren_reed ipfilter 3.4.5
darren_reed ipfilter 3.4.6
darren_reed ipfilter 3.4.7
darren_reed ipfilter 3.4.8
darren_reed ipfilter 3.4.9
darren_reed ipfilter 3.4.10
darren_reed ipfilter 3.4.11
darren_reed ipfilter 3.4.12
darren_reed ipfilter 3.4.13
darren_reed ipfilter 3.4.14
darren_reed ipfilter 3.4.15
darren_reed ipfilter 3.4.16
darren_reed ipfilter 3.4.17
darren_reed ipfilter 3.4.18
darren_reed ipfilter 3.4.19
darren_reed ipfilter 3.4.20
darren_reed ipfilter 3.4.21
darren_reed ipfilter 3.4.22
darren_reed ipfilter 3.4.23
darren_reed ipfilter 3.4.24
darren_reed ipfilter 3.4.25
darren_reed ipfilter 3.4.26
darren_reed ipfilter 3.4.27
darren_reed ipfilter 3.4.28
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26E4A0A0-E3CC-4C42-9BCD-023A76DEB6C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DDDB4A5-D4E5-4316-8986-B794C8C33E4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D9BC89B-FE9D-4B42-AB21-CEB798875FB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D36EF6B7-D2D0-45D0-8930-FD79FA4D3869",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B2E5FF3-518F-450D-BD75-9A4288C6E5B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17D71B7-FD7F-449B-88C6-3910947B711A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "075BB881-9210-4601-8294-50AB7249C715",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A030894F-F327-46BC-A20B-549BC2636DE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D0D5D0-9592-4D53-9BBF-5431B30FADDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "68315B19-7EAB-40F5-9A68-030D45B20153",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0184C1B2-0B35-484C-BDAA-145D06C28828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B582D8D-C784-4617-B9EF-84D8266D1F75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0B3CD7E-742F-43DD-9179-348D345EBCA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B304AA52-CA2E-4BB6-8083-DA23F5E3666B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8651AFB6-AE6B-476E-9040-686E8D3B3E2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D06BB0F-7C38-4D0F-8F1D-DDEA5BA72FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE1C3525-3BA8-4198-9932-394E77290863",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "802826A3-6CF8-4821-A186-6BE979CE536D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADEB76BF-F6DA-47DF-8212-85700E147D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA4E6702-F0F0-42CA-A135-839C09C061E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "19E45505-ED50-4B82-B75E-930B358A9A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "19DA89AA-ADD6-4E9B-BF2F-066533A93EC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E1436E9-742A-4DD9-A1E7-807083F3799E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E48E3505-8D18-461D-B087-D92636359DC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C14D21A-D868-4243-9746-7E83AE69A6AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E4E90D-B36B-4EC2-996A-D2733C65F360",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A77D625-8460-4E4E-A504-E97E37C939B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "19380123-9F42-4F75-8940-EE7C09612500",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C8E384F-10C7-4FD6-B15F-1916DB9DB9F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "D70A9AC2-F6B9-4391-8E5D-218FF1633F01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "882D1996-8DC4-4A6B-A78E-EDEBEA160D83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.2.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8AF3B46-C364-440D-92D5-1CB4136F56EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9FA9F3-6A7F-4546-BF48-771B0105945B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "80037D62-258E-4037-86DC-502BDDD8DB00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E5185D9-640C-4849-A018-C78B66CCE742",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3E4E0B0-995B-4115-BDA5-165B44795AFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD005F7-B67B-481F-BDB3-727CC801BAA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "140AA53E-62B6-48C3-9074-6CEC4F6089FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CA67F7C-3C37-4984-B668-C58B07C121FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C67B056-B6F9-48F7-AB7F-8203EDEC0547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "55497D90-7903-42E8-9C44-57012A8DD9EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4EB3C13-9B23-489E-9784-8340629D2AE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A84FC92-0567-45E3-8355-07A31F82F6EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "5442D120-BB1A-4CBD-BD93-329B10A2EFF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E33DB56-7ED3-4AC5-BDF2-E4385BCADAB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF539F65-7FB4-40C2-8429-E0DA405A4D54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D5F9210-DD20-4D86-B4F0-74F60A263F5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6763EC5-36E6-4E34-9268-F4F7EE1F3B02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "95406641-A7DB-4B9F-9212-7DF4E0EEC578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "34A374CF-7F47-468F-A508-A1BCCB855197",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "D988022E-2F8B-4134-B5BD-B516448B5F45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA7B3A1-17F5-4E63-B3EA-B81C17B20D3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "1459DC62-C5E7-4C77-BA7C-74E6B225E129",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.3.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F5BB252-A315-4835-8336-5E014545E88B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E5454FF-50A2-4930-B20C-F7F640B88F10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F5B869-4CAD-4E68-AAF9-CBE7A833A221",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACB9F76C-D145-4347-9A4C-1BD243AE68FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5A01E8E-3D78-4BC3-9C02-CB03FA957C30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E1D4063-E0DC-4046-9B2A-ED845CE9A0E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9731E97D-9B2A-4763-9D7C-0B0294C4648E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "32108513-D91F-4C99-8EE7-26B1D6C0C295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A71447D-53DF-4CA4-924C-2A7FDFE896C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "587AD4C8-F4B4-4E37-A477-0C29933EF47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2B3061-DA23-4242-98FF-B0C7BFA3AB57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "A72F8D32-9DA4-4EC5-A90B-D1E7D5D7AADA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A59E7EB-2492-4F57-B2DE-5E87BE66D361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E3DD0D4-1A89-40C5-8DE9-DE618DA20ED7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "D70F1AEB-6978-4F52-899C-0995FE51F779",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "59CCC790-E71E-4CCD-AAF5-D7860C8E5190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD56A050-563D-4FB4-9B89-BADFD62ED3B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DE88E2D-FC71-47F8-9BB5-189BFC9D7365",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BD3C01B-2C0C-4FF4-92CC-9495D26CA80C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9822472D-99A3-48E5-A96A-5B9A2B60F0BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53362DF-1BC0-4816-8C0A-E27852DD3AE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A966144-3BD4-4CB8-9FDC-C4028819910E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6907EC5-A0D0-448B-9B67-E1EA99700A07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E0B777F-0870-4B2F-A809-9B232709B892",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "050439CC-D269-4AF2-96D5-3A9D4FA6D5F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F24A9D1-B4C8-4216-9AD5-61572A550185",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ADDA4F6-BCD7-45A7-B46F-132F31E06B7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "391EF94E-1315-4078-9404-28A426AA2687",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:darren_reed:ipfilter:3.4.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA6C86A1-2D96-487E-A494-FC80FC5E7857",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server."
    }
  ],
  "id": "CVE-2002-1978",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-024.txt.asc"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1005442"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.iss.net/security_center/static/10409.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/328867"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/6010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-024.txt.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1005442"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.iss.net/security_center/static/10409.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/328867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/6010"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.