CVE-1999-1018

Linux kernel <2.2.10 - Info Disclosure

Title source: llm

Description

IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0 offsets.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Michal Zalewski · cdoslinux

https://www.exploit-db.com/exploits/19301

View Code ZIP pw:eip

References (2)

[Patch, Vendor Advisory] http://www.securityfocus.com/bid/543

[Mailing List] http://marc.info/?l=bugtraq&m=93312523904591&w=2

Scores

EPSS 0.0323

EPSS Percentile 87.1%

Details

Status published

Products (2)

linux/linux_kernel 2.2.0

linux/linux_kernel < 2.2.10

Published Jul 27, 1999

Tracked Since Feb 18, 2026