Description
ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an established connection.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Aragon Gouveia · textremotefreebsd
https://www.exploit-db.com/exploits/20593
References (6)
Core 6
Core References
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/2293
Third Party Advisory, US Government Resource third-party-advisory
government-resource
x_refsource_ciac
http://www.ciac.org/ciac/bulletins/l-029.shtml
Various Sources mailing-list
x_refsource_bugtraq
http://www.security-express.com/archives/bugtraq/2001-01/0424.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/5998
Patch, Vendor Advisory vendor-advisory
x_refsource_freebsd
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:08.ipfw.asc
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/1743
Scores
EPSS
0.0891
EPSS Percentile
92.7%
Details
Status
published
Products (10)
freebsd/freebsd
3.0
freebsd/freebsd
3.1
freebsd/freebsd
3.3
freebsd/freebsd
3.4
freebsd/freebsd
3.5
freebsd/freebsd
3.5.1
freebsd/freebsd
4.0 (2 CPE variants)
freebsd/freebsd
4.1
freebsd/freebsd
4.1.1
freebsd/freebsd
4.2
Published
Mar 26, 2001
Tracked Since
Feb 18, 2026