CVE-2001-0402

IPFilter < 3.4.16 - Remote Access Restriction Bypass via Fragmented Packets

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0402. PoCs published by Thomas Lopatic.

AI-analyzed exploit summary This exploit demonstrates a fragmentation vulnerability in IPFilter, allowing an attacker to bypass firewall rules by manipulating IP fragment caching. It modifies fragrouter 1.6 to send crafted fragments that exploit the decision cache, enabling communication with blocked ports.

Description

IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Thomas Lopatic · textremoteunix
https://www.exploit-db.com/exploits/20730

This exploit demonstrates a fragmentation vulnerability in IPFilter, allowing an attacker to bypass firewall rules by manipulating IP fragment caching. It modifies fragrouter 1.6 to send crafted fragments that exploit the decision cache, enabling communication with blocked ports.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: IPFilter (various Unix systems)
No auth needed
Prerequisites: Access to fragrouter 1.6 · Network access to the target IPFilter firewall
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Patch, Vendor Advisory vendor-advisory x_refsource_freebsd
http://archives.neohapsis.com/archives/freebsd/2001-04/0338.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6331
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=98679734015538&w=2

Scores

EPSS 0.0244
EPSS Percentile 82.4%

Details

Status published
Products (3)
darren_reed/ipfilter < 3.4.16
freebsd/freebsd < 4.1
openbsd/openbsd 2.8
Published Jun 18, 2001
Tracked Since Feb 18, 2026