CVE-2001-0402
IPFilter < 3.4.16 - Remote Access Restriction Bypass via Fragmented Packets
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2001-0402. PoCs published by Thomas Lopatic.
AI-analyzed exploit summary This exploit demonstrates a fragmentation vulnerability in IPFilter, allowing an attacker to bypass firewall rules by manipulating IP fragment caching. It modifies fragrouter 1.6 to send crafted fragments that exploit the decision cache, enabling communication with blocked ports.
Description
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
Exploits (1)
This exploit demonstrates a fragmentation vulnerability in IPFilter, allowing an attacker to bypass firewall rules by manipulating IP fragment caching. It modifies fragrouter 1.6 to send crafted fragments that exploit the decision cache, enabling communication with blocked ports.