CVE-2001-0405

IPTables <2.4 - Open Redirect

Title source: llm

Description

ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Cristiano Lincoln Mattos · perlremotelinux

https://www.exploit-db.com/exploits/20765

View Code ZIP pw:eip

References (6)

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2001-084.html

[Exploit, Patch, Vendor Advisory] http://archives.neohapsis.com/archives/bugtraq/2001-04/0271.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2001-052.html

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/2602

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/6390

[Various Sources] http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-071.php3

Scores

EPSS 0.1430

EPSS Percentile 94.4%

Details

Status published

Products (4)

linux/linux_kernel 2.4.0 (2 CPE variants)

linux/linux_kernel 2.4.1

linux/linux_kernel 2.4.2

linux/linux_kernel 2.4.3

Published Jul 02, 2001

Tracked Since Feb 18, 2026