CVE-2001-0405

IPTables <2.4 - Open Redirect

Title source: llm

Description

ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Cristiano Lincoln Mattos · perlremotelinux

https://www.exploit-db.com/exploits/20765

View Code ZIP pw:eip

References (6)

[Exploit, Patch, Vendor Advisory] http://archives.neohapsis.com/archives/bugtraq/2001-04/0271.html

[Various Sources] http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-071.php3

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2001-052.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2001-084.html

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/2602

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/6390

Scores

EPSS 0.1430

EPSS Percentile 94.3%

Classification

Status draft

Affected Products (5)

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

Timeline

Published Jul 02, 2001

Tracked Since Feb 18, 2026