CVE-2002-0704

HIGH

Netfilter <1.2.6a - Info Disclosure

Title source: llm

Description

The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages.

References (6)

[Mailing List] http://marc.info/?l=bugtraq&m=102088521517722&w=2

[Broken Link, Third Party Advisory, VDB Entry] http://online.securityfocus.com/advisories/4116

[Broken Link, Patch, Vendor Advisory] http://www.iss.net/security_center/static/9043.php

[Broken Link] http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-030.php

[Broken Link, Patch, Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2002-086.html

[Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory] http://www.securityfocus.com/bid/4699

Scores

CVSS v3 7.5

EPSS 0.0108

EPSS Percentile 77.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-212

Status draft

Affected Products (7)

linux/linux_kernel < 2.4.18

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

Timeline

Published Jul 26, 2002

Tracked Since Feb 18, 2026