Notified: April 23, 2001 Updated: July 12, 2001
Not Affected
Apple Mac OS X does not use IP Masquerading and is not susceptible to this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 12, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 12, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: April 03, 2002
Not Affected
We now have confirmed our original response that HP's IPFilter/9000 is NOT vulnerable to this security hole. HP's IPFilter/9000 is not in the core OS. So filtering and nat functionality is not part of the TCP/IP streams stack.
The vendor has not provided us with any further information regarding this vulnerability.
Hewlett Packard has reported that HP Secure OS Software for Linux (Trusted Linux) is not vulnerable since it is based on the 2.4 kernel.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: April 03, 2002
Affected
Conectiva released Conectiva Linux Security Announcement CLSA-2000:72 (Portuguese) on 2000-06-08.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 12, 2001
Not Affected
Solaris does not have this functionality and isn't vulnerable.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: April 02, 2002
Affected
-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: kernel < 2.2.15
Date: Wed, 17 May 2000 18:24:50 GMT Affected SuSE versions: 6.1 - 6.4
Vulnerability Type: bypass ipchains filter rules
denial of service
SuSE default package: yes
Other affected systems: all linux versions using kernel 2.2.x and
several stateful firewall packages A security hole was discovered in the package mentioned above. Please update as soon as possible or disable the service if you are using
this software on your SuSE Linux installation(s). Other Linux distributions or operating systems might be affected as
well, please contact your vendor for information about this issue. Please note that we provide this information on an "as-is" basis only. There is no warranty whatsoever and no liability for any direct, indirect or
incidental damage arising from this information or the installation of
the update package. 1. Problem Description The masquerading feature in the Linux kernel has got a vulnerability in
the udp and ftp masquerading code which allows arbitary backward
connections to be opened. Some denial of service were found. 2. Impact Remote users may bypass ipchains filter rules protecting the internal
network. Users can crash the machine. 3. Solution Update the package from our FTP server. Please note that we provide a patched 2.2.14 kernel to ensure stability
and not the 2.2.15 kernel. Please verify these md5 checksums of the updates before installing: (NOTE: the 6.4 updates fit 6.1 to 6.3 as well) 765e268875a7716f681c14389a1c9b9b ftp://ftp.suse.com/pub/suse/i386/update/6.4/kernel/k_deflt.rpm
be6ee213f0cafd4dac5c51a2a8d100f0 ftp://ftp.suse.com/pub/suse/i386/update/6.4/kernel/k_eide.rpm
b900eb9f47c94df5cc15721e5f96a58e ftp://ftp.suse.com/pub/suse/i386/update/6.4/kernel/k_i386.rpm
37deca6ee856c3242a13c2a24f32fc7f ftp://ftp.suse.com/pub/suse/i386/update/6.4/d1/lx_suse-2.2.14.SuSE-24.i386.rpm You can find updates on our ftp-Server: ftp://ftp.suse.com/pub/suse/i386/update for Intel processors
ftp://ftp.suse.com/pub/suse/axp/update for Alpha processors or try the following web pages for a list of mirrors: http://www.suse.de/ftp.html
http://www.suse.com/ftp_new.html Our webpage for patches: http://www.suse.de/patches/index.html Our webpage for security announcements: http://www.suse.de/security If you want to report vulnerabilities, please contact
security@suse.de SuSE has got two free security mailing list services to which any
interested party may subscribe: suse-security@suse.com - moderated and for general/linux/SuSE
security discussions. All SuSE security
announcements are sent to this list. suse-security-announce@suse.com - SuSE's announce-only mailing list. Only SuSE's security annoucements are sent
to this list. To subscribe to the list, send a message to:
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: April 02, 2002
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Based on Linux kernel source code from The Linux Kernel Archives:
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: April 23, 2001 Updated: July 16, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.