IPFilter 3.4.16 and previous versions does not include sufficient session information in its cache, which allows remote malicious users to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
darren reed ipfilter |
||
freebsd freebsd |
||
openbsd openbsd 2.8 |