Linux Kernel 2.0.18/2.2.18 IP Masquerading ip_masq_ir privileges management
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.1 | $0-$5k | 0.00 |
A vulnerability classified as critical has been found in Linux Kernel 2.0.18/2.2.18 (Operating System). Affected is the function ip_masq_ir of the component IP Masquerading Handler. The manipulation with an unknown input leads to a privileges management vulnerability. CWE is classifying the issue as CWE-269. The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:
IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid request and allow the connection to the port specified in the DCC SEND request.
The weakness was published 07/31/2001 by Michal Zalewski (Website). The advisory is shared for download at razor.bindview.com. This vulnerability is traded as CVE-2001-1056. The exploitability is told to be easy. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. There are known technical details, but no exploit is available. The MITRE ATT&CK project declares the attack technique as T1068.
After immediately, there has been an exploit disclosed.
It is possible to mitigate the weakness by firewalling 6667.
The vulnerability is also documented in the vulnerability database at X-Force (6923).
Product
Type
Vendor
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.3VulDB Meta Temp Score: 7.1
VulDB Base Score: 7.3
VulDB Temp Score: 7.1
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Privileges managementCWE: CWE-269 / CWE-266
CAPEC: 🔍
ATT&CK: 🔍
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: FirewallStatus: 🔍
Exploit Delay Time: 🔍
Firewalling: 🔍
Timeline
07/30/2001 🔍07/30/2001 🔍
07/31/2001 🔍
07/31/2001 🔍
02/21/2003 🔍
07/07/2014 🔍
04/13/2019 🔍
Sources
Vendor: kernel.orgAdvisory: razor.bindview.com
Researcher: Michal Zalewski
Status: Not defined
CVE: CVE-2001-1056 (🔍)
X-Force: 6923
SecurityFocus: 3117 - Linux IRC IP Masquerading Module Arbitrary Firewall Rule Insertion Vulnerability
OSVDB: 1916 - Linux IRC IP Masquerading Module Firewall Bypass
Entry
Created: 07/07/2014 16:51Updated: 04/13/2019 17:06
Changes: 07/07/2014 16:51 (55), 04/13/2019 17:06 (5)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.