Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IPFilter 3.4.25 and earlier sets a different TTL when a port is being filtered than when it is not being filtered, which allows remote attackers to identify filtered ports by comparing TTLs.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IPFilter可用TTL字段值识别漏洞
Vulnerability Description
IPFilter是一款免费的开放源代码的防火墙程序,由Darren Reed编写,可使用在多种Unix和Linux操作系统平台下。 IPFilter在应答请求的处理上存在问题,可导致攻击者收集防火墙设置规则信息。 攻击者可以通过连接由Ipfilter过滤的TCP口提交请求,IPFilter会返回一个RST信息包,凭此可判断过滤和未过滤的端口信息。如果一个端口由Ipfilter过滤会返回TTL值设置为60的RST包,而没有过滤的由操作系统返回的是带有默认TTL值的RST包。
CVSS Information
N/A
Vulnerability Type
N/A