Linux IRC IP Masquerading Module Arbitrary Firewall Rule Insertion Vulnerability

The Linux 'ip_masq_irc' IP masquerading module is used to inspect IRC protocol data and interpret DCC file transfer requests. The module dynamically opens and maps ports for IRC data transfers.

The module contains a vulnerability that may allow a remote attacker to insert malicious rules into the firewall. This could allow an attacker to create a condition where a connection can be established to any host and port behind the firewall, bypassing its rules.


 

Privacy Statement
Copyright 2010, SecurityFocus