• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linux Kernel IRC DCC Connection Tracking Module Arbitrary Port Access Vulnerability

Bugtraq ID:	4188
Class:	Design Error
CVE:
Remote:	Yes
Local:	No
Published:	Feb 27 2002 12:00AM
Updated:	Feb 27 2002 12:00AM
Credit:	This vulnerability was announced by Harald Welte <laforge@gnumonks.org> on February 27th, 2002.
Vulnerable:	Linux kernel 2.4.18 pre-7 Linux kernel 2.4.18 pre-6 Linux kernel 2.4.18 pre-5 Linux kernel 2.4.18 pre-4 Linux kernel 2.4.18 pre-3 Linux kernel 2.4.18 pre-2 Linux kernel 2.4.18 pre-1 Linux kernel 2.4.17 Linux kernel 2.4.16 + Sun Cobalt RaQ 550 Linux kernel 2.4.15 Linux kernel 2.4.14 Linux kernel 2.4.9 + RedHat Enterprise Linux AS 2.1 IA64 + RedHat Enterprise Linux AS 2.1 + RedHat Enterprise Linux ES 2.1 IA64 + RedHat Enterprise Linux ES 2.1 + RedHat Enterprise Linux WS 2.1 IA64 + RedHat Enterprise Linux WS 2.1 + RedHat Linux 7.2 ia64 + RedHat Linux 7.2 i386 + RedHat Linux 7.2 alpha + RedHat Linux 7.1 ia64 + RedHat Linux 7.1 i386 + RedHat Linux 7.1 alpha + Sun Linux 5.0.5 + Sun Linux 5.0.3 + Sun Linux 5.0 Linux kernel 2.4.8 + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Linux Mandrake 8.1 + MandrakeSoft Linux Mandrake 8.0
Not Vulnerable:	Linux kernel 2.4.18 pre-8 Linux kernel 2.4.18 + Astaro Security Linux 2.0 23 + Astaro Security Linux 2.0 16 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Linux Mandrake 8.1 + MandrakeSoft Linux Mandrake 8.0 + RedHat Advanced Workstation for the Itanium Processor 2.1 IA64 + RedHat Advanced Workstation for the Itanium Processor 2.1 + RedHat Enterprise Linux AS 2.1 IA64 + RedHat Linux 8.0 + RedHat Linux 7.3 + S.u.S.E. Linux 8.1 + S.u.S.E. Linux 8.0 + S.u.S.E. Linux 7.3 + S.u.S.E. Linux 7.2 + S.u.S.E. Linux 7.1 + S.u.S.E. Linux Connectivity Server + S.u.S.E. Linux Database Server 0 + S.u.S.E. Linux Enterprise Server 8 + S.u.S.E. Linux Enterprise Server 7 + S.u.S.E. Linux Firewall on CD + S.u.S.E. Linux Office Server + S.u.S.E. Linux Openexchange Server + S.u.S.E. Linux Personal 8.2 + S.u.S.E. SuSE eMail Server 3.1 + S.u.S.E. SuSE eMail Server III + Turbolinux Turbolinux Server 8.0 + Turbolinux Turbolinux Server 7.0 + Turbolinux Turbolinux Workstation 8.0 + Turbolinux Turbolinux Workstation 7.0