TCP/IP SYN+FIN Packet Filtering Weakness

This script is Copyright (C) 2003-2012 Tenable Network Security, Inc.


Synopsis :

It may be possible to bypass firewall rules.

Description :

The remote host does not discard TCP SYN packets that have
the FIN flag set.

Depending on the kind of firewall you are using, an attacker
may use this flaw to bypass its rules.

See also :

http://archives.neohapsis.com/archives/bugtraq/2002-10/0266.html

Solution :

Contact your vendor for a patch.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.3
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: Firewalls

Nessus Plugin ID: 11618 ()

Bugtraq ID: 7487

CVE ID: