Multiple BSD ipfw / ip6fw ECE Bit Filtering Evasion

This script is Copyright (C) 2004-2014 Andrey I. Zakharov and John Lampe

Synopsis :

Firewalling rules may be circumvented.

Description :

The remote host seems vulnerable to a bug wherein a remote attacker
can circumvent the firewall by setting the ECE bit within the TCP
flags field. At least one firewall (ipfw) is known to exhibit this
sort of behavior.

Known vulnerable systems include all FreeBSD 3.x ,4.x, 3.5-STABLE, and

Solution :

If you are running FreeBSD 3.X, 4.x, 3.5-STABLE, 4.2-STABLE, upgrade
your firewall. If you are not running FreeBSD, contact your firewall
vendor for a patch.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true

Family: Firewalls

Nessus Plugin ID: 12118 (ece_flag.nasl)

Bugtraq ID: 2293

CVE ID: CVE-2001-0183

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now