Mandrake Linux Security Advisory : shorewall (MDKSA-2005:123)

High Nessus Plugin ID 19267


The remote Mandrake Linux host is missing one or more security updates.


A vulnerability was discovered in all versions of shorewall where a client accepted by MAC address filtering is able to bypass any other rule. If MACLIST_TTL is set to a value greater than 0 or MACLIST_DISPOSITION is set to ACCEPT in shorewall.conf, and a client is positively identified through its MAC address, it bypasses all other policies and rules in place, gaining access to all open services on the firewall.

Shorewall 2.0.17 is provided which fixes this issue.


Update the affected shorewall and / or shorewall-doc packages.

See Also

Plugin Details

Severity: High

ID: 19267

File Name: mandrake_MDKSA-2005-123.nasl

Version: $Revision: 1.15 $

Type: local

Published: 2005/07/21

Modified: 2013/05/31

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:shorewall, p-cpe:/a:mandriva:linux:shorewall-doc, cpe:/o:mandrakesoft:mandrake_linux:10.0, cpe:/o:mandrakesoft:mandrake_linux:10.1, x-cpe:/o:mandrakesoft:mandrake_linux:le2005

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2005/07/20

Reference Information

CVE: CVE-2005-2317

MDKSA: 2005:123