CVE-2003-0080 - The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not include any rules in the FORWARD

CVE-2003-0080

Summary

The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not include any rules in the FORWARD chain, which could allow attackers to bypass intended access restrictions if packet forwarding is enabled.

References

http://www.osvdb.org/4400
http://www.redhat.com/support/errata/RHSA-2003-072.html
http://www.securityfocus.com/bid/7128
https://exchange.xforce.ibmcloud.com/vulnerabilities/11552

Vulnerable Configurations

cpe:2.3:a:gnome:gnome-lokkit:0.50_21:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-lokkit:0.50_21:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 11-07-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

redhat via4

advisories

rhsa

id	RHSA-2003:072

refmap via4

bid	7128
osvdb	4400
xf	gnomelokkit-forward-bypass-firewall(11552)

Last major update

11-07-2017 - 01:29

Published

31-03-2003 - 05:00

Last modified

11-07-2017 - 01:29