← CVECheck
HomeVulnerabilities

CVE-2001-0402 — HIGH severity vulnerability (IPFilter 3.4.16 and earlier does not include sufficient sess)

IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.

CVE IDCVE-2001-0402
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-06-18
Last modified2026-04-16
DescriptionIPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →