Bug 36820 - Security flaw in Linux 2.4 IPTables using FTP port
Security flaw in Linux 2.4 IPTables using FTP port
Product: Red Hat Linux
Classification: Retired
Component: kernel (Show other bugs)
i386 Linux
high Severity medium
: ---
: ---
Assigned To: Michael K. Johnson
Brock Organ
: Security
Depends On:
  Show dependency treegraph
Reported: 2001-04-20 09:13 EDT by Rob McMillin
Modified: 2007-03-26 23:43 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-04-20 10:41:52 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Rob McMillin 2001-04-20 09:13:18 EDT
From the website above:

If an attacker can establish an FTP connection passing through a Linux
2.4.x IPTables
firewall with the state options allowing "related" connections (almost 100%
do), he can insert
entries into the firewall's RELATED ruleset table allowing the FTP Server
to connect to any host and port protected by the firewalls rules, including
the firewall itself. 


You probably already have this but I can't find it as a security-level bug
in the kernel. Hope this isn't a duplicate (probably is -- this appeared on
http://www.slashdot.org as a featured story).
Comment 1 Arjan van de Ven 2001-04-20 09:19:42 EDT
This is a known issue and an advisory will be made public any time now (if it
isn't out already). It comes down to: default installs are NOT vulnerable.
Only if you change from ipchains to iptables and then select FTP NAT with the
'related' feature there is a problem. That is a "don't do that then" for now.
Comment 2 Arjan van de Ven 2001-04-26 07:41:16 EDT

has the advisory for a while now; I'm not sure why our own site doesn't show it.

Note You need to log in before you can comment on or make changes to this bug.