发布时间 :2003-10-06 00:00:00
修订时间 :2008-09-10 15:20:26

[原文]ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attackers to bypass intended filtering.


        ipmasq是一款Linux IP伪装工具,允许多个主机共享单个公共IP地址。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源

- 漏洞信息

高危 配置错误
2003-10-06 00:00:00 2005-10-20 00:00:00
        ipmasq是一款Linux IP伪装工具,允许多个主机共享单个公共IP地址。

- 公告与补丁


- 漏洞信息 (F31686)

DSA-389-1 (PacketStormID:F31686)
2003-09-23 00:00:00

Debian Security Advisory DSA 389-1 - ipmasq below version 3.5.12 creates improper filtering rules that will allow traffic on an external interface to route to an internal host via forwarding.

- --------------------------------------------------------------------------
Debian Security Advisory DSA 389-1                                        Matt Zimmerman
September 20th, 2003          
- --------------------------------------------------------------------------

Package        : ipmasq
Vulnerability  : insecure packet filtering rules
Problem-Type   : remote
Debian-specific: no
CVE Ids        : CAN-2003-0785

ipmasq is a package which simplifies configuration of Linux IP
masquerading, a form of network address translation which allows a
number of hosts to share a single public IP address.  Due to use of
certain improper filtering rules, traffic arriving on the external
interface addressed for an internal host would be forwarded,
regardless of whether it was associated with an established
connection.  This vulnerability could be exploited by an attacker
capable of forwarding IP traffic with an arbitrary destination address
to the external interface of a system with ipmasq installed.

For the current stable distribution (woody) this problem has been
fixed in version 3.5.10c.

For the unstable distribution (sid) this problem has been fixed in
version 3.5.12.

We recommend that you update your ipmasq package.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:
      Size/MD5 checksum:      502 f5f259d819d47b687c3da42d931b1404
      Size/MD5 checksum:    30656 e9a9a1f86bd88dcceaeba900698165bb

  Architecture independent components:
      Size/MD5 checksum:    47748 199a747d5c48c145cf34772f26cbba4d

  These files will probably be moved into the stable distribution on
  its next revision.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
Package info: `apt-cache show <pkg>' and<pkg>
Version: GnuPG v1.2.3 (GNU/Linux)


- 漏洞信息

ipmasq External Interface Packet Forward Restriction Bypass

- 漏洞描述

Unknown or Incomplete

- 时间线

2003-08-20 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

ipmasq Incorrect Packet Forwarding Default Ruleset Vulnerability
Configuration Error 8664
Yes No
2003-09-20 12:00:00 2009-07-11 11:56:00
The disclosure of this issue has been credited to the vendor.

- 受影响的程序版本

Brian Bassett ipmasq 3.5.10
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0

- 漏洞讨论

Debian has reported that the firewall rules configured by ipmasq may result in incorrect forwarding of traffic on the gateway host. According to the report, any traffic destined for internal hosts arriving at the external interface of the gateway will be forwarded to the destination host on the internal network regardless of whether the packet can be associated with an established connection or not. This behavior is incorrect and may result in attackers gaining unauthorized access to internal and potentially more vulnerable hosts.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: &lt;;.

- 解决方案

Debian has issued fixes, listed in advisory DSA-389-1. See the reference section.

Brian Bassett ipmasq 3.5.10

- 相关参考