[原文]The firewall in Astaro Security Linux before 4.024 sends responses to SYN-FIN packets, which makes it easier for remote attackers to obtain information about the system and construct specialized attacks.
Astaro Security Linux Firewall SYN-FIN Response Issue
Remote / Network Access
Loss of Confidentiality
Astaro Security Linux Firewall contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the firewall replies to SYN-FIN packets, which will disclose system version information resulting in a loss of confidentiality.
Currently, there are no known workarounds or upgrades to correct this issue. However, Astaro has released a patch to address this vulnerability.