Family: Debian Local Security Checks --> Category: infos
[DSA389] DSA-389-1 ipmasq Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
ipmasq is a package which simplifies configuration of Linux IP
masquerading, a form of network address translation which allows a
number of hosts to share a single public IP address. Due to use of
certain improper filtering rules, traffic arriving on the external
interface addressed for an internal host would be forwarded,
regardless of whether it was associated with an established
connection. This vulnerability could be exploited by a possible hacker
capable of forwarding IP traffic with an arbitrary destination address
to the external interface of a system with ipmasq installed.
For the current stable distribution (woody) this problem has been
fixed in version 3.5.10c.
For the unstable distribution (sid) this problem has been fixed in
We recommend that you update your ipmasq package.
Solution : http://www.debian.org/security/2003/dsa-389
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.