CVE-2001-0405

Name of the Vulnerable Software and Affected Versions Red Hat Linux kernel versions 2.4.3

Description The issue allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation of this issue can be carried out remotely.

Recommendations For Red Hat Linux kernel version 2.4.3, consider disabling the ip conntrack ftp module in the IPTables firewall as a temporary workaround until a patch is available. Restrict access to the FTP server to minimize the risk of exploitation. Avoid using the PORT command with arbitrary IP addresses and port numbers in the FTP server configuration until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.