Remote IP Address Exposure in Cisco Secure PIX Firewall
CVE-2000-1027

Currently unrated

Key Information:

Vendor
Cisco
Status
Pix Firewall Software
Vendor
CVE Published:
11 December 2000

Summary

A flaw in Cisco Secure PIX Firewall version 5.2(2) allows remote attackers to expose the real IP address of an FTP server. By sending an excessive number of PASV requests, an attacker can extract the actual IP address from the FTP server's response during the establishment of the passive mode connection. This vulnerability raises significant security concerns, as it enables potential attackers to map the network structure and target specific elements within the organization.

References

http://www.securityfocus.com/bid/1877
vdb-entryx_refsource_BID
http://marc.info/?l=bugtraq&m=97059440000367&w=2
mailing-listx_refsource_BUGTRAQ
http://www.osvdb.org/1623
vdb-entryx_refsource_OSVDB

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2000-1027 : Remote IP Address Exposure in Cisco Secure PIX Firewall | SecurityVulnerability.io