VULHUB ™

The Linux Kernel is the core of all Linux operating systems. It is developed and maintained by public domain. It is possible for a remote user to discover ports on a firewall that are mapped to systems behind the firewall via NAT. By sending a TCP packet to a port on a system with a TTL less than the total amount of hops to the firewall, when the packet is routed to the host via NAT, a ICMP TTL Expired response will be generated. This response, generated by the host at the end of the NAT rule, will not be translated by the NAT system.

The Linux Kernel is the core of all Linux operating systems. It is developed and maintained by public domain. It is possible for a remote user to discover ports on a firewall that are mapped to systems behind the firewall via NAT. By sending a TCP packet to a port on a system with a TTL less than the total amount of hops to the firewall, when the packet is routed to the host via NAT, a ICMP TTL Expired response will be generated. This response, generated by the host at the end of the NAT rule, will not be translated by the NAT system.