VULHUB ™

There exists a vulnerability in the packet filter that may allow for attackers to evade certain rules if syn cookies are in use. When processing connection requests in syn-flood protection mode, filter rules for TCP packets with the syn flag set (connection requests) are not properly enforced. If an attacker can guess a valid syn cookie response, it may be possible for them to access services otherwise filtered for all connection requests.

There exists a vulnerability in the packet filter that may allow for attackers to evade certain rules if syn cookies are in use. When processing connection requests in syn-flood protection mode, filter rules for TCP packets with the syn flag set (connection requests) are not properly enforced. If an attacker can guess a valid syn cookie response, it may be possible for them to access services otherwise filtered for all connection requests.