CVE-2003-0785

{"id": "CVE-2003-0785", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2003-10-06T04:00:00.000", "references": [{"url": "http://www.debian.org/security/2003/dsa-389", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attackers to bypass intended filtering."}, {"lang": "es", "value": "ipmasq anteriores a 3.5.12, en ciertas configuraciones, puede manda paquetes al interfaz externo incluso si los paquetes no est\u00e1n asociados con una conexi\u00f3n establecida, lo que podr\u00eda permitir a atacantes remotos saltarse el filtrado pretendido."}], "lastModified": "2008-09-10T19:20:26.023", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:brian_bassett:ipmasq:3.5.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5F71562-EFEC-485A-9517-FACEA69F8CDA"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}