Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Firewall)  >   SuSE Linux Firewall Vendors:   SuSE
SuSE Linux Firewall May Give Remote Users Access to Firewall Ports Under Certain Configurations
SecurityTracker Alert ID:  1002000
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 14 2001
Impact:   Host/resource access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): v1.2 and possibly earlier versions
Description:   A vulnerability was reported in the SuSE Linux Firewall that, in certain configurations, may allow remote users to access some ports on the firewall.

SuSE reported that if the FW_AUTOPROTECT_GLOBAL_SERVICES feature is enabled, the firewall may not block access to autoprotect ports from the external interface.

Impact:   A remote user may be able to access ports on the firewall.
Solution:   The vendor has released a fixed version (1.3) which is available at The official rpm release is reportedly pending.
Vendor URL: (Links to External Site)
Cause:   State error
Underlying OS:  Linux (SuSE)

Message History:   None.

 Source Message Contents

Subject:  [suse-security] SuSEfirewall2 v1.3 (security fix update)

Hi folks,

After a very long testing time version 1.3 is now available, and the first
official rpm will be availabel as well during next week!

you can find the newest version at or wait for the
official rpm release.

For everyone using older versions: you should update if you are using the
FW_AUTOPROTECT_GLOBAL_SERVICES feature, because I made a mistake which would
not block access to autoprotect ports from external - and this might result
in a security problem

	* Fixed a bug in autoprotecting ports to externals (thanks to and
	* Added special log message if internals try to access the external
	  IPs of the firewall
	* Added missing /sbin/rcSuSEfirewall2 link (thanks to

   E@mail:  Function: Security Research and Advisory
  PGP: "lynx -source | pgp -fka"
 Key fingerprint = B5 07 B6 4E 9C EF 27 EE  16 D9 70 D4 87 B5 63 6C
Private:  SuSE:

To unsubscribe, e-mail:
For additional commands, e-mail:


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC