CVE-2001-1387 Information

Description

iptables-save in iptables before 1.2.4 records the --reject-with icmp-host-prohibited\ rule as --reject-with tcp-reset\ which causes iptables to generate different responses than specified by the administrator possibly leading to an information leak.

Reference

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=50500 http://rhn.redhat.com/errata/RHSA-2001-144.html