* Security vulnerability in netfilter?
@ 2004-10-22 7:52 René Gallati
0 siblings, 0 replies; only message in thread
From: René Gallati @ 2004-10-22 7:52 UTC (permalink / raw)
To: Netfilter Mailing List
Hello list,
is there any official information about this
http://www.securityfocus.com/archive/1/379010/2004-10-19/2004-10-25/0
?
Couldn't find anything on netfilter.org
quoting from the article:
"
An integer underflow problem in the iptables firewall logging rules
can allow a remote attacker to crash the machine by using a handcrafted
IP packet. This attack is only possible with firewalling enabled.
We would like to thank Richard Hart for reporting the problem.
This problem has already been fixed in the 2.6.8 upstream Linux kernel,
this update contains a backport of the fix.
Products running a 2.4 kernel are not affected.
Mitre has assigned the CVE ID CAN-2004-0816 for this problem.
"
--
C U
- -- ---- ----- -----/\/ René Gallati \/\---- ----- --- -- -
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2004-10-22 7:52 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-10-22 7:52 Security vulnerability in netfilter? René Gallati
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox