Vulnerability Bulletins |
Vulnerabilidad en el módulo netfilter del Kernel de Linux |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Aumento de la visibilidad |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio exotico |
System information |
|
| Property | Value |
| Affected manufacturer | GNU/Linux |
| Affected software | Netfilter IPv6 |
Description |
|
|
Se ha descubierto una vulnerabilidad en el módulo netfilter de IPv6. La vulnerabilidad reside en un error al manejar ciertas cabeceras IP en paquetes fragmentados. Un atacante remoto podría aumentar su visibilidad evadiendo las reglas de iptables. |
|
Solution |
|
|
Actualización de software Mandriva Mandriva Linux 2007 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/kernel-2.6.17.6mdv-1-1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/kernel-enterprise-2.6.17.6mdv-1-1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/kernel-legacy-2.6.17.6mdv-1-1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/kernel-source-2.6.17.6mdv-1-1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/kernel-source-stripped-2.6.17.6mdv-1-1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/kernel-xen0-2.6.17.6mdv-1-1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/kernel-xenU-2.6.17.6mdv-1-1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/SRPMS/kernel-2.6.17.6mdv-1-1mdv2007.0.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/kernel-2.6.17.6mdv-1-1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/kernel-source-2.6.17.6mdv-1-1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/kernel-source-stripped-2.6.17.6mdv-1-1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/kernel-xen0-2.6.17.6mdv-1-1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/kernel-xenU-2.6.17.6mdv-1-1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/SRPMS/kernel-2.6.17.6mdv-1-1mdv2007.0.src.rpm Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux |
|
Standar resources |
|
| Property | Value |
| CVE | CVE-2006-4572 |
| BID | |
Other resources |
|
|
Mandriva Security Advisory (MDKSA-2006:197) http://www.mandriva.com/security/advisories?name=MDKSA-2006:197 SUSE Security Advisory (SUSE-SA:2006:079) http://www.novell.com/linux/security/advisories/2006_79_kernel.html |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2006-11-06 |
| 1.1 | Aviso emitido por Suse (SUSE-SA:2006:079) | 2006-12-28 |