[USN-395-1] Linux kernel vulnerabilities
Chuck Peters
cp at ccil.org
Thu Dec 14 20:07:06 UTC 2006
On 12/13/06, Martin Pitt <martin.pitt at canonical.com> wrote:
> ===========================================================
> Ubuntu Security Notice USN-395-1 December 13, 2006
===========================================================
> Details follow:
>
> Mark Dowd discovered that the netfilter iptables module did not
> correcly handle fragmented packets. By sending specially crafted
> packets, a remote attacker could exploit this to bypass firewall
> rules. This has only be fixed for Ubuntu 6.10; the corresponding fix
> for Ubuntu 5.10 and 6.06 will follow soon. (CVE-2006-4572)
Any ETA or suggested work arounds for dapper users?
Thanks,
Chuck
More information about the ubuntu-users
mailing list