27 Oct
2004
27 Oct
'04
21:53
----- Original Message ----- Sent: Monday, October 25, 2004 11:45 PM Subject: Vulenerabilidad kernel 2.6 + iptables
USERS OF Linux running a 2.6 series kernel and using iptables for
firewalling
have been advised to upgrade to fix a bug which could be exploited remotely to cause a denial of service. The bug, discovered by Richard Hart, does not affect the 2.4 series kernel or the later version. It is caused by an integer underflow problem in the iptables firewall logging rules. This means that a hacker could remotely crash the machine by using a specially designed IP packet. Ironically, they can only do this if a firewall is enabled in the kernel.