CVE - CVE-2006-4572

CVE-ID
CVE-2006-4572	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows remote attackers to (1) bypass a rule that disallows a protocol, via a packet with the protocol header not located immediately after the fragment header, aka "ip6_tables protocol bypass bug;" and (2) bypass a rule that looks for a certain extension header, via a packet with an extension header outside the first fragment, aka "ip6_tables extension header bypass bug."
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:20955 URL:http://www.securityfocus.com/bid/20955 BUGTRAQ:20070615 rPSA-2007-0124-1 kernel xen URL:http://www.securityfocus.com/archive/1/471457 CONFIRM:http://www.kernel.org/git/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-2.6.16.y.git&a=search&s=CVE-2006-4572 CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=0ddfcc96928145d6a6425fdd26dad6abfe7f891d CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=6ac62be885810e1f8390f0c3b9d3ee451d3d3f19 CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.31 MANDRIVA:MDKSA-2006:197 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:197 MLIST:[linux-kernel] 20061105 Linux 2.6.16.31-rc1 URL:http://readlist.com/lists/vger.kernel.org/linux-kernel/55/275979.html SECUNIA:22731 URL:http://secunia.com/advisories/22731 SECUNIA:22762 URL:http://secunia.com/advisories/22762 SECUNIA:23384 URL:http://secunia.com/advisories/23384 SECUNIA:23474 URL:http://secunia.com/advisories/23474 SECUNIA:24098 URL:http://secunia.com/advisories/24098 SECUNIA:25691 URL:http://secunia.com/advisories/25691 SUSE:SUSE-SA:2006:079 URL:http://www.novell.com/linux/security/advisories/2006_79_kernel.html UBUNTU:USN-395-1 URL:http://www.ubuntu.com/usn/usn-395-1 UBUNTU:USN-416-1 URL:http://www.ubuntu.com/usn/usn-416-1 VUPEN:ADV-2006-4386 URL:http://www.vupen.com/english/advisories/2006/4386
Assigning CNA
Red Hat, Inc.
Date Entry Created
20060906	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060906)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select “Other” from dropdown)