CVE - CVE-2006-4572

CVE-ID
CVE-2006-4572	Learn more at National Vulnerability Database (NVD) • Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows remote attackers to (1) bypass a rule that disallows a protocol, via a packet with the protocol header not located immediately after the fragment header, aka "ip6_tables protocol bypass bug;" and (2) bypass a rule that looks for a certain extension header, via a packet with an extension header outside the first fragment, aka "ip6_tables extension header bypass bug."
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BUGTRAQ:20070615 rPSA-2007-0124-1 kernel xen URL:http://www.securityfocus.com/archive/1/471457 MLIST:[linux-kernel] 20061105 Linux 2.6.16.31-rc1 URL:http://readlist.com/lists/vger.kernel.org/linux-kernel/55/275979.html CONFIRM:http://www.kernel.org/git/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-2.6.16.y.git&a=search&s=CVE-2006-4572 CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=0ddfcc96928145d6a6425fdd26dad6abfe7f891d CONFIRM:http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=6ac62be885810e1f8390f0c3b9d3ee451d3d3f19 CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.31 MANDRIVA:MDKSA-2006:197 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:197 SUSE:SUSE-SA:2006:079 URL:http://www.novell.com/linux/security/advisories/2006_79_kernel.html UBUNTU:USN-395-1 URL:http://www.ubuntu.com/usn/usn-395-1 UBUNTU:USN-416-1 URL:http://www.ubuntu.com/usn/usn-416-1 BID:20955 URL:http://www.securityfocus.com/bid/20955 VUPEN:ADV-2006-4386 URL:http://www.vupen.com/english/advisories/2006/4386 SECUNIA:22731 URL:http://secunia.com/advisories/22731 SECUNIA:22762 URL:http://secunia.com/advisories/22762 SECUNIA:23384 URL:http://secunia.com/advisories/23384 SECUNIA:24098 URL:http://secunia.com/advisories/24098 SECUNIA:25691 URL:http://secunia.com/advisories/25691 SECUNIA:23474 URL:http://secunia.com/advisories/23474
Assigning CNA
N/A
Date Entry Created
20060906	Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060906)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE list, which standardizes names for security problems.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org

Common Vulnerabilities and Exposures

CVE-2006-4572