Novell Home

CVE-2007-1497

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2007-1497 at MITRE

Description

nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments.

NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)

Novell/SUSE information

Novell Bugzilla entries: 268298, 270460

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE LINUX 10.0
  • Intel-536ep >= 4.69-0.2
  • kernel-bigsmp >= 2.6.13-15.16
  • kernel-bigsmp-nongpl >= 2.6.13-15.16
  • kernel-default >= 2.6.13-15.16
  • kernel-default-nongpl >= 2.6.13-15.16
  • kernel-iseries64 >= 2.6.13-15.16
  • kernel-ppc64 >= 2.6.13-15.16
  • kernel-smp >= 2.6.13-15.16
  • kernel-smp-nongpl >= 2.6.13-15.16
  • kernel-source >= 2.6.13-15.16
  • kernel-syms >= 2.6.13-15.16
  • kernel-um >= 2.6.13-15.16
  • kernel-um-nongpl >= 2.6.13-15.16
  • kernel-xen >= 2.6.13-15.16
  • kernel-xen-nongpl >= 2.6.13-15.16
  • um-host-kernel >= 2.6.13-15.16

© 2014 Novell