iptables Module Loading Failure

2004-11-01T01:51:48
ID OSVDB:11351
Type osvdb
Reporter Faheem Mitha()
Modified 2004-11-01T01:51:48

Description

Vulnerability Description

iptables contains a flaw that may allow a malicious user to bypass firewall rules. The issue is triggered when iptables fails to load required modules in iptables.c and ip6tables.c under certain configurations. It is possible that the flaw may prohibit the firewall rules from being applied without notifying the victim of the problem resulting in a loss of integrity.

Solution Description

An official iptables patch has not been released, although many Linux Distributions are providing their own upgrades. An upgrade is required as there are no known workarounds.

Short Description

iptables contains a flaw that may allow a malicious user to bypass firewall rules. The issue is triggered when iptables fails to load required modules in iptables.c and ip6tables.c under certain configurations. It is possible that the flaw may prohibit the firewall rules from being applied without notifying the victim of the problem resulting in a loss of integrity.

References:

Vendor URL: http://www.netfilter.org/ Security Tracker: 1012025 Secunia Advisory ID:13096 Secunia Advisory ID:14246 Secunia Advisory ID:13061 Secunia Advisory ID:13345 Secunia Advisory ID:13354 Other Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-81-1 Other Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:125 Other Advisory URL: http://www.securityfocus.com/advisories/7417 Other Advisory URL: http://www.suse.de/de/security/2004_02_sr.html ISS X-Force ID: 17928 CVE-2004-0986 CIAC Advisory: p-026 Bugtraq ID: 11570