Linux IPTables/Netfilter NAT SACK mangle DoS

2003-08-02T09:34:17
ID OSVDB:2364
Type osvdb
Reporter OSVDB
Modified 2003-08-02T09:34:17

Description

Vulnerability Description

The netfilter module of the Linux kernel contains a flaw that may allow a remote denial of service. The issue is triggered when Network Address Translation (NAT) is enabled, and either the ip_nat_ftp or ip_nat_irc modules have been loaded or CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC are enabled. This will result in loss of availability for the platform.

Solution Description

Upgrade to version 2.4.21 of the Linux kernel or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by disabling NAT, disabling the affected protocol modules, or applying the vendor supplied patch.

Short Description

The netfilter module of the Linux kernel contains a flaw that may allow a remote denial of service. The issue is triggered when Network Address Translation (NAT) is enabled, and either the ip_nat_ftp or ip_nat_irc modules have been loaded or CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC are enabled. This will result in loss of availability for the platform.

References:

Secunia Advisory ID:9429 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-08/0015.html ISS X-Force ID: 12806 CVE-2003-0467 Bugtraq ID: 8330