Lucene search
SuseSUSE-SA:2004:037HistoryOct 21, 2004 - 7:52 a.m.
remote denial of service in kernel
2004-10-2107:52:50
lists.opensuse.org
21
0.061 Low
EPSS
Percentile
92.8%
An integer underflow problem in the iptables firewall logging rules can allow a remote attacker to crash the machine by using a handcrafted IP packet. This attack is only possible with firewalling enabled.
Solution
If you are not using an iptables based firewall (like SUSEfirewall2) on your system, you are not affected. If you are using a firewall, a workaround is to disable firewall logging of IP and TCP options. We recommend to update the kernel.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 9.1 | i586 | kernel-bigsmp | < 2.6.5-7.111 | kernel-bigsmp-2.6.5-7.111.i586.rpm |
| openSUSE | 9.1 | i586 | kernel-smp | < 2.6.5-7.111 | kernel-smp-2.6.5-7.111.i586.rpm |
| openSUSE | 9.1 | x86_64 | kernel-smp | < 2.6.5-7.111 | kernel-smp-2.6.5-7.111.x86_64.rpm |
| openSUSE | 9.1 | x86_64 | kernel-default | < 2.6.5-7.111 | kernel-default-2.6.5-7.111.x86_64.rpm |
| openSUSE | 9.1 | i586 | kernel-default | < 2.6.5-7.111 | kernel-default-2.6.5-7.111.i586.rpm |
Related
openvas
openvas
Gentoo Security Advisory GLSA 200412-02 (PDFlib)
2008-09-24 00:00:00
Slackware Advisory SSA:2004-305-02 libtiff
2012-09-11 00:00:00
Gentoo Security Advisory GLSA 200412-17 (kfax)
2008-09-24 00:00:00
cert
cert
LibTIFF contains multiple heap-based buffer overflows
2004-12-01 00:00:00
LibTIFF contains multiple integer overflows
2004-12-01 00:00:00
LibTIFF vulnerable to denial-of-service condition
2004-12-01 00:00:00
slackware
slackware
[slackware-security] libtiff
2004-11-01 08:00:50
gentoo
gentoo
kfax: Multiple overflows in the included TIFF library
2004-12-19 00:00:00
PDFlib: Multiple overflows in the included TIFF library
2004-12-05 00:00:00
tiff: Buffer overflows in image decoding
2004-10-13 00:00:00
securityvulns
securityvulns
KDE Security Advisory: kfax libtiff vulnerabilities
2004-12-10 00:00:00
MDKSA-2004:111 - Updated wxGTK2 packages fix vulnerabilities
2004-10-22 00:00:00
nessus
nessus
Debian DSA-567-1 : tiff - heap overflows
2004-11-10 00:00:00
GLSA-200412-17 : kfax: Multiple overflows in the included TIFF library
2004-12-20 00:00:00
Slackware 10.0 / 8.1 / 9.0 / 9.1 / current : libtiff (SSA:2004-305-02)
2005-07-13 00:00:00
debian
debian
[SECURITY] [DSA 567-1] New libtiff packages fix remote code execution
2004-10-15 17:51:16
[SECURITY] [DSA 567-1] New libtiff packages fix remote code execution
2004-10-15 00:00:00
[SECURITY] [DSA 571-1] New libpng3 packages fix several vulnerabilities
2004-10-20 17:01:10
osv
osv
tiff - heap overflows
2004-10-15 00:00:00
cyrus-sasl-mit - unsanitised input
2004-10-16 00:00:00
cyrus-sasl - unsanitised input
2004-10-14 00:00:00
redhat
redhat
(RHSA-2004:577) libtiff security update
2004-10-22 00:00:00
(RHSA-2005:021) kdegraphics security update
2005-04-12 00:00:00
(RHSA-2005:354) tetex security update
2005-04-01 00:00:00
centos
centos
tetex security update
2005-04-01 21:29:55
kdegraphics security update
2005-04-12 23:05:10
kdegraphics security update
2005-04-12 16:01:20
ubuntu
ubuntu
PNG library vulnerabilities
2004-10-23 00:00:00
suse
suse
local privilege escalation in libtiff
2004-10-22 14:52:41
seebug
seebug
Linux Kernel 2.6.x Firewall Logging Rules Remote DoS Exploit
2008-07-07 00:00:00
Linux Kernel 2.6.x IPTables Logging Rules Integer Underflow Vulnerability
2014-07-01 00:00:00
cve
cve
exploitpack
exploitpack
Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Remote (PoC)
2004-11-21 00:00:00
debiancve
debiancve
ubuntucve
ubuntucve
freebsd
freebsd
tiff -- multiple integer overflows
2004-10-13 00:00:00
cyrus-sasl -- dynamic library loading and set-user-ID applications
2004-09-22 00:00:00
tiff -- RLE decoder heap overflows
2004-10-13 00:00:00
exploitdb
exploitdb
Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Remote (PoC)
2004-11-21 00:00:00