Back to search
CVE-2007-1497
Published: Mar 16, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
oval:org.mitre.oval:def:10457
vdb-entry
signature
x_refsource_OVAL
RHSA-2007:0347
vendor-advisory
x_refsource_REDHAT
USN-464-1
vendor-advisory
x_refsource_UBUNTU
SUSE-SA:2007:043
vendor-advisory
x_refsource_SUSE
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.3
x_refsource_CONFIRM
MDKSA-2007:171
vendor-advisory
x_refsource_MANDRIVA
ADV-2007-0944
vdb-entry
x_refsource_VUPEN
DSA-1289
vendor-advisory
x_refsource_DEBIAN
25288
third-party-advisory
x_refsource_SECUNIA
26620
third-party-advisory
x_refsource_SECUNIA
25228
third-party-advisory
x_refsource_SECUNIA
MDKSA-2007:196
vendor-advisory
x_refsource_MANDRIVA
25961
third-party-advisory
x_refsource_SECUNIA
24492
third-party-advisory
x_refsource_SECUNIA
25392
third-party-advisory
x_refsource_SECUNIA
33028
vdb-entry
x_refsource_OSVDB
23976
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now