CVE-2005-0449

EPSS 2.27%
Veröffentlicht 02.05.2005 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 21

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version2.6.0

Linux ≫ Linux Kernel Version2.6.1

Linux ≫ Linux Kernel Version2.6.2

Linux ≫ Linux Kernel Version2.6.3

Linux ≫ Linux Kernel Version2.6.4

Linux ≫ Linux Kernel Version2.6.5

Linux ≫ Linux Kernel Version2.6.6

Linux ≫ Linux Kernel Version2.6.7

Linux ≫ Linux Kernel Version2.6.8

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.27%	0.831

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.1	8.6	6.9	AV:N/AC:M/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.redhat.com/support/errata/RHSA-2005-293.html

http://www.redhat.com/support/errata/RHSA-2005-283.html

Patch

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2005:218

http://www.novell.com/linux/security/advisories/2005_18_kernel.html

Patch

Vendor Advisory

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532

ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U

http://secunia.com/advisories/19607

Vendor Advisory