Bug 4511 – IPChains Security Hole

Bug 4511 - IPChains Security Hole

Summary:	IPChains Security Hole

Status:	CLOSED CURRENTRELEASE

Aliases:	None

Product:	Red Hat Linux
Classification:	Retired
Component:	kernel (Show other bugs)
Sub Component:
Version:	6.0
Hardware:	All Linux

Priority	high Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Cristian Gafton
QA Contact:
Docs Contact:

URL:
Whiteboard:
Keywords:	Security

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	1999-08-13 10:41 EDT by pjmattal
Modified:	2008-08-01 12:22 EDT (History)
CC List:	0 users

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description pjmattal 1999-08-13 10:41:59 EDT

There is a recent security hole in the ipchains IP
forwarding mechanism that can allow arbitrary packets
through the ipchains filters if a fragment overlap tactic is
used to rewrite the address in the header. A "fragrouter"
exploit has been written which makes it particularly easy
for hackers to exploit this hole.

The patch has been incorporated into the Linux 2.2.11 kernel
as blessed/released by Linus on August 9, 1999. This kernel
(or, marginally, a patched version of the 2.2.5 kernel)
should be packaged and released ASAP!

For more information, visit:

http://www.securityfocus.com/vdb/bottom.html?vid=543

Note You need to log in before you can comment on or make changes to this bug.