Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Freebsd | Freebsd | 3.2 (including) | 3.2 (including) |
| Linux_kernel | Linux | * | 2.2.10 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=93277426802802\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=93277766505061\u0026w=2
- http://www.iss.net/security_center/static/7257.php
- http://www.kernel.org/pub/linux/kernel/v2.2/patch-2.2.11.gz
- http://www.osvdb.org/6105
- http://marc.info/?l=bugtraq\u0026m=93277426802802\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=93277766505061\u0026w=2
- http://www.iss.net/security_center/static/7257.php
- http://www.kernel.org/pub/linux/kernel/v2.2/patch-2.2.11.gz
- http://www.osvdb.org/6105