GLSA
Moderator
Joined: 13 Jun 2003
Posts: 4074
Location: Barcelona, Spain
|
 Posted: Fri Apr 09, 2004 12:38 pm Post subject: [ GLSA 200404-10 ] iproute local Denial of Service vulnerabi |
 |
|
Gentoo Linux Security Advisory
Title: iproute local Denial of Service vulnerability (GLSA 200404-10)
Severity: low
Exploitable: local
Date: April 09, 2004
Bug(s): #34294
ID: 200404-10
Synopsis
The iproute package allows local users to cause a denial of service.
Background
iproute is a set of tools for managing linux network routing and advanced features.
Affected Packages
Package: sys-apps/iproute
Vulnerable: <= 20010824-r4
Unaffected: >= 20010824-r5
Architectures: All supported architectures
Description
It has been reported that iproute can accept spoofed messages on the kernel netlink interface from local users. This could lead to a local Denial of Service condition.
Impact
Local users could cause a Denial of Service.
Workaround
A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.
Resolution
All iproute users should upgrade to version 20010824-r5 or later: | Code: | # emerge sync
# emerge -pv ">=sys-apps/iproute-20010824-r5";
# emerge ">=sys-apps/iproute-20010824-r5"; |
References
CAN-2003-0856
Last edited by GLSA on Sun May 07, 2006 4:50 pm; edited 1 time in total |
|
News & Announcements
