Joined: 13 Jun 2003
Location: Barcelona, Spain
|Posted: Fri Apr 09, 2004 12:38 pm Post subject: [ GLSA 200404-10 ] iproute local Denial of Service vulnerabi
|Gentoo Linux Security Advisory
Title: iproute local Denial of Service vulnerability (GLSA 200404-10)
Date: April 09, 2004
The iproute package allows local users to cause a denial of service.
iproute is a set of tools for managing linux network routing and advanced features.
Vulnerable: <= 20010824-r4
Unaffected: >= 20010824-r5
Architectures: All supported architectures
It has been reported that iproute can accept spoofed messages on the kernel netlink interface from local users. This could lead to a local Denial of Service condition.
Local users could cause a Denial of Service.
A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.
All iproute users should upgrade to version 20010824-r5 or later:
|# emerge sync
# emerge -pv ">=sys-apps/iproute-20010824-r5";
# emerge ">=sys-apps/iproute-20010824-r5";
Last edited by GLSA on Sun May 07, 2006 4:50 pm; edited 1 time in total