Advisories:rPSA-2006-0079

From rPath Wiki

rPath Security Advisory 2006-0079-1

Published: 2006-05-23

Products

• rPath Linux 1

Rating

Major

Exposure Level Classification

Remote Deterministic Denial of Service

Updated Versions

• kernel=conary.rpath.com@rpl:1/2.6.16.18-1-0.1

rPath Issue Tracking System

• RPL-379

References

• CVE-2006-0039
• CVE-2006-1857
• CVE-2006-1858
• CVE-2006-2444

Description

Two remote denial of service vulnerabilities have been discovered

in the Linux kernel SCTP implementation, and a remote denial of

service vulnerability has been discovered in the ip_nat_snmp_basic

module. Neither SCTP nor ip_nat_snmp_basic is configured in a

default installation of rPath Linux; a system must be explicitly

configured to use the SCTP protocol or the ip_nat_snmp_basic

netfilter module to be subject to any of these vulnerabilities.

Copyright 2006 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html