Main Vulnerability Database SB2003082702

SB2003082702 - Improper input validation in Linux kernel

Published: August 27, 2003

Security Bulletin ID SB2003082702

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper input validation (CVE-ID: CVE-2003-0467)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC is enabled, or the ip_nat_ftp or ip_nat_irc modules are loaded, allows remote attackers to cause a denial of service (crash) in systems using NAT, possibly due to an integer signedness error.

Remediation

Install update from vendor's website.

References

http://marc.info/?l=bugtraq&m=105985703724758&w=2