Improper authentication in Linux kernel

1) Improper authentication

EUVDB-ID: #VU95682

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2002-2438

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) set, which was not correctly discarded by the Linux TCP stack after firewalling.

Mitigation

Install update from vendor's repository.

Vulnerable software versions

Linux kernel: All versions

CPE2.3

External links

http://www.openwall.com/lists/oss-security/2012/05/30/11
http://www.kb.cert.org/vuls/id/464113
http://www.openwall.com/lists/oss-security/2012/05/29/8
http://www.openwall.com/lists/oss-security/2012/02/03/7
http://www.openwall.com/lists/oss-security/2012/02/03/7
http://www.openwall.com/lists/oss-security/2012/05/30/9
http://www.openwall.com/lists/oss-security/2014/02/12/8
http://www.openwall.com/lists/oss-security/2012/05/30/8
http://www.openwall.com/lists/oss-security/2012/05/30/12
http://www.openwall.com/lists/oss-security/2012/05/30/13
http://www.openwall.com/lists/oss-security/2012/05/30/4
http://www.openwall.com/lists/oss-security/2012/05/31/3
http://www.openwall.com/lists/oss-security/2012/05/30/2
http://security.netapp.com/advisory/ntap-20210727-0003/
http://bugzilla.suse.com/show_bug.cgi?id=744994%2C
http://www.kb.cert.org/vuls/id/464113%2C

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.