#VU92873 Security restrictions bypass in Linux kernel - CVE-2006-4572

Cybersecurity Help s.r.o.

Published: 2006-11-07 | Updated: 2023-02-13

Vulnerability identifier: #VU92873

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2006-4572

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows remote attackers to (1) bypass a rule that disallows a protocol, via a packet with the protocol header not located immediately after the fragment header, aka 'ip6_tables protocol bypass bug;' and (2) bypass a rule that looks for a certain extension header, via a packet with an extension header outside the first fragment, aka 'ip6_tables extension header bypass bug.'

Mitigation
Install update from vendor's repository.

Vulnerable software versions

Linux kernel: All versions

External links
https://readlist.com/lists/vger.kernel.org/linux-kernel/55/275979.html
https://secunia.com/advisories/22731
https://secunia.com/advisories/22762
https://www.securityfocus.com/bid/20955
https://www.kernel.org/git/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-2.6.16.y.git&a=search&s=CVE-2006-4572
https://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.31
https://www.ubuntu.com/usn/usn-395-1
https://secunia.com/advisories/23384
https://www.novell.com/linux/security/advisories/2006_79_kernel.html
https://www.ubuntu.com/usn/usn-416-1
https://secunia.com/advisories/24098
https://www.securityfocus.com/archive/1/471457
https://www.mandriva.com/security/advisories?name=MDKSA-2006:197
https://secunia.com/advisories/25691
https://secunia.com/advisories/23474
https://www.vupen.com/english/advisories/2006/4386
https://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git%3Ba=commit%3Bh=0ddfcc96928145d6a6425fdd26dad6abfe7f891d
https://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git%3Ba=commit%3Bh=6ac62be885810e1f8390f0c3b9d3ee451d3d3f19

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Security restrictions bypass in Linux kernel