CVE-2006-4572

Severity

75%

Complexity

99%

Confidentiality

106%

ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows remote attackers to (1) bypass a rule that disallows a protocol, via a packet with the protocol header not located immediately after the fragment header, aka "ip6_tables protocol bypass bug;" and (2) bypass a rule that looks for a certain extension header, via a packet with an extension header outside the first fragment, aka "ip6_tables extension header bypass bug."

ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows remote attackers to (1) bypass a rule that disallows a protocol, via a packet with the protocol header not located immediately after the fragment header, aka "ip6_tables protocol bypass bug;" and (2) bypass a rule that looks for a certain extension header, via a packet with an extension header outside the first fragment, aka "ip6_tables extension header bypass bug."

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 18 years ago

2006-11-07 00:07:00

Last updated 12 years ago

2012-03-19 04:00:00

Affected Software

Linux Kernel 2.6.0

2.6.0

Linux Kernel 2.6.1

2.6.1

Linux Kernel 2.6.1 Release Candidate 1

2.6.1

Linux Kernel 2.6.1 Release Candidate 2

2.6.1

Linux Kernel 2.6.1 Release Candidate 3

2.6.1

Linux Kernel 2.6.2

2.6.2

Linux Kernel 2.6.2 Release Candidate 1

2.6.2

Linux Kernel 2.6.2 Release Candidate 2

2.6.2

Linux Kernel 2.6.2 Release Candidate 3

2.6.2

Linux Kernel 2.6.3

2.6.3

Linux Kernel 2.6.3 Release Candidate 1

2.6.3

Linux Kernel 2.6.3 Release Candidate 2

2.6.3

Linux Kernel 2.6.3 Release Candidate 3

2.6.3

Linux Kernel 2.6.3 Release Candidate 4

2.6.3

Linux Kernel 2.6.4

2.6.4

Linux Kernel 2.6.4 Release Candidate 1

2.6.4

Linux Kernel 2.6.4 Release Candidate 2

2.6.4

Linux Kernel 2.6.4 Release Candidate 3

2.6.4

Linux Kernel 2.6.5

2.6.5

Linux Kernel 2.6.5 Release Candidate 1

2.6.5

Linux Kernel 2.6.5 Release Candidate 2

2.6.5

Linux Kernel 2.6.5 Release Candidate 3

2.6.5

Linux Kernel 2.6.6

2.6.6

Linux Kernel 2.6.6 Release Candidate 1

2.6.6

Linux Kernel 2.6.6 Release Candidate 2

2.6.6

Linux Kernel 2.6.6 Release Candidate 3

2.6.6

Linux Kernel 2.6.7

2.6.7

Linux Kernel 2.6.7 Release Candidate 1

2.6.7

Linux Kernel 2.6.7 Release Candidate 2

2.6.7

Linux Kernel 2.6.7 Release Candidate 3

2.6.7

Linux Kernel 2.6.8

2.6.8

Linux Kernel 2.6.8 Release Candidate 1

2.6.8

Linux Kernel 2.6.8 Release Candidate 2

2.6.8

Linux Kernel 2.6.8 Release Candidate 3

2.6.8

Linux Kernel 2.6.8 Release Candidate 4

2.6.8

Linux Kernel 2.6.8.1

2.6.8.1

Linux Kernel 2.6.9

2.6.9

Linux Kernel 2.6.9 Release Candidate 1

2.6.9

Linux Kernel 2.6.9 Release Candidate 2

2.6.9

Linux Kernel 2.6.9 Release Candidate 3

2.6.9

Linux Kernel 2.6.9 Release Candidate 4

2.6.9

Linux Kernel 2.6.10

2.6.10

Linux Kernel 2.6.10 Release Candidate 1

2.6.10

Linux Kernel 2.6.10 Release Candidate 2

2.6.10

Linux Kernel 2.6.10 Release Candidate 3

2.6.10

Linux Kernel 2.6.11

2.6.11

Linux Kernel 2.6.11 Release Candidate 1

2.6.11

Linux Kernel 2.6.11 Release Candidate 2

2.6.11

Linux Kernel 2.6.11 Release Candidate 3

2.6.11

Linux Kernel 2.6.11 Release Candidate 4

2.6.11

Linux Kernel 2.6.11 Release Candidate 5

2.6.11

Linux Kernel 2.6.11.1

2.6.11.1

Linux Kernel 2.6.11.2

2.6.11.2

Linux Kernel 2.6.11.3

2.6.11.3

Linux Kernel 2.6.11.4

2.6.11.4

Linux Kernel 2.6.11.5

2.6.11.5

Linux Kernel 2.6.11.6

2.6.11.6

Linux Kernel 2.6.11.7

2.6.11.7

Linux Kernel 2.6.11.8

2.6.11.8

Linux Kernel 2.6.11.9

2.6.11.9

Linux Kernel 2.6.11.10

2.6.11.10

Linux Kernel 2.6.11.11

2.6.11.11

Linux Kernel 2.6.11.12

2.6.11.12

Linux Kernel 2.6.12

2.6.12

Linux Kernel 2.6.12 Release Candidate 1

2.6.12

Linux Kernel 2.6.12 Release Candidate 2

2.6.12

Linux Kernel 2.6.12 Release Candidate 3

2.6.12

Linux Kernel 2.6.12 Release Candidate 4

2.6.12

Linux Kernel 2.6.12 Release Candidate 5

2.6.12

Linux Kernel 2.6.12 Release Candidate 6

2.6.12

Linux Kernel 2.6.12.1

2.6.12.1

Linux Kernel 2.6.12.2

2.6.12.2

Linux Kernel 2.6.12.3

2.6.12.3

Linux Kernel 2.6.12.4

2.6.12.4

Linux Kernel 2.6.12.5

2.6.12.5

Linux Kernel 2.6.12.6

2.6.12.6

Linux Kernel 2.6.13

2.6.13

Linux Kernel 2.6.13 Release Candidate 1

2.6.13

Linux Kernel 2.6.13 Release Candidate 2

2.6.13

Linux Kernel 2.6.13 Release Candidate 3

2.6.13

Linux Kernel 2.6.13 Release Candidate 4

2.6.13

Linux Kernel 2.6.13 Release Candidate 5

2.6.13

Linux Kernel 2.6.13 Release Candidate 6

2.6.13

Linux Kernel 2.6.13 Release Candidate 7

2.6.13

Linux Kernel 2.6.13.1

2.6.13.1

Linux Kernel 2.6.13.2

2.6.13.2

Linux Kernel 2.6.13.3

2.6.13.3

Linux Kernel 2.6.13.4

2.6.13.4

Linux Kernel 2.6.13.5

2.6.13.5

Linux Kernel 2.6.14

2.6.14

Linux Kernel 2.6.14 Release Candidate 1

2.6.14

Linux Kernel 2.6.14 Release Candidate 2

2.6.14

Linux Kernel 2.6.14 Release Candidate 3

2.6.14

Linux Kernel 2.6.14 Release Candidate 4

2.6.14

Linux Kernel 2.6.14 Release Candidate 5

2.6.14

Linux Kernel 2.6.14.1

2.6.14.1

Linux Kernel 2.6.14.2

2.6.14.2

Linux Kernel 2.6.14.3

2.6.14.3

Linux Kernel 2.6.14.4

2.6.14.4

Linux Kernel 2.6.14.5

2.6.14.5

Linux Kernel 2.6.14.6

2.6.14.6

Linux Kernel 2.6.14.7

2.6.14.7

Linux Kernel 2.6.15

2.6.15

Linux Kernel 2.6.15 Release Candidate 1

2.6.15

Linux Kernel 2.6.15 Release Candidate 2

2.6.15

Linux Kernel 2.6.15 Release Candidate 3

2.6.15

Linux Kernel 2.6.15 Release Candidate 4

2.6.15

Linux Kernel 2.6.15 Release Candidate 5

2.6.15

Linux Kernel 2.6.15 Release Candidate 6

2.6.15

Linux Kernel 2.6.15 Release Candidate 7

2.6.15

Linux Kernel 2.6.15.1

2.6.15.1

Linux Kernel 2.6.15.2

2.6.15.2

Linux Kernel 2.6.15.3

2.6.15.3

Linux Kernel 2.6.15.4

2.6.15.4

Linux Kernel 2.6.15.5

2.6.15.5

Linux Kernel 2.6.15.6

2.6.15.6

Linux Kernel 2.6.15.7

2.6.15.7

Linux Kernel 2.6.16

2.6.16

Linux Kernel 2.6.16 Release Candidate 1

2.6.16

Linux Kernel 2.6.16 Release Candidate 2

2.6.16

Linux Kernel 2.6.16 Release Candidate 3

2.6.16

Linux Kernel 2.6.16 Release Candidate 4

2.6.16

Linux Kernel 2.6.16 Release Candidate 5

2.6.16

Linux Kernel 2.6.16 Release Candidate 6

2.6.16

Linux Kernel 2.6.16.1

2.6.16.1

Linux Kernel 2.6.16.2

2.6.16.2

Linux Kernel 2.6.16.3

2.6.16.3

Linux Kernel 2.6.16.4

2.6.16.4

Linux Kernel 2.6.16.5

2.6.16.5

Linux Kernel 2.6.16.6

2.6.16.6

Linux Kernel 2.6.16.7

2.6.16.7

Linux Kernel 2.6.16.8

2.6.16.8

Linux Kernel 2.6.16.9

2.6.16.9

Linux Kernel 2.6.16.10

2.6.16.10

Linux Kernel 2.6.16.11

2.6.16.11

Linux Kernel 2.6.16.12

2.6.16.12

Linux Kernel 2.6.16.13

2.6.16.13

Linux Kernel 2.6.16.14

2.6.16.14

Linux Kernel 2.6.16.15

2.6.16.15

Linux Kernel 2.6.16.16

2.6.16.16

Linux Kernel 2.6.16.17

2.6.16.17

Linux Kernel 2.6.16.18

2.6.16.18

Linux Kernel 2.6.16.19

2.6.16.19

Linux Kernel 2.6.16.20

2.6.16.20

Linux Kernel 2.6.16.21

2.6.16.21

Linux Kernel 2.6.16.22

2.6.16.22

Linux Kernel 2.6.16.23

2.6.16.23

Linux Kernel 2.6.16.24

2.6.16.24

Linux Kernel 2.6.16.25

2.6.16.25

Linux Kernel 2.6.16.26

2.6.16.26

Linux Kernel 2.6.16.27

2.6.16.27

Linux Kernel 2.6.16.28

2.6.16.28

Linux Kernel 2.6.16.29

2.6.16.29

Linux Kernel

References

[linux-kernel] 20061105 Linux 2.6.16.31-rc1

Patch

22731

Patch, Vendor Advisory

22762

Patch, Vendor Advisory

23384

Vendor Advisory

23474

Vendor Advisory

24098

Vendor Advisory

25691

Vendor Advisory

http://www.kernel.org/git/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-2.6.16.y.git&a=search&s=CVE-2006-4572

http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=0ddfcc96928145d6a6425fdd26dad6abfe7f891d

http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=6ac62be885810e1f8390f0c3b9d3ee451d3d3f19

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.31

MDKSA-2006:197

SUSE-SA:2006:079

20070615 rPSA-2007-0124-1 kernel xen

20955

USN-395-1

USN-416-1

ADV-2006-4386

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.