Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2004:037: kernel Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the kernel package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2004:037 (kernel).
An integer underflow problem in the iptables firewall logging rules
can allow a remote attacker to crash the machine by using a handcrafted
IP packet. This attack is only possible with firewalling enabled.
We would like to thank Richard Hart for reporting the problem.
This problem has already been fixed in the 2.6.8 upstream Linux kernel,
this update contains a backport of the fix.
Products running a 2.4 kernel are not affected.
Mitre has assigned the CVE ID CVE-2004-0816 for this problem.
Additionaly Martin Schwidefsky of IBM found an incorrectly handled
privileged instruction which can lead to a local user gaining
root user rights.
This only affects the SUSE Linux Enterprise Server 9 on the S/390
platform and has been assigned CVE ID CVE-2004-0887.
Additionaly the following non-security bugs were fixed:
- Two CD burning problems.
- USB 2.0 stability problems under high load on SMP systems.
- Several SUSE Linux Enterprise Server issues.
(see the Maintenance Information Mail for more informations).
Solution : http://www.suse.de/security/2004_37_kernel.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.