CVE-2006-1242 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-1242
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-1242

Description: The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks.

CVE Status: Candidate

References: UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-281-1 SUSE http://www.novell.com/linux/security/advisories/2006-05-31.html SAID Secunia Advisory: SA19402 Secunia Advisory: SA19955 Secunia Advisory: SA20157 Secunia Advisory: SA20671 Secunia Advisory: SA20914 Secunia Advisory: SA21136 Secunia Advisory: SA21465 Secunia Advisory: SA20398 Secunia Advisory: SA21983 Secunia Advisory: SA22417 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0575.html http://www.redhat.com/support/errata/RHSA-2006-0437.html MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:086 DEBIAN http://www.debian.org/security/2006/dsa-1103 http://www.debian.org/security/2006/dsa-1097 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.1 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/428605/30/6210/threaded http://www.securityfocus.com/archive/1/archive/1/427893/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/427753/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/427622/100/0/threaded BID 17109

Return to the previous page.