thr3ads.net - Shorewall users - Heads up: iptables remote vulnerability for kernel 2.6 [Jul 2004]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Corrado

2004-Jul-02 05:36 UTC

Heads up: iptables remote vulnerability for kernel 2.6

Hi all,

I''ve just come across this new vulnerabilty for 2.6 kernels:

 http://lwn.net/Articles/91914/

I''m wondering whether a 2.6-based shorewall firewall may be affected;
my
guess is YES.

Corrado

Tom Eastep

2004-Jul-02 13:41 UTC

head link

Re: Heads up: iptables remote vulnerability for kernel 2.6

Corrado wrote:> Hi all,
> 
> I''ve just come across this new vulnerabilty for 2.6 kernels:
> 
>  http://lwn.net/Articles/91914/
> 
> I''m wondering whether a 2.6-based shorewall firewall may be
affected; my
> guess is YES.
> 
The answer is NO -- Shorewall doesn''t use tcp option checking.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net

Shorewall users - Jul 2004 - Heads up: iptables remote vulnerability for kernel 2.6

Heads up: iptables remote vulnerability for kernel 2.6

Re: Heads up: iptables remote vulnerability for kernel 2.6