CVE-2007-6282 - Configuration vulnerability in Redhat Enterprise Linux and Enterprise Linux Desktop

Publication

2008-05-08

Last modification

2017-09-29

Summary

The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.

Description

The Linux Kernel is prone to a remote denial-of-service vulnerability.An attacker can exploit this issue to crash the affected computer, denying service to legitimate users.NOTE: This issue occurs on computers that have NetScreen firewalls or Cisco PIX installed.

Solution

Updates are available. Please see the references for more information. Debian Linux 4.0 mips Debian linux-doc-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6 .18_2.6.18.dfsg.1-22etch2_all.deb Debian linux-headers-2.6.18-6-all-mips_2.6.18.dfsg.1-22etch2_mips.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6-all-mips_2.6.18.dfsg.1-22etch2_mips.deb Debian linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_mips.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6-all_2.6.18.dfsg.1-22etch2_mips.deb Debian linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-22etch2_mips.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6-qemu_2.6.18.dfsg.1-22etch2_mips.deb Debian linux-headers-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-22etch2_mips.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6-r4k-ip22_2.6.18.dfsg.1-22etch2_mips.deb Debian linux-headers-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-22etch2_mips.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6-r5k-ip32_2.6.18.dfsg.1-22etch2_mips.deb Debian linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-22etch2_mips.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-22etch2_mips.deb Debian linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-22etch2_mips.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-22etch2_mips.deb Debian linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_mips.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6_2.6.18.dfsg.1-22etch2_mips.deb Debian linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-22etch2_mips.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2 .6.18-6-qemu_2.6.18.dfsg.1-22etch2_mips.deb Debian linux-image-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-22etch2_mips.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2 .6.18-6-r4k-ip22_2.6.18.dfsg.1-22etch2_mips.deb Debian linux-image-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-22etch2_mips.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2 .6.18-6-r5k-ip32_2.6.18.dfsg.1-22etch2_mips.deb Debian linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-22etch2_mips.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2 .6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-22etch2_mips.deb Debian linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-22etch2_mips.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2 .6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-22etch2_mips.deb Debian linux-manual-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual- 2.6.18_2.6.18.dfsg.1-22etch2_all.deb Debian linux-patch-debian-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-d ebian-2.6.18_2.6.18.dfsg.1-22etch2_all.deb Debian linux-source-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source- 2.6.18_2.6.18.dfsg.1-22etch2_all.deb Debian linux-support-2.6.18-6_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support -2.6.18-6_2.6.18.dfsg.1-22etch2_all.deb Debian linux-tree-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2. 6.18_2.6.18.dfsg.1-22etch2_all.deb Debian Linux 4.0 arm Debian linux-doc-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6 .18_2.6.18.dfsg.1-22etch2_all.deb Debian linux-headers-2.6.18-6-all-arm_2.6.18.dfsg.1-22etch2_arm.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6-all-arm_2.6.18.dfsg.1-22etch2_arm.deb Debian linux-headers-2.6.18-6-all_2.6.18.dfsg.1-22etch2_arm.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6-all_2.6.18.dfsg.1-22etch2_arm.deb Debian linux-headers-2.6.18-6-footbridge_2.6.18.dfsg.1-22etch2_arm.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6-footbridge_2.6.18.dfsg.1-22etch2_arm.deb Debian linux-headers-2.6.18-6-iop32x_2.6.18.dfsg.1-22etch2_arm.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6-iop32x_2.6.18.dfsg.1-22etch2_arm.deb Debian linux-headers-2.6.18-6-ixp4xx_2.6.18.dfsg.1-22etch2_arm.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6-ixp4xx_2.6.18.dfsg.1-22etch2_arm.deb Debian linux-headers-2.6.18-6-rpc_2.6.18.dfsg.1-22etch2_arm.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6-rpc_2.6.18.dfsg.1-22etch2_arm.deb Debian linux-headers-2.6.18-6-s3c2410_2.6.18.dfsg.1-22etch2_arm.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6-s3c2410_2.6.18.dfsg.1-22etch2_arm.deb Debian linux-headers-2.6.18-6_2.6.18.dfsg.1-22etch2_arm.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers -2.6.18-6_2.6.18.dfsg.1-22etch2_arm.deb Debian linux-image-2.6.18-6-footbridge_2.6.18.dfsg.1-22etch2_arm.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2 .6.18-6-footbridge_2.6.18.dfsg.1-22etch2_arm.deb Debian linux-image-2.6.18-6-iop32x_2.6.18.dfsg.1-22etch2_arm.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2 .6.18-6-iop32x_2.6.18.dfsg.1-22etch2_arm.deb Debian linux-image-2.6.18-6-ixp4xx_2.6.18.dfsg.1-22etch2_arm.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2 .6.18-6-ixp4xx_2.6.18.dfsg.1-22etch2_arm.deb Debian linux-image-2.6.18-6-rpc_2.6.18.dfsg.1-22etch2_arm.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2 .6.18-6-rpc_2.6.18.dfsg.1-22etch2_arm.deb Debian linux-image-2.6.18-6-s3c2410_2.6.18.dfsg.1-22etch2_arm.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2 .6.18-6-s3c2410_2.6.18.dfsg.1-22etch2_arm.deb Debian linux-manual-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual- 2.6.18_2.6.18.dfsg.1-22etch2_all.deb Debian linux-patch-debian-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-d ebian-2.6.18_2.6.18.dfsg.1-22etch2_all.deb Debian linux-source-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source- 2.6.18_2.6.18.dfsg.1-22etch2_all.deb Debian linux-support-2.6.18-6_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support -2.6.18-6_2.6.18.dfsg.1-22etch2_all.deb Debian linux-tree-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2. 6.18_2.6.18.dfsg.1-22etch2_all.deb Debian Linux 4.0 m68k Debian linux-doc-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6 .18_2.6.18.dfsg.1-22etch2_all.deb Debian linux-manual-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual- 2.6.18_2.6.18.dfsg.1-22etch2_all.deb Debian linux-patch-debian-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-d ebian-2.6.18_2.6.18.dfsg.1-22etch2_all.deb Debian linux-source-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source- 2.6.18_2.6.18.dfsg.1-22etch2_all.deb Debian linux-support-2.6.18-6_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support -2.6.18-6_2.6.18.dfsg.1-22etch2_all.deb Debian linux-tree-2.6.18_2.6.18.dfsg.1-22etch2_all.deb http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2. 6.18_2.6.18.dfsg.1-22etch2_all.deb

Exploit

To exploit this issue, attackers use readily available packet generators.

Classification

CWE-16 - Configuration

Risk level (CVSS AV:N/AC:M/Au:N/C:N/I:N/A:C)

High

7.1

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

OVAL definition

{
    "accepted": "2013-04-29T04:06:37.165-04:00",
    "class": "vulnerability",
    "contributors": [
        {
            "name": "Aharon Chernin",
            "organization": "SCAP.com, LLC"
        },
        {
            "name": "Dragos Prisaca",
            "organization": "G2, Inc."
        }
    ],
    "definition_extensions": [
        {
            "comment": "The operating system installed on the system is Red Hat Enterprise Linux 4",
            "oval": "oval:org.mitre.oval:def:11831"
        },
        {
            "comment": "CentOS Linux 4.x",
            "oval": "oval:org.mitre.oval:def:16636"
        },
        {
            "comment": "Oracle Linux 4.x",
            "oval": "oval:org.mitre.oval:def:15990"
        },
        {
            "comment": "The operating system installed on the system is Red Hat Enterprise Linux 5",
            "oval": "oval:org.mitre.oval:def:11414"
        },
        {
            "comment": "The operating system installed on the system is CentOS Linux 5.x",
            "oval": "oval:org.mitre.oval:def:15802"
        },
        {
            "comment": "Oracle Linux 5.x",
            "oval": "oval:org.mitre.oval:def:15459"
        }
    ],
    "description": "The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.",
    "family": "unix",
    "id": "oval:org.mitre.oval:def:10549",
    "status": "accepted",
    "submitted": "2010-07-09T03:56:16-04:00",
    "title": "The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.",
    "version": "24"
}

Affected Products