CVE-2007-1497 - Vulnerability Details - OpenCVE

nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel
Redhat	Enterprise Linux

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 5
kernel-0:2.6.18-8.1.4.el5	cpe:/o:redhat:enterprise_linux:5	RHSA-2007:0347	2007-05-16T00:00:00Z

References

Link	Providers
http://secunia.com/advisories/24492
http://secunia.com/advisories/25228
http://secunia.com/advisories/25288
http://secunia.com/advisories/25392
http://secunia.com/advisories/25961
http://secunia.com/advisories/26620
http://www.debian.org/security/2007/dsa-1289
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.3
http://www.mandriva.com/security/advisories?name=MDKSA-2007:171
http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
http://www.novell.com/linux/security/advisories/2007_43_kernel.html
http://www.osvdb.org/33028
http://www.redhat.com/support/errata/RHSA-2007-0347.html
http://www.securityfocus.com/bid/23976
http://www.ubuntu.com/usn/usn-464-1
http://www.vupen.com/english/advisories/2007/0944
https://nvd.nist.gov/vuln/detail/CVE-2007-1497
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10457
https://www.cve.org/CVERecord?id=CVE-2007-1497

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-03-16T22:00:00

Updated: 2024-08-07T12:59:08.540Z

Reserved: 2007-03-16T00:00:00

Link: CVE-2007-1497

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-03-16T22:19:00.000

Modified: 2024-11-21T00:28:27.553

Link: CVE-2007-1497

Redhat

Severity : Moderate

Publid Date: 2007-03-07T00:00:00Z

Links: CVE-2007-1497 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-03-14T00:00:00", "descriptions": [{"lang": "en", "value": "nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "oval:org.mitre.oval:def:10457", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10457"}, {"name": "RHSA-2007:0347", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0347.html"}, {"name": "USN-464-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-464-1"}, {"name": "SUSE-SA:2007:043", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.3"}, {"name": "MDKSA-2007:171", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"}, {"name": "ADV-2007-0944", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0944"}, {"name": "DSA-1289", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1289"}, {"name": "25288", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25288"}, {"name": "26620", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26620"}, {"name": "25228", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25228"}, {"name": "MDKSA-2007:196", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"}, {"name": "25961", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25961"}, {"name": "24492", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24492"}, {"name": "25392", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25392"}, {"name": "33028", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/33028"}, {"name": "23976", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23976"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1497", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "oval:org.mitre.oval:def:10457", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10457"}, {"name": "RHSA-2007:0347", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0347.html"}, {"name": "USN-464-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-464-1"}, {"name": "SUSE-SA:2007:043", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html"}, {"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.3", "refsource": "CONFIRM", "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.3"}, {"name": "MDKSA-2007:171", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"}, {"name": "ADV-2007-0944", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0944"}, {"name": "DSA-1289", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1289"}, {"name": "25288", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25288"}, {"name": "26620", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26620"}, {"name": "25228", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25228"}, {"name": "MDKSA-2007:196", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"}, {"name": "25961", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25961"}, {"name": "24492", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24492"}, {"name": "25392", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25392"}, {"name": "33028", "refsource": "OSVDB", "url": "http://www.osvdb.org/33028"}, {"name": "23976", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23976"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:59:08.540Z"}, "title": "CVE Program Container", "references": [{"name": "oval:org.mitre.oval:def:10457", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10457"}, {"name": "RHSA-2007:0347", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0347.html"}, {"name": "USN-464-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-464-1"}, {"name": "SUSE-SA:2007:043", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.3"}, {"name": "MDKSA-2007:171", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"}, {"name": "ADV-2007-0944", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0944"}, {"name": "DSA-1289", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2007/dsa-1289"}, {"name": "25288", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25288"}, {"name": "26620", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26620"}, {"name": "25228", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25228"}, {"name": "MDKSA-2007:196", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"}, {"name": "25961", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25961"}, {"name": "24492", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24492"}, {"name": "25392", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25392"}, {"name": "33028", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/33028"}, {"name": "23976", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23976"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1497", "datePublished": "2007-03-16T22:00:00", "dateReserved": "2007-03-16T00:00:00", "dateUpdated": "2024-08-07T12:59:08.540Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C23C3FF-1016-4A18-8747-832F91EDB572", "versionEndIncluding": "2.6.20.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments."}, {"lang": "es", "value": "nf_conntrack en netfilter en el kernel de Linux anterior a 2.6.20.3 no fija nfctinfo durante el nuevo re-ensamble de paquetes fragmentados, lo cual deja el valor por defecto como IP_CT_ESTABLISHED y permitir\u00eda a atacantes remotos evitar ciertas reglas de asignaci\u00f3n utilizando fragmentos IPv6."}], "id": "CVE-2007-1497", "lastModified": "2024-11-21T00:28:27.553", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-03-16T22:19:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/24492"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25228"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25288"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25392"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25961"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/26620"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2007/dsa-1289"}, {"source": "cve@mitre.org", "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.3"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"}, {"source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/33028"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2007-0347.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/23976"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-464-1"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/0944"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10457"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/24492"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25228"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25288"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25392"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25961"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26620"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2007/dsa-1289"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:171"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/33028"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-0347.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/23976"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-464-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/0944"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10457"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}