Ubuntu Security Notice (C) 2007-2013 Canonical, Inc. / NASL script (C) 2007-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
Philipp Richter discovered that the AppleTalk protocol handler did not
sufficiently verify the length of packets. By sending a crafted
AppleTalk packet, a remote attacker could exploit this to crash the
Gabriel Campana discovered that the do_ipv6_setsockopt() function did
not sufficiently verifiy option values for IPV6_RTHDR. A local
attacker could exploit this to trigger a kernel crash. (CVE-2007-1388)
A Denial of Service vulnerability was discovered in the
nfnetlink_log() netfilter function. A remote attacker could exploit
this to trigger a kernel crash. (CVE-2007-1496)
The connection tracking module for IPv6 did not properly handle the
status field when reassembling fragmented packets, so that the final
packet always had the 'established' state. A remote attacker could
exploit this to bypass intended firewall rules. (CVE-2007-1497)
Masayuki Nakagawa discovered an error in the flowlabel handling of
IPv6 network sockets. A local attacker could exploit this to crash the
The do_dccp_getsockopt() function did not sufficiently verify the
optlen argument. A local attacker could exploit this to read kernel
memory (which might expose sensitive data) or cause a kernel crash.
This only affects Ubuntu 7.04. (CVE-2007-1730)
The IPv4 and DECnet network protocol handlers incorrectly declared an
array variable so that it became smaller than intended. By sending
crafted packets over a netlink socket, a local attacker could exploit
this to crash the kernel. (CVE-2007-2172).
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 5.8
Public Exploit Available : false