High Nessus Plugin ID 15528
SynopsisThe remote host is missing a vendor-supplied security patch
DescriptionThe remote host is missing the patch for the advisory SUSE-SA:2004:037 (kernel).
An integer underflow problem in the iptables firewall logging rules can allow a remote attacker to crash the machine by using a handcrafted IP packet. This attack is only possible with firewalling enabled.
We would like to thank Richard Hart for reporting the problem.
This problem has already been fixed in the 2.6.8 upstream Linux kernel, this update contains a backport of the fix.
Products running a 2.4 kernel are not affected.
Mitre has assigned the CVE ID CVE-2004-0816 for this problem.
Additionaly Martin Schwidefsky of IBM found an incorrectly handled privileged instruction which can lead to a local user gaining root user privileges.
This only affects the SUSE Linux Enterprise Server 9 on the S/390 platform and has been assigned CVE ID CVE-2004-0887.
Additionaly the following non-security bugs were fixed:
- Two CD burning problems.
- USB 2.0 stability problems under high load on SMP systems.
- Several SUSE Linux Enterprise Server issues.
(see the Maintenance Information Mail for more informations).