Main Vulnerability Database Vulnerabilities #VU95667

Improper input validation in Linux kernel - CVE-2001-1572

Published: December 31, 2001 / Updated: September 5, 2008

Vulnerability identifier: #VU95667

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2001-1572

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Linux Foundation

Affected software:
Linux kernel

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.

How to mitigate CVE-2001-1572

Install update from vendor's repository.

Sources

http://archives.neohapsis.com/archives/bugtraq/2001-10/0057.html
http://www.iss.net/security_center/static/7267.php
http://www.securityfocus.com/bid/3418

Improper input validation in Linux kernel - CVE-2001-1572

Detailed vulnerability description

How to mitigate CVE-2001-1572

Sources

Please verify you're human