CVE

Id
24854  
CVE No.
CVE-2007-1497  
Status
Candidate  
Description
nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments.  
Phase
Assigned (20070316)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
246232 24854 CVE-2007-1497 CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.3  View
246233 24854 CVE-2007-1497 DEBIAN:DSA-1289  View
246234 24854 CVE-2007-1497 URL:http://www.debian.org/security/2007/dsa-1289  View
246235 24854 CVE-2007-1497 MANDRIVA:MDKSA-2007:171  View
246236 24854 CVE-2007-1497 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:171  View
246237 24854 CVE-2007-1497 MANDRIVA:MDKSA-2007:196  View
246238 24854 CVE-2007-1497 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:196  View
246239 24854 CVE-2007-1497 REDHAT:RHSA-2007:0347  View
246240 24854 CVE-2007-1497 URL:http://www.redhat.com/support/errata/RHSA-2007-0347.html  View
246241 24854 CVE-2007-1497 SUSE:SUSE-SA:2007:043  View
246242 24854 CVE-2007-1497 URL:http://www.novell.com/linux/security/advisories/2007_43_kernel.html  View
246243 24854 CVE-2007-1497 UBUNTU:USN-464-1  View
246244 24854 CVE-2007-1497 URL:http://www.ubuntu.com/usn/usn-464-1  View
246245 24854 CVE-2007-1497 BID:23976  View
246246 24854 CVE-2007-1497 URL:http://www.securityfocus.com/bid/23976  View
246247 24854 CVE-2007-1497 OVAL:oval:org.mitre.oval:def:10457  View
246248 24854 CVE-2007-1497 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10457  View
246249 24854 CVE-2007-1497 VUPEN:ADV-2007-0944  View
246250 24854 CVE-2007-1497 URL:http://www.vupen.com/english/advisories/2007/0944  View
246251 24854 CVE-2007-1497 OSVDB:33028  View
246252 24854 CVE-2007-1497 URL:http://www.osvdb.org/33028  View
246253 24854 CVE-2007-1497 SECUNIA:24492  View
246254 24854 CVE-2007-1497 URL:http://secunia.com/advisories/24492  View
246255 24854 CVE-2007-1497 SECUNIA:25228  View
246256 24854 CVE-2007-1497 URL:http://secunia.com/advisories/25228  View
246257 24854 CVE-2007-1497 SECUNIA:25288  View
246258 24854 CVE-2007-1497 URL:http://secunia.com/advisories/25288  View
246259 24854 CVE-2007-1497 SECUNIA:25392  View
246260 24854 CVE-2007-1497 URL:http://secunia.com/advisories/25392  View
246261 24854 CVE-2007-1497 SECUNIA:25961  View
246262 24854 CVE-2007-1497 URL:http://secunia.com/advisories/25961  View
246263 24854 CVE-2007-1497 SECUNIA:26620  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
51782 JVNDB-2007-000445 Microsoft Internet Explorer のナビゲーションキャンセルにおけるクロスサイトスクリプティングの脆弱性 Microsoft Internet Explorer には、ナビゲーションキャンセル (navcancl.htm) ページへのクロスサイトスクリプティングの脆弱性が存在します。この問題は、ナビゲーションキャンセルの「更新」リンクにて、任意のスクリプトを挿入可能であることに起因します。 CVE-2007-1499 24854 4.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000445.html  View