Home > Vulnerability Database > CVE-2006-4572

Mend.io Vulnerability Database

CVE-2006-4572

Date: November 6, 2006

ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows remote attackers to (1) bypass a rule that disallows a protocol, via a packet with the protocol header not located immediately after the fragment header, aka "ip6_tables protocol bypass bug;" and (2) bypass a rule that looks for a certain extension header, via a packet with an extension header outside the first fragment, aka "ip6_tables extension header bypass bug."

Severity Score

7.3

Related Resources (21)

Url: http://www.novell.com/linux/security/advisories/2006_79_kernel.html

Url: http://www.kernel.org/git/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-2.6.16.y.git&a=search&s=CVE-2006-4572

Url: http://www.vupen.com/english/advisories/2006/4386

Url: http://secunia.com/advisories/25691

Url: http://www.securityfocus.com/bid/20955

Url: http://www.ubuntu.com/usn/usn-395-1

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-4572

Url: http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git%3Ba=commit%3Bh=0ddfcc96928145d6a6425fdd26dad6abfe7f891d

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-4572

Url: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.31

Url: http://secunia.com/advisories/22731

Url: http://www.securityfocus.com/archive/1/471457

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:197

Url: http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git%3Ba=commit%3Bh=6ac62be885810e1f8390f0c3b9d3ee451d3d3f19

Url: http://secunia.com/advisories/24098

Url: http://secunia.com/advisories/23384

Url: http://readlist.com/lists/vger.kernel.org/linux-kernel/55/275979.html

Url: http://secunia.com/advisories/23474

Url: http://www.ubuntu.com/usn/usn-416-1

Url: http://secunia.com/advisories/22762

Url: https://www.mend.io/vulnerability-database/CVE-2006-4572

Severity Score

7.3

Weakness Type (CWE)

Permissions, Privileges, and Access Control

CWE-264

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	7.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2006-4572

Date: November 6, 2006

Severity Score

Related Resources (21)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?