Does the ICMP Based TCP Reset Denial of Service Vulnerability fixed in RHEL 6 ?
Environment
- Red Hat Enterprise Linux 2.1, 3, 5, 6
- kernel
Issue
- CVE database doesn't has no entry about related
CVEi:eCVE-2005-0068. - Is it fixed in RHEL5 and/or RHEL6 ?
Resolution
- The entry in Red Hat CVE database for this issue is under
CVE-2004-0791. CVE-2004-0791,CVE-2004-0790, andCVE-2004-1060have been SPLIT based on different attacks;CVE-2005-0065,CVE-2005-0066,CVE-2005-0067, andCVE-2005-0068are related identifiers that are SPLIT based on the underlying vulnerability.CVE-2004-0791is related about RHEL2.1 and 3. Refer CVE-2004-0791 for more information.- So neither RHEL5 nor RHEL6 are affected by the said vulnerability.
Root Cause
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0790
- Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack."
- NOTE:
CVE-2004-0790,CVE-2004-0791, andCVE-2004-1060have been SPLIT based on different attacks;CVE-2005-0065,CVE-2005-0066,CVE-2005-0067, andCVE-2005-0068are related identifiers that are SPLIT based on the underlying vulnerability. WhileCVEnormally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments