Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 415
Alerts This Week
Warning Icon 1 415

Red Hat: RHSA-2002:086-05 Moderate: Iptables Information Leak Exploit

red hat
Calendar Grey May 9, 2002
Dist Redhat Esm H88
The Netfilter system on CentOS can potentially leak confidential information. Advisory Reference: RHSA-2002:086-08 includes suggested measures to reduce vulnerability.
This bug only affects users using the Network Address Translationfeatures of firewalls built with netfilter ("iptables")

Solution

Unfortunately, this problem currently has no clean fix, but while a clean fix is being worked on, there is a sufficient workaround:

Filter out untracked local icmp packets using the following command: iptables -A OUTPUT -m state -p icmp --state INVALID -j DROP

5. Bug IDs fixed ( for more info):



6. RPMs required:



7. Verification:

MD5 sum Package Name


These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: About

You can verify each package with the following command: rpm --checksig

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

Summary

References

CARTSA-20020402 ( ) Thanks to Philippe Biondi <biondi@cartel-securite.fr> Copyright(c) 2000, 2001, 2002 Red Hat, Inc. `

Package List


Advisory ID: RHSA-2002:086-05
Issue date: 2002-05-08
Updated on: 2002-05-09
Product: Red Hat Linux
Keywords: netfilter iptables icmp nat
Cross references:
Obsoletes:

Topic

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.