CVE-2006-4572

CVE-2006-4572 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows remote attackers to (1) bypass a rule that disallows a protocol, via a packet with the protocol header not located immediately after the fragment header, aka "ip6_tables protocol bypass bug;" and (2) bypass a rule that looks for a certain extension header, via a packet with an extension header outside the first fragment, aka "ip6_tables extension header bypass bug."

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.