Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Flaw weakens Linux security software

From: InfoSec News <isn () c4i org>
Date: Fri, 1 Mar 2002 04:07:43 -0600 (CST)
http://news.com.com/2100-1001-848467.html

By Stephen Shankland 
Staff Writer, CNET News.com
February 28, 2002, 5:30 PM PT

Programmers have found a vulnerability in Linux that could allow
protective firewall software to grant malicious computer users access
to protected networks.

The flaw, which affects versions 2.4.14 through 2.4.18-pre9 of the
Linux kernel, is in a component of the Netfilter firewall software.  
The component is involved when two computer users chat directly with
each other using the Internet Relay Chat (IRC) system.

Information sent across the Internet is broken up into tiny "packets,"  
each with "from" and "to" addresses, indicating who's sent the
information and where it's intended to go. So-called firewall software
transmits or screens out these packets based on the address of the
sender.

Netfilter, among the new aspects of the 2.4 version of the Linux
kernel, is software that runs within the kernel to filter out unwanted
packets. But its IRC helper component configures firewall settings too
broadly, potentially allowing communication from IP (Internet
Protocol) addresses that should be blocked.

Programmers working on the Netfilter firewall software project
reported the problem Monday.

Versions 7.1 and 7.2 of leading Linux seller Red Hat's product are
vulnerable. The Durham, N.C.-based company issued a patch Thursday
that corrects the problem. The flawed software isn't installed by
default on the Red Hat versions, the company said, but some users may
have added it.

Security is a nagging concern for the computer industry, which must
juggle new features with the risk that they open up new problems.  
While the firewall problem the Netfilter programmers discovered is
limited to a few versions of Linux, a more serious problem emerged
earlier this month affecting numerous operating systems using standard
network management software.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: