>> Linux Kernel ICMP Error Handling Remote Denial of Service Vulnerability
Title : Linux Kernel ICMP Error Handling Remote Denial of Service Vulnerability VUPEN ID : VUPEN/ADV-2006-0464 CVE ID : CVE-2006-0454
Rated as : Moderate Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2006-02-08
Technical Description
A vulnerability has been identified in Linux Kernel, which could be exploited by remote attackers to cause a denial of service. This flaw is due to an error in the "ip_options_echo()" [net/ipv4/icmp.c] function when constructing an ICMP response, which could be exploited by remote attackers to cause a denial of service by sending specially crafted ICMP packets containing record-route or timestamp IP options to a vulnerable system.
