I have created a patch which enables the RT extension. This patch is a
one line change, and can be added by anyone.

This does need to get applied to both Ubuntu 6.10 and 7.04.

This is a security problem, and machines without this patch and without the 
latest kernel version are vulnerable to DoS attacks, and to being a relay of a 
DoS attack. 
Machines without this patch are also totally vulnerable to a particular type of 
rule bypass attack, where malicious hosts can send packets to hosts that are 
supposedly protected behind firewalls [1].

[1] http://www.ietf.org/internet-drafts/draft-ietf-v6ops-security-
overview-06.txt


** Attachment added: "Fixes the problem"
   http://launchpadlibrarian.net/8297516/iptables-add-rt-match.patch

-- 
ip6tables is missing libip6t_rt.so to filter the IPv6 RH0 exploit
https://bugs.launchpad.net/bugs/114184
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to