Candidate: CVE-2003-0244 References: VULNWATCH:20030517 Algorithmic Complexity Attacks and the Linux Networking Code URL:http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0073.html MISC:http://www.enyo.de/fw/security/notes/linux-dst-cache-dos.html MISC:http://marc.theaimsgroup.com/?l=linux-kernel&m=104956079213417 REDHAT:RHSA-2003:145 URL:http://www.redhat.com/support/errata/RHSA-2003-145.html REDHAT:RHSA-2003:147 URL:http://www.redhat.com/support/errata/RHSA-2003-147.html REDHAT:RHSA-2003:172 URL:http://www.redhat.com/support/errata/RHSA-2003-172.html ENGARDE:ESA-20030515-017 URL:http://marc.theaimsgroup.com/?l=bugtraq&m=105301461726555&w=2 DEBIAN:DSA-311 URL:http://www.debian.org/security/2003/dsa-311 DEBIAN:DSA-312 URL:http://www.debian.org/security/2003/dsa-312 DEBIAN:DSA-332 URL:http://www.debian.org/security/2003/dsa-332 DEBIAN:DSA-336 URL:http://www.debian.org/security/2003/dsa-336 DEBIAN:DSA-442 URL:http://www.debian.org/security/2004/dsa-442 MANDRAKE:MDKSA-2003:066 URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:066 MANDRAKE:MDKSA-2003:074 URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:074 BUGTRAQ:20030618 [slackware-security] 2.4.21 kernels available (SSA:2003-168-01) URL:http://marc.theaimsgroup.com/?l=bugtraq&m=105595901923063&w=2 OVAL:OVAL261 URL:http://oval.mitre.org/oval/definitions/data/oval261.html Description: The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions. Notes: Bugs: upstream: released (2.4.21-rc2) linux-2.6: N/A 2.6.8-sarge-security: N/A 2.4.27-sarge-security: N/A 2.4.19-woody-security: released 2.4.18-woody-security: released (2.4.18-8) 2.4.17-woody-security: released (2.4.17-1woody1) 2.4.16-woody-security: released (2.4.16-1woody3) 2.4.17-woody-security-hppa: released (32.5) 2.4.17-woody-security-ia64: released (011226.14.1) 2.4.18-woody-security-hppa: released (62.4)