[kernel-sec-discuss] r696 - active
Martin Pitt
mpitt at alioth.debian.org
Tue Jan 16 12:29:38 CET 2007
Author: mpitt
Date: 2007-01-16 12:29:37 +0100 (Tue, 16 Jan 2007)
New Revision: 696
Modified:
active/CVE-2006-5749
Log:
CVE-2006-5749 is remotely exploitable
Modified: active/CVE-2006-5749
===================================================================
--- active/CVE-2006-5749 2007-01-16 11:29:04 UTC (rev 695)
+++ active/CVE-2006-5749 2007-01-16 11:29:37 UTC (rev 696)
@@ -9,8 +9,8 @@
crash.
Ubuntu-Description:
Al Viro reported that the ISDN PPP module did not initialize the
- reset state timer. A local attacker could exploit this to crash the
- kernel.
+ reset state timer. By sending specially crafted ISDN packets, a
+ remote attacker could exploit this to crash the kernel.
Notes:
Bugs:
upstream: released (2.6.20-rc5)
More information about the kernel-sec-discuss
mailing list