Red Hat Errata System 5.3 2008-01-23T07:17:53 Red Hat Enterprise Linux 3 The iproute package contains advanced IP routing and network device configuration tools. Herbert Xu reported that iproute can accept spoofed messages sent on the kernel netlink interface by other users on the local machine. This could lead to a local denial of service attack. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0856 to this issue. Users of iproute should upgrade to these erratum packages, which contain a patch that checks that netlink messages actually came from the kernel. Low Copyright 2003 Red Hat, Inc. CVE-2003-0856 cpe://redhat:enterprise_linux:3