UPWORK superadmin blog

Tips and Tricks for clients

IPTABLES: dangerous vulnerability (CVE-2014-2523) DCCP

without comments

Vulnerable section of code existed in Linux since version 2.6.26 (July 2008) to 3.13 inclusive. Despite the fact that the correction was made in early January 2014 (and included in Linux 3.14-RC1), the problem has been reported as a vulnerability only on Monday. The release of patches for popular distributions can be traced to the following pages: Fedora / RHEL, SuSE, Debian, Ubuntu.

iptables -t raw -I PREROUTING -p dccp -j NOTRACK
iptables -t raw -I OUTPUT -p dccp -j NOTRACK


blacklist dccp
blacklist nf_conntrack_dccp
blacklist xt_dccp 


find /lib/modules -iname \*dccp\* -delete 

Written by spectre

March 19th, 2014 at 8:48 pm

Posted in Tips and Tricks

Leave a Reply