CVE-2006-1624

Published: 5 April 2006

The default configuration of syslogd in the Linux sysklogd package does not enable the -x (disable name lookups) option, which allows remote attackers to cause a denial of service (traffic amplification) via messages with spoofed source IP addresses.

Priority

Status

Package	Release	Status
sysklogd Launchpad, Ubuntu, Debian	dapper	Not vulnerable (network listening disabled by default)
	edgy	Not vulnerable (network listening disabled by default)
	feisty	Not vulnerable (network listening disabled by default)
	upstream	Needs triage
	gutsy	Not vulnerable (network listening disabled by default)

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1624
NVD
Launchpad
Debian

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›