Think you have a false positive on this rule?

Sid 1-46

Summary:

    DECODE_TCP_INVALID_OFFSET

Impact:

    Confidentiality Impact: NONE Integrity Impact: NONE Availability Impact: PARTIAL

Detailed Information:

    Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.

Affected Systems:

    linux linux kernel 2.6.3
    linux linux kernel 2.6.2
    linux linux kernel 2.6.1
    linux linux kernel 2.6.0
    linux linux kernel 2.6.7
    linux linux kernel 2.6.6
    linux linux kernel 2.6 test9 cvs
    suse suse linux 9.1
    linux linux kernel 2.6.0 test3
    linux linux kernel 2.6.0 test2
    linux linux kernel 2.6.0 test5
    linux linux kernel 2.6.0 test4
    linux linux kernel 2.6.0 test7
    linux linux kernel 2.6.0 test6
    linux linux kernel 2.6.0 test9
    linux linux kernel 2.6.0 test8
    linux linux kernel 2.6.0 test11
    linux linux kernel 2.6.0 test10
    linux linux kernel 2.6.5
    linux linux kernel 2.6.4
    linux linux kernel 2.6.1 rc2
    linux linux kernel 2.6.1 rc1
    linux linux kernel 2.6.6 rc1
    linux linux kernel 2.6.8 rc3
    linux linux kernel 2.6.8 rc2
    linux linux kernel 2.6.8 rc1
    linux linux kernel 2.6.0 test1
    linux linux kernel 2.6.7 rc1

Attack Scenarios:

    No data available

False Positives:

    None known

False Negatives:

    None known

Corrective Action:

    Upgrade to the latest non-affected version
    Apply vendor-provided patches

Contributors:

    No data available

Additional References: