CVE-2004-0816

HIGH

Linux Kernel < 2.6.8 - Denial of Service via Firewall Logging Integer Underflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0816. PoCs published by Richard Hart.

AI-analyzed exploit summary This PoC exploits an integer underflow vulnerability in the iptables logging rules of the Linux kernel 2.6 branch, allowing a remote attacker to crash the system by sending malformed TCP packets. The code constructs raw TCP packets with specific headers to trigger the vulnerability.

Description

Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Richard Hart · cdoslinux
https://www.exploit-db.com/exploits/24696

This PoC exploits an integer underflow vulnerability in the iptables logging rules of the Linux kernel 2.6 branch, allowing a remote attacker to crash the system by sending malformed TCP packets. The code constructs raw TCP packets with specific headers to trigger the vulnerability.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Linux kernel 2.6
No auth needed
Prerequisites: Network access to the target system · Ability to send raw TCP packets
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/11202/
Broken Link vendor-advisory x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2005:022
Broken Link vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2004_37_kernel.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17800
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/11488

Scores

CVSS v3 7.5
EPSS 0.1151
EPSS Percentile 95.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-191
Status published
Products (1)
linux/linux_kernel < 2.6.8
Published Dec 23, 2004
Tracked Since Feb 18, 2026