5

CVE-2006-2934

SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference a pointer.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version2.6.16
LinuxLinux Kernel Version2.6.16.1
LinuxLinux Kernel Version2.6.16.2
LinuxLinux Kernel Version2.6.16.10
LinuxLinux Kernel Version2.6.16.11
LinuxLinux Kernel Version2.6.16.12
LinuxLinux Kernel Version2.6.16.13
LinuxLinux Kernel Version2.6.16.14
LinuxLinux Kernel Version2.6.16.15
LinuxLinux Kernel Version2.6.16.16
LinuxLinux Kernel Version2.6.16.17
LinuxLinux Kernel Version2.6.16.18
LinuxLinux Kernel Version2.6.16.19
LinuxLinux Kernel Version2.6.16.20
LinuxLinux Kernel Version2.6.16.21
LinuxLinux Kernel Version2.6.16.22
LinuxLinux Kernel Version2.6.17
LinuxLinux Kernel Version2.6.17.1
LinuxLinux Kernel Version2.6.17.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.1% 0.913
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/21465
Vendor Advisory
http://secunia.com/advisories/22417
Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
http://www.redhat.com/support/errata/RHSA-2006-0575.html
http://secunia.com/advisories/21614
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:151
http://secunia.com/advisories/21179
Vendor Advisory
http://secunia.com/advisories/21498
Vendor Advisory
http://www.novell.com/linux/security/advisories/2006_42_kernel.html
http://www.novell.com/linux/security/advisories/2006_47_kernel.html
http://secunia.com/advisories/20917
Vendor Advisory
http://secunia.com/advisories/20986
Vendor Advisory
http://secunia.com/advisories/21298
Vendor Advisory
http://secunia.com/advisories/21934
Vendor Advisory
http://www.kb.cert.org/vuls/id/717844
US Government Resource
http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.17.y.git%3Ba=commit%3Bh=9c48e1ea8cf8800cc5e2d39ccbb8b5ff9704f8e9
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.23
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.3
http://www.osvdb.org/26963
http://www.securityfocus.com/archive/1/439483/100/100/threaded
http://www.securityfocus.com/archive/1/439610/100/100/threaded
http://www.securityfocus.com/bid/18755
http://www.ubuntu.com/usn/usn-331-1
http://www.ubuntu.com/usn/usn-346-1
http://www.vupen.com/english/advisories/2006/2623
Vendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197387
Patch
https://issues.rpath.com/browse/RPL-488
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10932