blob: 28d861c5746ea3d3ed0a1724f6a6f276431379f2 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
Candidate: CVE-2006-2271
References:
FULLDISC:20060508 [MU-200605-01] Multiple vulnerabilities in Linux SCTP 2.6.16
URL:http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0227.html
MISC:http://labs.musecurity.com/advisories/MU-200605-01.txt
CONFIRM:http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=35d63edb1c807bc5317e49592260e84637bc432e
FRSIRT:ADV-2006-1734
URL:http://www.frsirt.com/english/advisories/2006/1734
SECUNIA:19990
URL:http://secunia.com/advisories/19990
Description:
The ECNE chunk handling in Linux SCTP (lksctp) before 2.6.17 allows remote
attackers to cause a denial of service (kernel panic) via an unexpected chunk
when the session is in CLOSED state.
Notes:
dannf> Forwarded to Marcelo for 2.4 inclusion
Bugs:
upstream: released (2.6.16.15)
linux-2.6: released (2.6.16-13)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
2.4.17-woody-security: N/A
2.4.16-woody-security: N/A
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: N/A
|