[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195549

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-2876Date: (C)2007-06-11   (M)2023-12-22


The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.1
Exploit Score: 6.5
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: ADJACENT_NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
BID-24376
SECUNIA-25838
SECUNIA-25961
SECUNIA-26133
SECUNIA-26139
SECUNIA-26289
SECUNIA-26450
SECUNIA-26620
SECUNIA-26664
SECUNIA-26760
SECUNIA-27227
OSVDB-37112
ADV-2007-2105
DSA-1356
MDKSA-2007:171
MDKSA-2007:196
RHSA-2007:0488
RHSA-2007:0705
SUSE-SA:2007:043
SUSE-SA:2007:051
SUSE-SA:2007:053
USN-486-1
USN-489-1
USN-510-1
http://marc.info/?l=linux-kernel&m=118128610219959&w=2
http://marc.info/?l=linux-kernel&m=118128622431272&w=2
http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4
kernel-sctpnew-dos(34777)
oval:org.mitre.oval:def:10116

CPE    246
cpe:/o:linux:linux_kernel:2.6.20.11
cpe:/o:linux:linux_kernel:2.6.20.12
cpe:/o:linux:linux_kernel:2.6.20.13
cpe:/o:linux:linux_kernel:2.6.20.14
...

© SecPod Technologies