Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1527

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1527
Last Modified 07 Mar 2011 09:33:15
Published 03 May 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1527

Summary

The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote attackers to trigger a denial of service (infinite loop) via unknown vectors that cause an invalid SCTP chunk size to be processed by the for_each_sctp_chunk function.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.16.12


References

VUPEN - ADV-2006-1632

CONFIRM - http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.13

XF - linux-sctp-netfilter-dos(26194)

UBUNTU - USN-302-1

TRUSTIX - 2006-0024

BID - 17806

REDHAT - RHSA-2006:0493

OSVDB - 25229

SUSE - SUSE-SA:2006:028

MANDRIVA - MDKSA-2006:086

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm

SECUNIA - 21745

SECUNIA - 20716

SECUNIA - 20398

SECUNIA - 20237

SECUNIA - 20157

SECUNIA - 19926


Last Updated: 27 May 2016 10:42:06