Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2272

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2006-2272
Last Modified 07 Mar 2011 09:35:51
Published 09 May 2006 12:02:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2272

Summary

Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via incoming IP fragmented (1) COOKIE_ECHO and (2) HEARTBEAT SCTP control chunks.

Vulnerable Systems

Application

  • Lksctp Stream Control Transmission Protocol 2.6.16


References

SECUNIA - 19990

MISC - http://labs.musecurity.com/advisories/MU-200605-01.txt

CONFIRM - http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=62b08083ec3dbfd7e533c8d230dd1d8191a6e813

FULLDISC - 20060508 [MU-200605-01] Multiple vulnerabilities in Linux SCTP 2.6.16

VUPEN - ADV-2006-2554

VUPEN - ADV-2006-1734

XF - linux-sctp-control-chunk-dos(26431)

UBUNTU - USN-302-1

TRUSTIX - 2006-0026

BID - 17910

REDHAT - RHSA-2006:0493

OSVDB - 25633

SUSE - SUSE-SA:2006:028

MANDRIVA - MDKSA-2006:086

DEBIAN - DSA-1103

DEBIAN - DSA-1097

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm

SECUNIA - 21745

SECUNIA - 21476

SECUNIA - 20914

SECUNIA - 20716

SECUNIA - 20671

SECUNIA - 20398

SECUNIA - 20237

SECUNIA - 20157


Last Updated: 27 May 2016 10:42:24