Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4576

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2008-4576
Last Modified 29 Oct 2012 11:17:42
Published 15 Oct 2008 04:07:42
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4576

Summary

sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires.

Vulnerable Systems

Operating System

  • Linux Kernel 2.2.27

  • Linux Kernel 2.4.36

  • Linux Kernel 2.4.36.1

  • Linux Kernel 2.4.36.2

  • Linux Kernel 2.4.36.3

  • Linux Kernel 2.4.36.4

  • Linux Kernel 2.4.36.5

  • Linux Kernel 2.4.36.6

  • Linux Kernel 2.6

  • Linux Kernel 2.6.18

  • Linux Kernel 2.6.19.4

  • Linux Kernel 2.6.19.5

  • Linux Kernel 2.6.19.6

  • Linux Kernel 2.6.19.7

  • Linux Kernel 2.6.20.16

  • Linux Kernel 2.6.20.17

  • Linux Kernel 2.6.20.18

  • Linux Kernel 2.6.20.19

  • Linux Kernel 2.6.20.20

  • Linux Kernel 2.6.20.21

  • Linux Kernel 2.6.21.5

  • Linux Kernel 2.6.21.6

  • Linux Kernel 2.6.21.7

  • Linux Kernel 2.6.22

  • Linux Kernel 2.6.22 Rc1

  • Linux Kernel 2.6.22 Rc7

  • Linux Kernel 2.6.22.1

  • Linux Kernel 2.6.22.10

  • Linux Kernel 2.6.22.11

  • Linux Kernel 2.6.22.12

  • Linux Kernel 2.6.22.13

  • Linux Kernel 2.6.22.14

  • Linux Kernel 2.6.22.15

  • Linux Kernel 2.6.22.17

  • Linux Kernel 2.6.22.18

  • Linux Kernel 2.6.22.19

  • Linux Kernel 2.6.22.2

  • Linux Kernel 2.6.22.20

  • Linux Kernel 2.6.22.21

  • Linux Kernel 2.6.22.22

  • Linux Kernel 2.6.22.8

  • Linux Kernel 2.6.22.9

  • Linux Kernel 2.6.23

  • Linux Kernel 2.6.23 Rc1

  • Linux Kernel 2.6.23.10

  • Linux Kernel 2.6.23.11

  • Linux Kernel 2.6.23.12

  • Linux Kernel 2.6.23.13

  • Linux Kernel 2.6.23.15

  • Linux Kernel 2.6.23.16

  • Linux Kernel 2.6.23.17

  • Linux Kernel 2.6.23.8

  • Linux Kernel 2.6.23.9

  • Linux Kernel 2.6.24

  • Linux Kernel 2.6.24 Rc1

  • Linux Kernel 2.6.24 Rc4

  • Linux Kernel 2.6.24 Rc5

  • Linux Kernel 2.6.24.1

  • Linux Kernel 2.6.24.2

  • Linux Kernel 2.6.24.3

  • Linux Kernel 2.6.24.4

  • Linux Kernel 2.6.24.5

  • Linux Kernel 2.6.24.6

  • Linux Kernel 2.6.24.7

  • Linux Kernel 2.6.25

  • Linux Kernel 2.6.25.1

  • Linux Kernel 2.6.25.10

  • Linux Kernel 2.6.25.11

  • Linux Kernel 2.6.25.12

  • Linux Kernel 2.6.25.13

  • Linux Kernel 2.6.25.14

  • Linux Kernel 2.6.25.15

  • Linux Kernel 2.6.25.16

  • Linux Kernel 2.6.25.17

  • Linux Kernel 2.6.25.2

  • Linux Kernel 2.6.25.3

  • Linux Kernel 2.6.25.4

  • Linux Kernel 2.6.25.5

  • Linux Kernel 2.6.25.6

  • Linux Kernel 2.6.25.7

  • Linux Kernel 2.6.25.8

  • Linux Kernel 2.6.25.9


References

FEDORA - FEDORA-2008-8929

FEDORA - FEDORA-2008-8980

XF - linux-kernel-sctp-initack-dos(45773)

UBUNTU - USN-679-1

BID - 31634

REDHAT - RHSA-2009:0009

REDHAT - RHSA-2008:1017

CONFIRM - http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.27-rc6-git6.log

MLIST - [linux-kernel] 20081006 [patch 58/71] sctp: Fix oops when INIT-ACK indicates that peer doesnt support AUTH

DEBIAN - DSA-1687

DEBIAN - DSA-1681

SECUNIA - 33586

SECUNIA - 33182

SECUNIA - 33180

SECUNIA - 32998

SECUNIA - 32918

SECUNIA - 32759

SECUNIA - 32386

MLIST - [oss-security] 20081008 CVE request: kernel: sctp: Fix oops when INIT-ACK indicates that peer doesn't support AUTH

SUSE - SUSE-SR:2008:025

SUSE - SUSE-SA:2008:053

CONFIRM - http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.18

SECUNIA - 32370

SUSE - SUSE-SA:2008:052


Last Updated: 27 May 2016 10:58:23