| Beschreibung: | Description:
The remote host is missing updates announced in
advisory TSLSA-2006-0026.
kernel < TSL 3.0 >
- New Upstream.
- SECURITY Fix: An error in the Stream Control Transmission Protocol
(SCTP) code that uses incorrect state table entries when certain
ECNE chunks are received in CLOSED state, could be exploited by
attackers to cause a kernel panic via a specially crafted packet.
- An error exist when handling incoming IP-fragmented SCTP control
chunks, which could be exploited by attackers to cause a kernel
panic via a specially crafted packet.
- Linux SCTP (lksctp) allows remote attackers to cause a denial of
service (infinite recursion and crash) via a packet that contains
two or more DATA fragments, which causes an skb pointer to refer
back to itself when the full message is reassembled, leading to
infinite recursion in the sctp_skb_pull function
- Linux SCTP (lksctp) allows remote attackers to cause a denial of
service (deadlock) via a large number of small messages to a receiver
application that cannot process the messages quickly enough, which
leads to spillover of the receive buffer.
- A vulnerability has been identified due to an input
validation error when processing arguments containing backslash
(\\) characters passed to certain commands (e.g. cd),
which could be exploited by authenticated attackers to escape
chroot restrictions for a CIFS or SMBFS mounted filesystem.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-2271, CVE-2006-2272, CVE-2006-2274,
CVE-2006-2275 and CVE-2006-1864 to these issues.
Solution:
Update your system with the packages as indicated in
the referenced security advisory.
http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2006-0026
Risk factor : High
CVSS Score:
7.8
|
