Test Kennung:	1.3.6.1.4.1.25623.1.0.800036
Kategorie:	Denial of Service
Titel:	Linux Kernel Stream Control Transmission Protocol Violation Vulnerability
Zusammenfassung:	This host has Linux Kernel Stream Control Transmission Protocol; (SCTP) implementation and is prone to Protocol Violation Vulnerability.
Beschreibung:	Summary: This host has Linux Kernel Stream Control Transmission Protocol (SCTP) implementation and is prone to Protocol Violation Vulnerability. Vulnerability Insight: The issue is with the parameter 'sctp_paramhdr' in sctp_sf_violation_paramlen, sctp_sf_abort_violation, and sctp_make_abort_violation functions of sm.h, sm_make_chunk.c, and sm_statefunc.c files, which has invalid length and incorrect data types in function calls. Vulnerability Impact: Successful attacks will result in denial of service via kernel related vectors. Affected Software/OS: Linux kernel version before 2.6.27 on all Linux Platforms. Solution: Upgrade to Linux kernel 2.6.27, or apply the available patch from the referenced link. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4618 BugTraq ID: 31848 http://www.securityfocus.com/bid/31848 Debian Security Information: DSA-1681 (Google Search) http://www.debian.org/security/2008/dsa-1681 http://www.openwall.com/lists/oss-security/2008/10/06/1 http://www.redhat.com/support/errata/RHSA-2009-0009.html http://secunia.com/advisories/32918 http://secunia.com/advisories/32998 http://secunia.com/advisories/33586 SuSE Security Announcement: SUSE-SA:2008:053 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html http://www.ubuntu.com/usn/usn-679-1
Copyright	Copyright (C) 2008 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.