Showing 1 - 5 of 5

CVE-2011-1573

Status Candidate

Overview

net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attackers to cause a denial of service (OOPS) via crafted packet data.

Related Files

VMware Security Advisory 2012-0001: Posted Jan 30, 2012; Authored by VMware | Site vmware.com; VMware Security Advisory 2012-0001 - VMware ESXi and ESX updates to third party library and ESX Service Console address several security issues.; tags | advisory; advisories | CVE-2009-3560, CVE-2009-3720, CVE-2010-0547, CVE-2010-0787, CVE-2010-1634, CVE-2010-2059, CVE-2010-2089, CVE-2010-3493, CVE-2010-4649, CVE-2011-0695, CVE-2011-0711, CVE-2011-0726, CVE-2011-1015, CVE-2011-1044, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1182, CVE-2011-1494, CVE-2011-1495, CVE-2011-1521, CVE-2011-1573; MD5 | f01c53578bb58b204ee302611e8e3317; Download | Favorite | View

Ubuntu Security Notice USN-1256-1: Posted Nov 9, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1256-1 - It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities. Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Various other issues were also addressed.; tags | advisory, kernel, local, vulnerability; systems | linux, ubuntu; advisories | CVE-2011-1020, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1093, CVE-2011-1160, CVE-2011-1180, CVE-2011-1478, CVE-2011-1479, CVE-2011-1493, CVE-2011-1573, CVE-2011-1576, CVE-2011-1577, CVE-2011-1581, CVE-2011-1585, CVE-2011-1767, CVE-2011-1768, CVE-2011-1771, CVE-2011-1776, CVE-2011-1833, CVE-2011-2183, CVE-2011-2213, CVE-2011-2479, CVE-2011-2484, CVE-2011-2491, CVE-2011-2492, CVE-2011-2493, CVE-2011-2494; MD5 | ee2685f0b4d767be1169393f2ba5d7c7; Download | Favorite | View

Ubuntu Security Notice USN-1241-1: Posted Oct 25, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1241-1 - It was discovered that the Stream Control Transmission Protocol (SCTP) implementation incorrectly calculated lengths. If the net.sctp.addip_enable variable was turned on, a remote attacker could send specially crafted traffic to crash the system. Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Various other issues were also addressed.; tags | advisory, remote, denial of service, kernel, protocol; systems | linux, ubuntu; advisories | CVE-2011-1573, CVE-2011-1576, CVE-2011-1776, CVE-2011-2213, CVE-2011-2494, CVE-2011-2495, CVE-2011-2496, CVE-2011-2497, CVE-2011-2517, CVE-2011-2525, CVE-2011-2695, CVE-2011-2723, CVE-2011-2905, CVE-2011-2909, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191, CVE-2011-3363; MD5 | 447c461aca2cec9be3fb95e5c596cd81; Download | Favorite | View

Ubuntu Security Notice USN-1236-1: Posted Oct 20, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1236-1 - It was discovered that the Auerswald usb driver incorrectly handled lengths of the USB string descriptors. A local attacker with physical access could insert a specially crafted USB device and gain root privileges. It was discovered that the Stream Control Transmission Protocol (SCTP) implementation incorrectly calculated lengths. If the net.sctp.addip_enable variable was turned on, a remote attacker could send specially crafted traffic to crash the system. Various other issues were also addressed.; tags | advisory, remote, local, root, protocol; systems | linux, ubuntu; advisories | CVE-2009-4067, CVE-2011-1573, CVE-2011-2494, CVE-2011-2495, CVE-2011-3188; MD5 | ae2696646303ce38ff705e1ba28f25ad; Download | Favorite | View

Red Hat Security Advisory 2011-0927-01: Posted Jul 15, 2011; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2011-0927-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw in ib_uverbs_poll_cq() could allow a local, unprivileged user to cause a denial of service or escalate their privileges. A race condition in the way new InfiniBand connections were set up could allow a remote user to cause a denial of service. Various other issues were also addressed.; tags | advisory, remote, denial of service, overflow, kernel, local; systems | linux, redhat; advisories | CVE-2010-4649, CVE-2011-0695, CVE-2011-0711, CVE-2011-1044, CVE-2011-1182, CVE-2011-1573, CVE-2011-1576, CVE-2011-1593, CVE-2011-1745, CVE-2011-1746, CVE-2011-1776, CVE-2011-1936, CVE-2011-2022, CVE-2011-2213, CVE-2011-2492; MD5 | 17d1901ea722285ee9cac40dbc6ed1fd; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 136 files
Ubuntu 40 files
Gentoo 38 files
malvuln 33 files
Brian Rodriguez 15 files
Geovanni Ruiz 11 files
Ron Jost 10 files
Google Security Research 10 files
Apple 8 files
Jim Becher 7 files

File Archives

Systems

AIX (421)
Apple (1,804)
BSD (368)
CentOS (53)
Cisco (1,907)
Debian (5,945)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (4,093)
HPUX (873)
iOS (294)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (40,185)
Mac OS X (678)
Mandriva (3,105)
NetBSD (255)
OpenBSD (474)
RedHat (10,181)
Slackware (941)
Solaris (1,598)
SUSE (1,444)
Ubuntu (7,296)
UNIX (8,912)
UnixWare (180)
Windows (5,996)
Other

CVE-2011-1573

Overview

Related Files

File Archive:

June 2021

Top Authors In Last 30 Days

File Tags

File Archives

Systems