what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2013-2206

Status Candidate

Overview

The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic.

Related Files

VMware Security Advisory 2013-0015
Posted Dec 7, 2013
Authored by VMware | Site vmware.com

VMware Security Advisory 2013-0015 - VMware has updated several third party libraries in ESX that address multiple security vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2012-2372, CVE-2012-3552, CVE-2013-0791, CVE-2013-1620, CVE-2013-2147, CVE-2013-2164, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237
SHA-256 | 9cbb7e964e769cddfce1c1997789d4b756c22716732fb468d12565b5df47420d
Debian Security Advisory 2766-1
Posted Sep 30, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2766-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-2141, CVE-2013-2164, CVE-2013-2206, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237, CVE-2013-2239, CVE-2013-2851, CVE-2013-2852, CVE-2013-2888, CVE-2013-2892
SHA-256 | 6db36db0cf544b0d71fd346914fc4f771d7d6bf477af2e61c0f394af113ed5df
Ubuntu Security Notice USN-1940-1
Posted Sep 6, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1940-1 - Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM subsystem allocates memory slots for the guest's address space. A local user could exploit this flaw to gain system privileges or obtain sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2013-1060, CVE-2013-1943, CVE-2013-2206, CVE-2013-4162, CVE-2013-1060, CVE-2013-1943, CVE-2013-2206, CVE-2013-4162
SHA-256 | 8c59646e4e53fb3534c048dfb45e7c1eed97a9ec7d2f86a5573f81bea49edf56
Ubuntu Security Notice USN-1939-1
Posted Sep 6, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1939-1 - Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM subsystem allocates memory slots for the guest's address space. A local user could exploit this flaw to gain system privileges or obtain sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2013-1060, CVE-2013-1943, CVE-2013-2206, CVE-2013-4162, CVE-2013-1060, CVE-2013-1943, CVE-2013-2206, CVE-2013-4162
SHA-256 | 3996695f9dff779a55c98d2edff73eb7307289b64e122923d7ce9b80cf0acc6d
Red Hat Security Advisory 2013-1195-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1195-01 - Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4 kernel. These custom kernel packages include support for network namespaces, this support is required to facilitate advanced OpenStack Networking deployments. A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled duplicate cookies. If a local user queried SCTP connection information at the same time a remote attacker has initialized a crafted SCTP connection to the system, it could trigger a NULL pointer dereference, causing the system to crash.

tags | advisory, remote, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2012-6544, CVE-2013-2146, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, CVE-2013-2237
SHA-256 | d5ef77e75670ebff030e7dddab7b389a3c95460ca7499a8cdc34edb9a49312f5
Red Hat Security Advisory 2013-1173-01
Posted Aug 27, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1173-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled duplicate cookies. If a local user queried SCTP connection information at the same time a remote attacker has initialized a crafted SCTP connection to the system, it could trigger a NULL pointer dereference, causing the system to crash.

tags | advisory, remote, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2012-6544, CVE-2013-2146, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, CVE-2013-2237
SHA-256 | 9700f82bdc10eeda814ac97795a008dafe46c72aa62da3f3cb548d663ffbe8f8
Red Hat Security Advisory 2013-1166-01
Posted Aug 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1166-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled duplicate cookies. If a local user queried SCTP connection information at the same time a remote attacker has initialized a crafted SCTP connection to the system, it could trigger a NULL pointer dereference, causing the system to crash.

tags | advisory, remote, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2013-2147, CVE-2013-2164, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237
SHA-256 | fcd744b9ac0dc89a473401d753c27a02c6ebba8fa80ee0c3bab2df69e3c628f5
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close