CVE-2006-2934 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-2934
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-2934

Description: SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference a pointer.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-331-1 http://www.ubuntu.com/usn/usn-346-1 SUSE http://www.novell.com/linux/security/advisories/2006_42_kernel.html http://www.novell.com/linux/security/advisories/2006_47_kernel.html SAID Secunia Advisory: SA21614 Secunia Advisory: SA21465 Secunia Advisory: SA21179 Secunia Advisory: SA21298 Secunia Advisory: SA20986 Secunia Advisory: SA20917 Secunia Advisory: SA22417 Secunia Advisory: SA21934 Secunia Advisory: SA21498 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0575.html OSVDB 26963 MISC MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:151 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.3 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.23 http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.17.y.git;a=commit;h=9c48e1ea8cf8800cc5e2d39ccbb8b5ff9704f8e9 CERT-VN 717844 BUGTRAQ http://www.securityfocus.com/archive/1/439610/100/100/threaded http://www.securityfocus.com/archive/1/archive/1/439483/100/100/threaded BID 18755

Return to the previous page.