Linux SCTP 多个远程拒绝服务漏洞-一一网

漏洞信息详情

Linux SCTP 多个远程拒绝服务漏洞

CNNVD编号：CNNVD-200605-146

危害等级：高危
CVE编号：
CVE-2006-2272
漏洞类型：

设计错误
发布时间：

2006-05-09
威胁类型：

远程
更新时间：

2006-05-10
厂商：

lksctp
漏洞来源：
This issue was dis…

漏洞简介

Linux SCTP (lksctp) 2.6.17之前版本可以使远程攻击者借助引入的IP碎片整理的(1) COOKIE_ECHO和(2) HEARTBEAT SCTP控制组块，引起拒绝服务(内核恐慌)。

漏洞公告

Linux kernel源控制库已经进行了修复。
请参见厂商公告和修补程序。
Linux kernel 2.6.16

Linux [SCTP]: Fix panic’s when receiving fragmented SCTP control chunks.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=62b08083ec3dbfd7e533c8d230dd1d8191a6e813
Linux [SCTP]: Fix state table entries for chunks received in CLOSED state.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=35d63edb1c807bc5317e49592260e84637bc432e

Linux kernel 2.6.16 13

Linux [SCTP]: Fix panic’s when receiving fragmented SCTP control chunks.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=62b08083ec3dbfd7e533c8d230dd1d8191a6e813
Linux [SCTP]: Fix state table entries for chunks received in CLOSED state.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=35d63edb1c807bc5317e49592260e84637bc432e

Linux kernel 2.6.16 .9

Linux [SCTP]: Fix panic’s when receiving fragmented SCTP control chunks.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=62b08083ec3dbfd7e533c8d230dd1d8191a6e813
Linux [SCTP]: Fix state table entries for chunks received in CLOSED state.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=35d63edb1c807bc5317e49592260e84637bc432e

Linux kernel 2.6.16 .11

Linux [SCTP]: Fix panic’s when receiving fragmented SCTP control chunks.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=62b08083ec3dbfd7e533c8d230dd1d8191a6e813
Linux [SCTP]: Fix state table entries for chunks received in CLOSED state.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=35d63edb1c807bc5317e49592260e84637bc432e

Linux kernel 2.6.16

Linux [SCTP]: Fix panic’s when receiving fragmented SCTP control chunks.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=62b08083ec3dbfd7e533c8d230dd1d8191a6e813
Linux [SCTP]: Fix state table entries for chunks received in CLOSED state.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=35d63edb1c807bc5317e49592260e84637bc432e

Linux kernel 2.6.16 .1

Linux [SCTP]: Fix panic’s when receiving fragmented SCTP control chunks.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=62b08083ec3dbfd7e533c8d230dd1d8191a6e813
Linux [SCTP]: Fix state table entries for chunks received in CLOSED state.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=35d63edb1c807bc5317e49592260e84637bc432e

Linux kernel 2.6.16

Linux [SCTP]: Fix panic’s when receiving fragmented SCTP control chunks.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=62b08083ec3dbfd7e533c8d230dd1d8191a6e813
Linux [SCTP]: Fix state table entries for chunks received in CLOSED state.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=35d63edb1c807bc5317e49592260e84637bc432e

Linux kernel 2.6.16

Linux [SCTP]: Fix panic’s when receiving fragmented SCTP control chunks.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=62b08083ec3dbfd7e533c8d230dd1d8191a6e813
Linux [SCTP]: Fix state table entries for chunks received in CLOSED state.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=35d63edb1c807bc5317e49592260e84637bc432e

Linux kernel 2.6.16

Linux [SCTP]: Fix panic’s when receiving fragmented SCTP control chunks.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=62b08083ec3dbfd7e533c8d230dd1d8191a6e813
Linux [SCTP]: Fix state table entries for chunks received in CLOSED state.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=35d63edb1c807bc5317e49592260e84637bc432e

Linux kernel 2.6.16

Linux [SCTP]: Fix panic’s when receiving fragmented SCTP control chunks.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=62b08083ec3dbfd7e533c8d230dd1d8191a6e813
Linux [SCTP]: Fix state table entries for chunks received in CLOSED state.

http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a
=commitdiff;h=35d63edb1c807bc5317e49592260e84637bc432e
RedHat Fedora kernel-2.6.16-1.2122_FC5.i586.rpmFedora Core 5

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

参考网址

来源: VUPEN

名称: ADV-2006-1734

链接:http://www.frsirt.com/english/advisories/2006/1734

来源: SECUNIA

名称: 19990

链接:http://secunia.com/advisories/19990

来源: MISC

链接:http://labs.musecurity.com/advisories/MU-200605-01.txt

来源: git.kernel.org

链接:http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=62b08083ec3dbfd7e533c8d230dd1d8191a6e813

来源: FULLDISC

名称: 20060508 [MU-200605-01] Multiple vulnerabilities in Linux SCTP 2.6.16

链接:http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0227.html

来源: XF

名称: linux-sctp-control-chunk-dos(26431)

链接:http://xforce.iss.net/xforce/xfdb/26431

来源: UBUNTU

名称: USN-302-1

链接:http://www.ubuntu.com/usn/usn-302-1

来源: TRUSTIX

名称: 2006-0026

链接:http://www.trustix.org/errata/2006/0026

来源: BID

名称: 17910

链接:http://www.securityfocus.com/bid/17910

来源: REDHAT

名称: RHSA-2006:0493

链接:http://www.redhat.com/support/errata/RHSA-2006-0493.html

来源: OSVDB

名称: 25633

链接:http://www.osvdb.org/25633

来源: SUSE

名称: SUSE-SA:2006:028

链接:http://www.novell.com/linux/security/advisories/2006-05-31.html

来源: MANDRIVA

名称: MDKSA-2006:086

链接:http://www.mandriva.com/security/advisories?name=MDKSA-2006:086

来源: VUPEN

名称: ADV-2006-2554

链接:http://www.frsirt.com/english/advisories/2006/2554

来源: DEBIAN

名称: DSA-1103

链接:http://www.debian.org/security/2006/dsa-1103

来源: DEBIAN

名称: DSA-1097

链接:http://www.debian.org/security/2006/dsa-1097

来源: support.avaya.com

链接:http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm

来源: SECUNIA

名称: 21745

链接:http://secunia.com/advisories/21745

来源: SECUNIA

名称: 21476

链接:http://secunia.com/advisories/21476

来源: SECUNIA

名称: 20914

链接:http://secunia.com/advisories/20914

来源: SECUNIA

名称: 20716

链接:http://secunia.com/advisories/20716

来源: SECUNIA

名称: 20671

链接:http://secunia.com/advisories/20671

来源: SECUNIA

名称: 20398

链接:http://secunia.com/advisories/20398

来源: SECUNIA

名称: 20237

链接:http://secunia.com/advisories/20237

来源: SECUNIA

名称: 20157

链接:http://secunia.com/advisories/20157

来源: MANDRIVA

名称: MDKSA-2006:086

链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:086

受影响实体

Lksctp Stream_control_transmission_protocol:2.6.16

更多>>

文章版权归作者所有，未经允许请勿转载。

THE END

信息安全

Monorepo初体验：将现有的NG CLI工程改造成Monorepo方式

我又开发了一个非常好用的开源库，调试Android数据库有救了

【现金红包】签到拿红包满10提现

Python中的那些随机操作 | Python 主题月

磁力搜搜v2.2.4无广告版多个磁力引擎

Mozilla Firefox/Thunderbird/SeaMonkey 释放后重用漏洞

Linux SCTP 多个远程拒绝服务漏洞

漏洞信息详情

Linux SCTP 多个远程拒绝服务漏洞

漏洞简介

漏洞公告

参考网址

受影响实体

Monorepo初体验：将现有的NG CLI工程改造成Monorepo方式

我又开发了一个非常好用的开源库，调试Android数据库有救了

【现金红包】签到拿红包满10提现

Python中的那些随机操作 | Python 主题月

磁力搜搜v2.2.4无广告版 多个磁力引擎

Mozilla Firefox/Thunderbird/SeaMonkey 释放后重用漏洞

Linux SCTP 多个远程拒绝服务漏洞

漏洞信息详情

Linux SCTP 多个远程拒绝服务漏洞

漏洞简介

漏洞公告

参考网址

受影响实体

磁力搜搜v2.2.4无广告版多个磁力引擎