CVE-2008-3792 (Kernel) |
|
| BugsAlert Home > CVE-2008-3792 (Kernel) | |
|
net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.26.3 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst,... Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3792 Learn more about CVE-2008-3792 (Kernel) |
|
| Tags: cve-2008-3792 kernel | |
Related Items |
|
|
Libexif EXIF Tag Handling Integer Overflow and Denial of Service Issues
|
|
|
CVE-2007-6715 (Firefox)
|
|
|
Debian update for ruby-gnome2
|
|
|
CVE-2008-4977 (postfix)
|
|
|
MWOpen "id" SQL Injection Vulnerability
|
|
|
I-Worm/Bagle.JH
|
|
|
CVE-2008-1976 (Drupal)
|
|
