Think you have a false positive on this rule?

Sid 1-16009

Message

BROWSER-FIREFOX Mozilla products overflow event handling memory corruption attempt

Summary

The sctpnew function in (1) ipconntrackprotosctp.c and (2) nfconntrackproto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.

Impact

CVSS base score 6.1 CVSS impact score 6.9 CVSS exploitability score 6.5 confidentialityImpact NONE integrityImpact NONE availabilityImpact NONE

CVE-2007-2876:

CVSS base score 6.1

CVSS impact score 6.9

CVSS exploitability score 6.5

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

Detailed information

CVE-2007-2876: The sctpnew function in (1) ipconntrackprotosctp.c and (2) nfconntrackproto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.

Affected systems

  • linux linux_kernel 2.6.0
  • linux linux_kernel 2.6.1
  • linux linux_kernel 2.6.2
  • linux linux_kernel 2.6.3
  • linux linux_kernel 2.6.4
  • linux linux_kernel 2.6.5
  • linux linux_kernel 2.6.6
  • linux linux_kernel 2.6.7
  • linux linux_kernel 2.6.8
  • linux linux_kernel 2.6.8.1
  • linux linux_kernel 2.6.8.1.5
  • linux linux_kernel 2.6.9
  • linux linux_kernel 2.6.10
  • linux linux_kernel 2.6.11
  • linux linux_kernel 2.6.11.1
  • linux linux_kernel 2.6.11.2
  • linux linux_kernel 2.6.11.3
  • linux linux_kernel 2.6.11.4
  • linux linux_kernel 2.6.11.5
  • linux linux_kernel 2.6.11.6
  • linux linux_kernel 2.6.11.7
  • linux linux_kernel 2.6.11.8
  • linux linux_kernel 2.6.11.9
  • linux linux_kernel 2.6.11.10
  • linux linux_kernel 2.6.11.11
  • linux linux_kernel 2.6.11.12
  • linux linuxkernel 2.6.11rc1_bk6
  • linux linux_kernel 2.6.12
  • linux linux_kernel 2.6.12.1
  • linux linux_kernel 2.6.12.2
  • linux linux_kernel 2.6.12.3
  • linux linux_kernel 2.6.12.4
  • linux linux_kernel 2.6.12.5
  • linux linux_kernel 2.6.12.6
  • linux linux_kernel 2.6.12.12
  • linux linux_kernel 2.6.12.22
  • linux linux_kernel 2.6.13
  • linux linux_kernel 2.6.13.1
  • linux linux_kernel 2.6.13.2
  • linux linux_kernel 2.6.13.3
  • linux linux_kernel 2.6.13.4
  • linux linux_kernel 2.6.13.5
  • linux linux_kernel 2.6.14
  • linux linux_kernel 2.6.14.1
  • linux linux_kernel 2.6.14.2
  • linux linux_kernel 2.6.14.3
  • linux linux_kernel 2.6.14.4
  • linux linux_kernel 2.6.14.5
  • linux linux_kernel 2.6.14.6
  • linux linux_kernel 2.6.14.7
  • linux linux_kernel 2.6.15
  • linux linux_kernel 2.6.15.1
  • linux linux_kernel 2.6.15.2
  • linux linux_kernel 2.6.15.3
  • linux linux_kernel 2.6.15.4
  • linux linux_kernel 2.6.15.5
  • linux linux_kernel 2.6.15.6
  • linux linux_kernel 2.6.15.7
  • linux linux_kernel 2.6.15.11
  • linux linux_kernel 2.6.16
  • linux linux_kernel 2.6.16.1
  • linux linux_kernel 2.6.16.2
  • linux linux_kernel 2.6.16.3
  • linux linux_kernel 2.6.16.4
  • linux linux_kernel 2.6.16.5
  • linux linux_kernel 2.6.16.6
  • linux linux_kernel 2.6.16.7
  • linux linux_kernel 2.6.16.8
  • linux linux_kernel 2.6.16.9
  • linux linux_kernel 2.6.16.10
  • linux linux_kernel 2.6.16.11
  • linux linux_kernel 2.6.16.12
  • linux linux_kernel 2.6.16.13
  • linux linux_kernel 2.6.16.14
  • linux linux_kernel 2.6.16.15
  • linux linux_kernel 2.6.16.16
  • linux linux_kernel 2.6.16.17
  • linux linux_kernel 2.6.16.18
  • linux linux_kernel 2.6.16.19
  • linux linux_kernel 2.6.16.20
  • linux linux_kernel 2.6.16.21
  • linux linux_kernel 2.6.16.22
  • linux linux_kernel 2.6.16.23
  • linux linux_kernel 2.6.16.24
  • linux linux_kernel 2.6.16.25
  • linux linux_kernel 2.6.16.26
  • linux linux_kernel 2.6.16.27
  • linux linux_kernel 2.6.16.28
  • linux linux_kernel 2.6.16.29
  • linux linux_kernel 2.6.16.30
  • linux linux_kernel 2.6.16.31
  • linux linux_kernel 2.6.16.32
  • linux linux_kernel 2.6.16.33
  • linux linux_kernel 2.6.16.34
  • linux linux_kernel 2.6.16.35
  • linux linux_kernel 2.6.16.36
  • linux linux_kernel 2.6.16.37
  • linux linux_kernel 2.6.16.38
  • linux linux_kernel 2.6.16.39
  • linux linux_kernel 2.6.16.40
  • linux linux_kernel 2.6.16.41
  • linux linuxkernel 2.6.16rc7
  • linux linux_kernel 2.6.17
  • linux linux_kernel 2.6.17.1
  • linux linux_kernel 2.6.17.2
  • linux linux_kernel 2.6.17.3
  • linux linux_kernel 2.6.17.4
  • linux linux_kernel 2.6.17.5
  • linux linux_kernel 2.6.17.6
  • linux linux_kernel 2.6.17.7
  • linux linux_kernel 2.6.17.8
  • linux linux_kernel 2.6.17.9
  • linux linux_kernel 2.6.17.10
  • linux linux_kernel 2.6.17.11
  • linux linux_kernel 2.6.17.12
  • linux linux_kernel 2.6.17.13
  • linux linux_kernel 2.6.17.14
  • linux linux_kernel 2.6.18
  • linux linux_kernel 2.6.18.1
  • linux linux_kernel 2.6.18.2
  • linux linux_kernel 2.6.18.3
  • linux linux_kernel 2.6.18.4
  • linux linux_kernel 2.6.18.5
  • linux linux_kernel 2.6.18.6
  • linux linux_kernel 2.6.19
  • linux linux_kernel 2.6.19.0
  • linux linux_kernel 2.6.19.1
  • linux linux_kernel 2.6.19.2
  • linux linux_kernel 2.6.19.3
  • linux linux_kernel 2.6.20
  • linux linux_kernel 2.6.20.1
  • linux linux_kernel 2.6.20.2
  • linux linux_kernel 2.6.20.3
  • linux linux_kernel 2.6.20.4
  • linux linux_kernel 2.6.20.5
  • linux linux_kernel 2.6.20.6
  • linux linux_kernel 2.6.20.7
  • linux linux_kernel 2.6.20.8
  • linux linux_kernel 2.6.20.9
  • linux linux_kernel 2.6.20.10
  • linux linux_kernel 2.6.20.11
  • linux linux_kernel 2.6.20.12
  • linux linux_kernel 2.6.20.13
  • linux linux_kernel 2.6.20.14
  • linux linux_kernel 2.6.21
  • linux linux_kernel 2.6.21.1
  • linux linux_kernel 2.6.21.2
  • linux linux_kernel 2.6.21.3
  • linux linuxkernel 2.6test9_cvs

Ease of attack

CVE-2007-2876:

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References