OS-LINUX -- Snort has detected traffic targeting vulnerabilities in a Linux-based operating system. This does not include browser traffic or other software on the OS, but attacks against the OS itself.
OS-LINUX Linux kernel SCTP duplicate cookie denial of service attempt
The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic. Impact: CVSS base score 5.4 CVSS impact score 6.9 CVSS exploitability score 4.9 confidentialityImpact NONE integrityImpact NONE availabilityImpact NONE Details: Ease of Attack:
No information provided
No public information
No known false positives
Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].
No rule groups
CVE-2013-2206 |
Loading description |