OS-LINUX Linux kernel sctprcvootb invalid chunk length DoS attempt
The sctprcvootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service (infinite loop) via (1) an Out Of The Blue (OOTB) chunk or (2) a chunk of zero length.
CVSS base score 7.8 CVSS impact score 6.9 CVSS exploitability score 10.0 confidentialityImpact NONE integrityImpact NONE availabilityImpact NONE
CVE-2010-0008:
CVSS base score 7.8
CVSS impact score 6.9
CVSS exploitability score 10.0
Confidentiality Impact NONE
Integrity Impact NONE
Availability Impact COMPLETE
CVE-2010-0008: The sctprcvootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service (infinite loop) via (1) an Out Of The Blue (OOTB) chunk or (2) a chunk of zero length.
CVE-2010-0008:
Access Vector NETWORK
Access Complexity LOW
Authentication NONE
None known
None known
Upgrade to the latest non-affected version of the software.
Apply the appropriate vendor supplied patches.