SUSE CVE-2004-0230

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service connection loss to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP...

SUSE CVE-2005-0065

The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged aka "TCP sequence number checking", which makes it easier for attackers to forge ICMP error messages for specifi...

SUSE CVE-2005-0356

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers PAWS with the timestamps option enabled allow remote attackers to cause a denial of service connection loss via a spoofed packet with a large timer value, which causes the host to discard later packets because they appe...

SUSE CVE-2005-1175

Heap-based buffer overflow in the Key Distribution Center KDC in MIT Kerberos 5 krb5 1.4.1 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a certain valid TCP or UDP request...

SUSE CVE-2005-3275

The NAT code 1 ipnatprototcp.c and 2 ipnatprotoudp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service memory corruption by causing two packets for the same protocol to be NATed at t...

SUSE CVE-2005-3675

The Transmission Control Protocol TCP allows remote attackers to cause a denial of service bandwidth consumption by sending ACK messages for packets that have not yet been received optimistic ACKs, which can cause the sender to increase its transmission rate until it fills available bandwidth...

SUSE CVE-2006-2934

SCTP conntrack ipconntrackprotosctp.c in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service crash via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference ...

SUSE CVE-2006-4304

Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service panic, obtain sensitive information, and possibly execute arbitrary code via crafted Link Contr...

SUSE CVE-2008-2826

Integer overflow in the sctpgetsockoptlocaladdrsold function in net/sctp/socket.c in the Stream Control Transmission Protocol sctp functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service resource consumption and system outage via vectors involving a large...

SUSE CVE-2008-3146

Multiple buffer overflows in packetncp2222.inc in Wireshark formerly Ethereal 0.9.7 through 1.0.2 allow attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used...

SUSE CVE-2008-3932

Wireshark formerly Ethereal 0.9.7 through 1.0.2 allows attackers to cause a denial of service hang via a crafted NCP packet that triggers an infinite loop...

SUSE CVE-2008-4113

The sctpgetsockopthmacident function in net/sctp/socket.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows loc...

SUSE CVE-2008-4618

The Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows attackers to cause a denial of service panic via unspecified vectors, related to...

SUSE CVE-2009-0065

Buffer overflow in net/sctp/smstatefuns.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN aka FORWARD-TSN chunk with a large stream ID...

SUSE CVE-2010-0741

The virtionetbadfeatures function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service guest OS crash, and an associated qemu-kvm process exit by...

SUSE CVE-2012-5238

epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of 1 PPP and 2 LCP data, which allows remote attackers to cause a denial of service assertion failure and application exit via a malformed packet...

SUSE CVE-2014-0101

The sctpsfdo51Dce function in net/sctp/smstatefuns.c in the Linux kernel through 3.13.6 does not validate certain authenable and authcapable fields before making an sctpsfauthenticate call, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash via an...

SUSE CVE-2014-4667

The sctpassociationfree function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service socket outage via a crafted SCTP packet...

SUSE CVE-2014-8160

net/netfilter/nfconntrackprotogeneric.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with...

SUSE CVE-2014-8712

The buildexpertdata function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...