Linux Kernel < 2.6.26.4 - SCTP Kernel Memory Disclosure Exploit

No description provided by source. / cve-2008-4113.c Linux Kernel 2.6.26.4 SCTP kernel memory disclosure Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4113 The sctpgetsockopthmacident function in net/sctp/socket.c in t...

Linux Kernel 2.6.26.4 - SCTP Kernel Memory Disclosure

Linux Kernel 2.6.26.4 - SCTP Kernel Memory Disclosure / cve-2008-4113.c Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4113 The sctpgetsockopthmacident function in net/sctp/socket.c in the Stream Control Transmission Protocol sctp...

CVE-2008-4113

creationtimestamp| type| source ---|---|--- 2008-12-29 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/7618...

Debian Security Advisory DSA 1655-1 (linux-2.6.24)

The remote host is missing an update to linux-2.6.24 announced via advisory DSA 1655-1. OpenVAS Vulnerability Test $Id: deb16551.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1655-1 linux-2.6.24 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft In...

Debian: Security Advisory (DSA-1655-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 1655-1] New Linux 2.6.24 packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-1655-1 [email protected] http://www.debian.org/security/ dann frazier Oct 16, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1655-1] New Linux 2.6.24 packages fix several vulnerabilities

---------------------------------------------------------------------- Debian Security Advisory DSA-1655-1 [email protected] http://www.debian.org/security/ dann frazier Oct 16, 2008 http://www.debian.org/security/faq - ----------------------------------------------------------------------...

DSA-1655-1 linux-2.6.24 - several vulnerabilities

Bulletin has no description...

CVE-2008-4445

CVE-2008-4445 affects the Linux kernel SCTP implementation prior to 2.6.26.4. The vulnerability resides in sctp_auth_ep_set_hmacs (net/sctp/auth.c) where the identifier index is not validated against SCTP_AUTH_HMAC_ID_MAX when SCTP-AUTH is enabled. This can allow local users to obtain sensitive i...

CVE-2008-4113

The sctpgetsockopthmacident function in net/sctp/socket.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows loc...

CVE-2008-4113

The vulnerability CVE-2008-4113 affects the Linux kernel prior to 2.6.26.4 with SCTP-AUTH enabled. In sctp_getsockopt_hmac_ident (net/sctp/socket.c), an untrusted length value is used to bound data copied from kernel memory, allowing a local unprivileged user to disclose sensitive kernel memory c...