7 matches found
CVE-2013-5209
The sctpsendinitiateack function in sys/netinet/sctpoutput.c in the SCTP implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE does not properly initialize the state-cookie data structure, which allows remote attackers to obtain sensitive information from kernel stack memory by readi...
CVE-2013-5209
The CVE-2013-5209 entry concerns a kernel SCTP weakness in FreeBSD (8.3–9.2-PRERELEASE) where sctp_send_initiate_ack fails to properly initialize the state-cookie data structure in sctp_output.c. This allows remote attackers to read INIT-ACK data and disclose kernel stack memory. Public reports d...
FreeBSD Security Advisory FreeBSD-SA-13:10.sctp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:10.sctp Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in sctp4 Category: core Module: sctp Announced: 2013-08-22 Credits: Julian Seward...
Debian DSA-2743-1 : kfreebsd-9 - privilege escalation/information leak
Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a privilege escalation or information leak. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-3077 Clement Lecigne from the Google Security Team reported an integer...
[SECURITY] [DSA 2743-1] kfreebsd-9 security update
---------------------------------------------------------------------- Debian Security Advisory DSA-2743-1 [email protected] http://www.debian.org/security/ Aurelien Jarno August 27, 2013 http://www.debian.org/security/faq - ----------------------------------------------------------------------...
Debian Security Advisory DSA 2743-1 (kfreebsd-9 - privilege escalation/information leak)
Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a privilege escalation or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-3077 Clement Lecigne from the Google Security Team reported an integer...
FreeBSD-SA-13:10.sctp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:10.sctp Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in sctp4 Category: core Module: sctp Announced: 2013-08-22 Credits: Julian Seward...