3 matches found
Linux Kernel sctp_setsockopt_auth_key()函数远程拒绝服务漏洞
BUGTRAQ ID: 30847 CVECAN ID: CVE-2008-3526 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的net/sctp/socket.c文件中的sctpsetsockoptauthkey函数存在整数溢出漏洞,如果远程攻击者向该函数发送的SCTP报文中SCTPAUTHKEY选项包含有特制的scakeylength字段的话,就可以触发这个溢出,导致拒绝服务的情况。 Linux kernel 2.6.24-rc1 - 2.6.26.3 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2008-3526
Integer overflow in the sctpsetsockoptauthkey function in net/sctp/socket.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service panic or possibly have unspecified other impact via a...
CVE-2008-3526
Integer overflow in the sctpsetsockoptauthkey function in net/sctp/socket.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service panic or possibly have unspecified other impact via a...