Executive Summary

Informations
NameCVE-2007-2876First vendor Publication2007-06-11
VendorCveLast vendor Modification2012-10-30

Security-Database Scoring CVSS v2

Cvss vector : (AV:A/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score6.1Attack RangeAdjacent network
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score6.5AuthentificationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2876

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10116
 
Oval ID: oval:org.mitre.oval:def:10116
Title: The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.
Description: The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.
Family: unix Class: vulnerability
Reference(s): CVE-2007-2876
 Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os253

Open Source Vulnerability Database (OSVDB)

idDescription
37112Linux Kernel Netfilter *_conntrack_proto_sctp.c sctp_new Function Unknown Chu...

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/24376
CONFIRMhttp://support.avaya.com/elmodocs2/security/ASA-2007-287.htm
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4
DEBIANhttp://www.debian.org/security/2007/dsa-1356
MANDRIVAhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:171
http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
MLISThttp://marc.info/?l=linux-kernel&m=118128610219959&w=2
http://marc.info/?l=linux-kernel&m=118128622431272&w=2
OSVDBhttp://osvdb.org/37112
REDHAThttp://rhn.redhat.com/errata/RHSA-2007-0488.html
http://www.redhat.com/support/errata/RHSA-2007-0705.html
SECUNIAhttp://secunia.com/advisories/25838
http://secunia.com/advisories/25961
http://secunia.com/advisories/26133
http://secunia.com/advisories/26139
http://secunia.com/advisories/26289
http://secunia.com/advisories/26450
http://secunia.com/advisories/26620
http://secunia.com/advisories/26664
http://secunia.com/advisories/26760
http://secunia.com/advisories/27227
SUSEhttp://www.novell.com/linux/security/advisories/2007_43_kernel.html
http://www.novell.com/linux/security/advisories/2007_51_kernel.html
http://www.novell.com/linux/security/advisories/2007_53_kernel.html
UBUNTUhttp://www.ubuntu.com/usn/usn-486-1
http://www.ubuntu.com/usn/usn-489-1
http://www.ubuntu.com/usn/usn-510-1
VUPENhttp://www.vupen.com/english/advisories/2007/2105
XFhttp://xforce.iss.net/xforce/xfdb/34777

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2013-05-11 10:27:03
  • Multiple Updates
2012-11-07 00:15:24
  • Multiple Updates