CVE-2006-2271

Published May 9, 2006

Last updated 3 months ago

CVSS info 7.8

Overview

Description: The ECNE chunk handling in Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via an unexpected chunk when the session is in CLOSED state.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:lksctp:lksctp:2.6.0_test1_0.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A24A0C9A-0A44-4DA3-A462-92745D89387E"
          },
          {
            "criteria": "cpe:2.3:a:lksctp:lksctp:2.6.0_test4_0.7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8710142-EFCF-470D-9AAE-9C95E3FCAB15"
          },
          {
            "criteria": "cpe:2.3:a:lksctp:lksctp:2.6.2_0.9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7434FB8-8151-44BA-8C0B-768BC37A3F8F"
          },
          {
            "criteria": "cpe:2.3:a:lksctp:lksctp:2.6.3_1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BA61789-022B-4DB2-8E76-E1DCC1C4172E"
          },
          {
            "criteria": "cpe:2.3:a:lksctp:lksctp:2.6.6_1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD44118C-EF65-417C-B92E-04406F685AD7"
          },
          {
            "criteria": "cpe:2.3:a:lksctp:lksctp:2.6.10_1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "281DE0AF-101D-4E77-9BAE-1F43138C2E58"
          },
          {
            "criteria": "cpe:2.3:a:lksctp:lksctp:2.6.13_1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E779FA87-52AE-4BF8-ADD1-2C708C1CFA57"
          },
          {
            "criteria": "cpe:2.3:a:lksctp:lksctp:2.6.14_1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C341129C-68F2-49D0-A9CD-E62C51CF8A22"
          },
          {
            "criteria": "cpe:2.3:a:lksctp:lksctp:2.6.15_1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C90E1ED1-AF36-40EC-BDF2-60948C6FD020"
          },
          {
            "criteria": "cpe:2.3:a:lksctp:lksctp:2.6.16_1.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D02F4DA5-013E-4BB4-9640-02BFBDC0FA74"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References