CVE-2006-2934

Published Jun 30, 2006

Last updated 3 months ago

CVSS info 5.0

Overview

Description: SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference a pointer.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34E60197-56C3-485C-9609-B1C4A0E0FCB2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86E452E4-45A9-4469-BF69-F40B6598F0EA"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5751AC4-A60F-42C6-88E5-FC8CFEE6F696"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "795C3B17-687E-4F33-AA99-8FEC16F14693"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2BDD5C7-9B6A-41B5-8679-5062B8A6E11B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "190D5E2C-AD60-41F4-B29D-FB8EA8CB5FF6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B81A4DD-2ADE-4455-B517-5E4E0532D5A1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BD589CC-666B-4FAA-BCF0-91C484BDDB09"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CD622EE-A840-42E1-B6BF-4AA27D039B12"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "900D6742-DE0F-45C5-A812-BF84088CB02A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "225CA94C-8C84-4FA6-95D0-160A0016FBFF"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D88ED3C4-64C5-44B2-9F23-E16087046C40"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03FB31E5-190C-489A-AB30-910D2CC854F2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF4A781A-4A41-466F-8426-10B40CF8BA1A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9ED29B3F-456B-4767-8E59-8C19A3B7E1D8"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6316369-B54A-4E59-A022-E0610353B284"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E86E13B-EC92-47F3-94A9-DB515313011D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEB3068F-2F64-4BBC-BA3C-FB56A2FBED50"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6555D45B-D3B3-4455-AB1E-E513F9FB6139"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References