Oval Definition:oval:com.ubuntu.trusty:def:20134350000
Revision Date:2013-09-25Version:1
Title:CVE-2013-4350 on Ubuntu 14.04 LTS (trusty) - low.
Description:The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the network. Alan Chester reported a flaw in the IPv6 Stream Control Transmission Protocol (SCTP) of the Linux kernel. A remote attacker could exploit this flaw to obtain sensitive information by sniffing network traffic.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2013-4350
Platform(s):Ubuntu 14.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 14.04 LTS (trusty) is installed.
  • AND Package Information
  • NOT While related to the CVE in some way, the 'linux' package in trusty is not affected (note: '3.12.0-1.3').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'was needed now end-of-life').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'was needed now end-of-life').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'see note').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'see note').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'was needed now end-of-life').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'was needed now end-of-life').
    • BACK