Vulnerability CVE-2006-2934

Vulnerability Name:

CVE-2006-2934 (CCN-31547)

Assigned:

2006-06-30

Published:

2006-06-30

Updated:

2023-02-13

Summary:

SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference a pointer.

CVSS v3 Severity:

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2006-2934

Source: CCN
Type: The Linux Kernel Archives Web site
ChangeLog-2.6.17.3

Source: CCN
Type: RHSA-2006-0575
Updated kernel packages available for Red Hat Enterprise Linux 4 Update 4

Source: CCN
Type: SA20917
Linux Kernel SCTP Denial of Service Vulnerability

Source: CCN
Type: SA22417
Avaya Products Linux Kernel Multiple Vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: ASA-2006-200
Updated kernel packages available for Red Hat Enterprise Linux 4 Update 4 (RHSA-2006-0575)

Source: CCN
Type: US-CERT VU#717844
Linux kernel fails to properly handle malformed SCTP packets

Source: secalert@redhat.com
Type: US Government Resource
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: The Linux Kernel Archives
ChangeLog-2.6.16.23

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: OSVDB ID: 26963
Linux Kernel SCTP conntrack Chunkless Packet Remote DoS

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: BID-18755
Linux Kernel Netfilter Conntrack_Proto_SCTP.C Denial of Service Vulnerability

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: USN-331-1
Linux kernel vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: USN-346-1
Linux kernel vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: USN-346-2
Fixed linux-restricted-modules-2.6.15 for previous Linux kernel update

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Patch
secalert@redhat.com

Source: XF
Type: UNKNOWN
netfilter-conntrack-dos(31547)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: SUSE
Type: SUSE-SA:2006:042
kernel local privilege escalation

Source: SUSE
Type: SUSE-SA:2006:047
kernel security problems

Source: CCN
Type: IBM Systems Support Web site
Support for HMC

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration CCN 1:

cpe:/o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.17:rc1:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.17:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.17:rc3:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.17:rc2:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.9:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.8:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.6:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.5:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.4:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*

AND

cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20062934	V	CVE-2006-2934	2017-09-27
oval:org.mitre.oval:def:10932	V	SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference a pointer.	2013-04-29
oval:com.redhat.rhsa:def:20060575	P	RHSA-2006:0575: Updated kernel packages available for Red Hat Enterprise Linux 4 Update 4 (Important)	2008-03-20

BACK