Linux SCTP ICMP Packet Handling Null Dereference Remote DoS

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.


Synopsis :

It is possible to crash the remote host by sending it malformed ICMP
packets.

Description :

Linux kernels older than version 2.6.13 contain a bug that may allow
an attacker to cause a NULL pointer dereference by sending malformed
ICMP packets, thus resulting in a kernel panic.

This flaw is present only if SCTP support is enabled on the remote
host.

An attacker can use this to make this host crash continuously, thus
preventing legitimate users from using it.

See also :

http://oss.sgi.com/projects/netdev/archive/2005-07/msg00140.html

Solution :

Ugprade to Linux 2.6.13 or newer, or disable SCTP support.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: Denial of Service

Nessus Plugin ID: 19777 (linux_icmp_sctp_DoS.nasl)

Bugtraq ID:

CVE ID:

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial