Linux SCTP Functionality Multiple Remote DoS

High Nessus Plugin ID 21333


It is possible to crash the remote host by sending it a malformed SCTP packet.


There is a flaw in the Linux kernel on the remote host that causes a kernel panic when it receives an SCTP packet with a chunk data packet of length 0. An attacker can leverage this flaw to crash the remote host. Additionally, other types of crafted packets can cause a remote denial of service in various SCTP related functions.

Note that successful exploitation of this issue requires that the kernel support SCTP protocol connection tracking.


Upgrade to Linux kernel / or later.

See Also

Plugin Details

Severity: High

ID: 21333

File Name: linux_sctp_chunk_header_dos.nasl

Version: $Revision: 1.24 $

Type: remote

Published: 2006/05/09

Modified: 2014/05/26

Dependencies: 11936

Risk Information

Risk Factor: High


Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:linux:kernel

Required KB Items: Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2006/05/02

Reference Information

CVE: CVE-2006-1527, CVE-2006-2934, CVE-2006-3085

BID: 17806, 18550, 18755

OSVDB: 25229, 26680, 26963