Vulnerability & Exploit Database

Displaying all 4 entries

Results for: CVE-2008-3792 Back to search

SUSE Linux Security Advisory: SUSE-SA:2008:053 Vulnerability

  • Severity: 8
  • Published: October 20, 2008

The Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows attackers to cause a denial of service (panic) via unspecified vectors, related to sctp_sf_violation_paramlen, sctp_sf_abort_violation, sct...

USN-659-1: Linux kernel vulnerabilities Vulnerability

  • Severity: 9
  • Published: September 10, 2008

Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.

RHSA-2008:0857: kernel security and bug fix update Vulnerability

  • Severity: 9
  • Published: September 10, 2008

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise MRG 1.0. This update has been rated as having important security impact by the Red Hat Security Response Team.

The kernel packages contain the Linux kernel, the core of any Linux operating system. A possible in...

SUSE Linux Security Vulnerability: CVE-2008-3792 Vulnerability

  • Severity: 7
  • Published: September 03, 2008

net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in...