Published: 09/10/2012 Updated: 30/01/2013

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 785

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

The SCTP implementation in FreeBSD 8.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted ASCONF chunk.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freebsd freebsd 8.2

Debian Bug report logs - #686961 CVE-2012-3549: kfreebsd SCTP DoS Package: kfreebsd-8; Maintainer for kfreebsd-8 is (unknown); Reported by: Raphael Geissert <geissert@debianorg> Date: Fri, 7 Sep 2012 17:21:02 UTC Severity: grave Tags: confirmed, fixed-upstream, security Found in versions kfreebsd-8/83-4, 82-15~bpo60+1 ...

/* * FreeBSD kernel SCTP (latest release) remote NULL ptr dereference DoS * * by Shaun Colley <scolley@ioactivecom>, 2 Aug 2012 * * The SCTP implementation used by FreeBSD ("reference implementation") is vulnerable to a remote * NULL pointer dereference in kernel due to a logic bug When parsing ASCONF chunks, an attempt is * made ...

NVD-CWE-Other http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686962 http://www.securityfocus.com/bid/54797 http://www.openwall.com/lists/oss-security/2012/08/29/6 http://www.openwall.com/lists/oss-security/2012/08/28/9 http://www.exploit-db.com/exploits/20226 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686961 https://nvd.nist.gov https://www.exploit-db.com/exploits/20226/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-3549

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect