The sctp_send_initiate_ack function in sys/netinet/sctp_output.c in the SCTP implementation in the kernel in FreeBSD 8.3 up to and including 9.2-PRERELEASE does not properly initialize the state-cookie data structure, which allows remote malicious users to obtain sensitive information from kernel stack memory by reading packet data in INIT-ACK chunks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freebsd freebsd 9.2 |
||
freebsd freebsd 8.3 |
||
freebsd freebsd 9.0 |
||
freebsd freebsd 9.1 |