DOS: Linux Kernel COOKIE ECHO Denial-of-Service
This signature detects attempts to exploit a known vulnerability against Linux Kernel. A successful exploit can lead to remote denial of service.
Extended Description
The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic.
Affected Products
Linux linux_kernel
Short Name
DOS:LINUX-COOKIE-ECHO-DOS
Severity
Major
Recommended
False
Recommended Action
None
Category
DOS
Keywords
COOKIE CVE-2013-2206 CVE-2014-0101 Denial-of-Service ECHO Kernel Linux bid:65943
Release Date
08/24/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
Port
ip/132
False Positive
Unknown
Vendors
Linux
CVSS Score
5.4
7.8