NotCVE - vendor:"Lksctp" product:"Stream Control Transmission Protocol" version:"

2 results (0.004 seconds)

CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 0

CVE-2006-2275

https://notcve.org/view.php?id=CVE-2006-2275

09 May 2006 — Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer." • http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7c3ceb4fb9667f34f1599a062efecf4cdc4a4ce5 • CWE-667: Improper Locking •

CVSS: 7.8EPSS: 6%CPEs: 1EXPL: 0

CVE-2006-2272

https://notcve.org/view.php?id=CVE-2006-2272

09 May 2006 — Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via incoming IP fragmented (1) COOKIE_ECHO and (2) HEARTBEAT SCTP control chunks. • http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0227.html •