Bugtraq: Re: [Full-Disclosure] Linux Kernel sctp

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: [Full-Disclosure] Linux Kernel sctp_setsockopt() Integer Overflow

From: Tom Rini <trini () kernel crashing org>
Date: Tue, 11 May 2004 15:05:15 -0700

On Tue, May 11, 2004 at 07:58:56PM +0100, Shaun Colley wrote:

~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*

Product:      Linux Kernel
Versions:     <= 2.4.25


Strictly speaking, 2.4.23-pre5 until 2.4.26.

Bug:          Integer overflow
Impact:       Attackers may be able to execute
              arbitrary code with kernel-level
              privileges.
Risk:         High
Date:         May 11, 2004
Author:       Shaun Colley
              Email: shaunige yahoo co uk
              WWW: http://www.nettwerked.co.uk

[snip]

-- 
Tom Rini
http://gate.crashing.org/~trini/

By Date By Thread

Current thread:

Linux Kernel sctp_setsockopt() Integer Overflow Shaun Colley (May 11)
- Re: [Full-Disclosure] Linux Kernel sctp_setsockopt() Integer Overflow Tom Rini (May 12)
- Re: Linux Kernel sctp_setsockopt() Integer Overflow Michael Tokarev (May 15)
  - Re: Linux Kernel sctp_setsockopt() Integer Overflow Michael Tokarev (May 28)
    - Re: Linux Kernel sctp_setsockopt() Integer Overflow Jirka Kosina (May 31)
    - Re: Linux Kernel sctp_setsockopt() Integer Overflow Shaun Colley (May 31)