Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2008-4445

Disclosure Date: October 06, 2008
CVE-2008-4445
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTP_AUTH_HMAC_ID_MAX, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function, a different vulnerability than CVE-2008-4113.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

References

Canonical
CVE-2008-4445 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4445)
BID-31121 (http://www.securityfocus.com/bid/31121)
Advisory
SECUNIA-32190 (http://secunia.com/advisories/32190)
DSA-1655 (http://www.debian.org/security/2008/dsa-1655)
SECUNIA-32393 (http://secunia.com/advisories/32393)
[oss-security] 20080929 Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option (http://www.openwall.com/lists/oss-security/2008/09/29/4)
http://www.mandriva.com/security/advisories?name=MDVSA-2008:223
USN-659-1 (http://www.ubuntu.com/usn/usn-659-1)
http://git.kernel.org?p=linux/kernel/git/stable/linux-2.6.26.y.git;a=commit;h=d97240552cd98c4b07322f30f66fd9c3ba4171de
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html
http://www.redhat.com/support/errata/RHSA-2008-0857.html
SECTRACK-1021001 (http://www.securitytracker.com/id?1021001)
[linux-sctp] 20080827 [PATCH 0/2] sctp: additional overflow fixes (http://marc.info?l=linux-sctp&m=121986743009093&w=2)
[oss-security] 20080925 CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option (http://www.openwall.com/lists/oss-security/2008/09/24/9)
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4
[oss-security] 20080927 Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option (http://www.openwall.com/lists/oss-security/2008/09/27/1)
[linux-sctp] 20080827 [PATCH 2/2] sctp: fix random memory dereference with SCTP_HMAC_IDENT option. (http://marc.info?l=linux-sctp&m=121986743209110&w=2)
SECUNIA-32315 (http://secunia.com/advisories/32315)
[oss-security] 20080926 Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option (http://www.openwall.com/lists/oss-security/2008/09/26/6)

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis