Family: Denial of Service --> Category: kill_host
Malformed ICMP Packets May Cause a Denial of Service (SCTP) Vulnerability Scan
Vulnerability Scan Summary
Kills the remote Linux with a bad ICMP packet
Detailed Explanation for this Vulnerability Test
It is possible to crash the remote host by sending it malformed ICMP packets.
Linux Kernels older than version 2.6.13 contains a bug which may allow an
attacker to cause a NULL pointer dereference by sending malformed ICMP packets,
thus resulting in a kernel panic.
This flaw is present only if SCTP support is enabled on the remote host.
A possible hacker to make this host crash continuously, thus preventing legitimate
users from using it.
See also :
Ugprade to Linux 2.6.13 or newer, or disable SCTP support.
Medium / CVSS Base Score : 5
Click HERE for more information and discussions on this network vulnerability scan.