[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: FreeBSD SCTP remote DoS
From: Kurt Seifried <kseifried () redhat ! com>
Date: 2012-08-29 18:28:33
Message-ID: 503E5F51.2080808 () redhat ! com
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/28/2012 01:39 PM, Raphael Geissert wrote:
> On Tuesday 28 August 2012 03:50:41 Simon L. B. Nielsen wrote:
>> On Tue, Aug 28, 2012 at 7:25 AM, Raphael Geissert
>> <geissert@debian.org>
> wrote:
>>> There appears to be a remote DoS (via a NULL pointer
>>> dereference in the kernel) vulnerability in FreeBSD's SCTP
>>> implementation[1].
>>>
>>> Has a CVE id been assigned to it already?
>>>
>>> [1]http://www.exploit-db.com/exploits/20226/
>>
>> I don't think have one gotten assigned, but probably should.
>> Probably best to go to Mitre to make sure we don't accidentally
>> get a duplicate. Feel free to requeste one, or I can do it later.
>> Please cc: secteam@freebsd.org on any request to minimize risk of
>> confusion.
>
> Kurt, could you please assign one?
>
> Thanks in advance.
>
> Kind regards,
Sorry thought this was going to mitre, had to make sure they didn't
assign one yet.
Please use CVE-2012-3549 for this issue.
- --
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iQIcBAEBAgAGBQJQPl9RAAoJEBYNRVNeJnmTs7YP/3g+fl8JXye6WO1l5fP+nWnq
y5DCW/QPKyrDjCIBZaMkdwSJoULWmoZTYg60atYyvmYIIOIJ0rny0JRVmJzFbTni
lz0rOQFZz4W1X0AJicHx2B08ItB2Gpza1kMW0YlTH3fL5Mm+mt1e87r6/GSxgNHr
JvA5Dw/3FF8p4MnRsDyDhgWicHUFi5Ir42q3vWk/EUqGvx9g4lHZrDQ9Be0yAP/4
ebQt3w6/wnMgEL4FS15f5KswZKZ3lesFgNTY8I2xPv0GqUHryyf3I3VSdACB/kqm
L/I0KOADP1yTL3eViIs7Jn6kuUYo74K9PDXT6SI0mkkJPXkbEUpquh8rtdkXxN6l
samtvfNCFaGbgStXO4F3SEMBaojkgnWp9/KkdfaQV/VPOG+rUVR/yX7YRuDDcpU9
eeeuJuumzMXbqrYBmt1oh5SYefxD/2MRRjb56VkP6MncbKMCIsAz+vFGCXrpO9a3
4dzDZ/wxV93tSP48SQzvEhQCIyuFZqfahyKgDx5u1D0H5asY2qLEHeo8ZFQsGMlP
gmLejzhlZterpdFRB/++zmwkst58Wyj1PtEhsOpYooRHSeUv8WBmJCHJLFzV/3nA
3Rm+uhw1D/MNUnNigYh/8IsLanidOkLvIOGrKhVv2UyiwuJ0U3hA4aXGbgxXr+aj
1l1yZmn1KTLlP3kpT6Fo
=WlKT
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic