Lucene search
Ubuntu.comUB:CVE-2013-5209HistoryAug 29, 2013 - 12:00 a.m.
CVE-2013-5209
2013-08-2900:00:00
ubuntu.com
ubuntu.com
13
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
0.003 Low
EPSS
Percentile
71.7%
The sctp_send_initiate_ack function in sys/netinet/sctp_output.c in the
SCTP implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE
does not properly initialize the state-cookie data structure, which allows
remote attackers to obtain sensitive information from kernel stack memory
by reading packet data in INIT-ACK chunks.
Bugs
Related
prion
prion
Stack overflow
2013-08-29 12:07:00
freebsd
freebsd
FreeBSD -- Kernel memory disclosure in sctp(4)
2013-08-22 00:00:00
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-13:10.sctp
2013-08-28 00:00:00
FreeBSD information leakage
2013-08-28 00:00:00
cvelist
cvelist
CVE-2013-5209
2013-08-29 10:00:00
nessus
nessus
debiancve
debiancve
CVE-2013-5209
2013-08-29 12:07:56
nvd
nvd
CVE-2013-5209
2013-08-29 12:07:56
freebsd_advisory
freebsd_advisory
FreeBSD-SA-13:10.sctp
2013-08-22 00:00:00
cve
cve
CVE-2013-5209
2013-08-29 12:07:56
osv
osv
kfreebsd-9 - several
2013-08-27 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2743-1)
2013-08-26 00:00:00
debian
debian
[SECURITY] [DSA 2743-1] kfreebsd-9 security update
2013-08-27 00:22:20
oracle
oracle
Oracle Critical Patch Update Advisory - April 2017
2017-04-18 00:00:00
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
0.003 Low
EPSS
Percentile
71.7%
Related for UB:CVE-2013-5209