nvd-json-data-feeds/CVE-2014/CVE-2014-01xx/CVE-2014-0101.json

{
  "id": "CVE-2014-0101",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2014-03-11T13:01:06.733",
  "lastModified": "2024-11-21T02:01:22.173",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n sctp_sf_do_5_1D_ce en net/sctp/sm_statefuns.c en el kernel de Linux hasta la versi\u00f3n 3.13.6 no valida ciertos campos auth_enable y auth_capable antes de hacer una llamada sctp_sf_authenticate, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda del sistema) a trav\u00e9s de un SCTP handshake con un fragmento INIT modificado y un fragmento AUTH manipulado anterior a un fragmento COOKIE_ECHO."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "baseScore": 7.8,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "COMPLETE"
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "2.6.24",
              "versionEndExcluding": "3.2.56",
              "matchCriteriaId": "A0E9005C-26CB-4056-8F6B-98C7FDF2F7B9"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "3.3",
              "versionEndExcluding": "3.4.84",
              "matchCriteriaId": "2869AF87-7E94-4E08-8EF9-8C62F663EC82"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "3.5",
              "versionEndExcluding": "3.10.34",
              "matchCriteriaId": "67836467-8BEF-44A1-B031-98EFBA19F38C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "3.11",
              "versionEndExcluding": "3.12.15",
              "matchCriteriaId": "4AE2B033-586E-48AC-95DC-880018601DFC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "3.13",
              "versionEndExcluding": "3.13.7",
              "matchCriteriaId": "B13865A2-6E9A-4FFE-A1C2-02B75D66C207"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "569964DA-31BE-4520-A66D-C3B09D557AB8"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "11.1.0",
              "versionEndIncluding": "11.5.3",
              "matchCriteriaId": "F876CB01-E4E3-461B-BF67-F993D3C058B9"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "11.3.0",
              "versionEndIncluding": "11.5.3",
              "matchCriteriaId": "AF513AF7-A3D9-46E0-BDCF-A4C9F6DDE83E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "11.1.0",
              "versionEndIncluding": "11.5.3",
              "matchCriteriaId": "A0D2EAFC-436A-4553-B688-268EF5610499"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "11.4.0",
              "versionEndIncluding": "11.5.3",
              "matchCriteriaId": "91D62DE9-6693-474F-A2F4-9F53A06F5663"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "11.1.0",
              "versionEndIncluding": "11.5.3",
              "matchCriteriaId": "AA78FF31-4D4A-402D-9C3C-61DC9B14A790"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "11.1.0",
              "versionEndIncluding": "11.3.0",
              "matchCriteriaId": "9FF30167-0241-4136-82F8-2D2FB545C19A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "2.1.0",
              "versionEndIncluding": "2.3.0",
              "matchCriteriaId": "980317BB-165F-4804-926E-9973BC16E28A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_enterprise_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "3.0.0",
              "versionEndIncluding": "3.1.1",
              "matchCriteriaId": "23AEA33F-71CC-473F-86A4-C120532928DE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "11.1.0",
              "versionEndIncluding": "11.5.3",
              "matchCriteriaId": "EEE25317-09BF-46D2-934B-2D05B1390EFA"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "11.1.0",
              "versionEndIncluding": "11.5.3",
              "matchCriteriaId": "D2CBEB8A-617C-470F-BF49-10BE16FBFA97"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "11.1.0",
              "versionEndIncluding": "11.5.3",
              "matchCriteriaId": "4C8165D3-9160-4947-B1DF-226698B39E90"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "11.3.0",
              "versionEndIncluding": "11.5.3",
              "matchCriteriaId": "A63021EE-71D7-4CB3-AEDD-90A890FD5959"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "11.1.0",
              "versionEndIncluding": "11.4.1",
              "matchCriteriaId": "8C666A18-9DED-4B49-92DE-474403FC17BF"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "11.1.0",
              "versionEndIncluding": "11.3.0",
              "matchCriteriaId": "A6B52D60-38DB-4BE9-91F4-B6553F5E5A93"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "11.1.0",
              "versionEndIncluding": "11.3.0",
              "matchCriteriaId": "E1E3204F-9464-4AC3-819B-D1A6B399FAE3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-iq_adc:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9768142-C554-44DE-B8D5-45CB51E3C34C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "4.0.0",
              "versionEndIncluding": "4.5.0",
              "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "4.2.0",
              "versionEndIncluding": "4.5.0",
              "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "4.0.0",
              "versionEndIncluding": "4.5.0",
              "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729",
      "source": "secalert@redhat.com"
    },
    {
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/59216",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2014/03/04/6",
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/65943",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "http://www.ubuntu.com/usn/USN-2173-1",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.ubuntu.com/usn/USN-2174-1",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705",
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729",
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec0223ec48a90cb605244b45f7c62de856403729",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0419.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0432.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://secunia.com/advisories/59216",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15317.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2014/03/04/6",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/65943",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "http://www.ubuntu.com/usn/USN-2173-1",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.ubuntu.com/usn/USN-2174-1",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1070705",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/torvalds/linux/commit/ec0223ec48a90cb605244b45f7c62de856403729",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ]
    }
  ]
}