General Discussion Cve-2009-0065

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 4 replies
Subscribers 3 subscribers
Views 1541 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cve-2009-0065

tonkun over 16 years ago

Hi, Does the following vulnerabilities effect Astaro version 7.306?

Linux Kernel 'FWD-TSN' Chunk Remote Buffer Overflow Vulnerability

Regards,tonkun

This thread was automatically locked due to age.

Parents

0 SvenW over 16 years ago

Our kernels are compiled without SCTP support at this time,
there is no risk for CVE-2009-0065.

Best regards
Sven Wurth

-------------------------------------------------------
Sven Wurth
Security Software Researcher
key-fp: 3194 3CC7 A2BC 4B4D 9976 6C20 90E5 6A53 AF6B
-------------------------------------------------------
Cancel
Vote Up 0 Vote Down

Cancel
0 BarryG over 16 years ago in reply to SvenW

What about protecting servers behind Astaro?

Since SCTP is a unique protocol, I'm assuming by default, Astaro would drop any inbound SCTP packets, right?

Thanks,
Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 AlanT_01 over 16 years ago in reply to BarryG

Correct, Barry.
Astaro could forward SCTP traffic, but this would require creating a new protocol srevice definition, and NAT/packetfilter rules to allow it. By default it will be dropped.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 AlanT_01 over 16 years ago in reply to BarryG

Correct, Barry.
Astaro could forward SCTP traffic, but this would require creating a new protocol srevice definition, and NAT/packetfilter rules to allow it. By default it will be dropped.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data