Vulnerabilities > CVE-2012-3549 - Remote Denial of Service vulnerability in Freebsd 8.2

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

freebsd

exploit available

NVD

Published: 2012-10-09

Updated: 2013-01-30

Summary

The SCTP implementation in FreeBSD 8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted ASCONF chunk. Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'

Vulnerable Configurations

Part	Description	Count
OS	Freebsd Freebsd Freebsd 8.2	1

Exploit-Db

description	FreeBSD Kernel SCTP Remote NULL Ptr Dereference DoS. CVE-2012-3549. Dos exploit for freebsd platform
file	exploits/freebsd/dos/20226.c
id	EDB-ID:20226
last seen	2016-02-02
modified	2012-08-03
platform	freebsd
port
published	2012-08-03
reporter	Shaun Colley
source	https://www.exploit-db.com/download/20226/
title	FreeBSD Kernel SCTP Remote NULL Ptr Dereference DoS
type	dos

Summary

Vulnerable Configurations

Exploit-Db

References