Vigil@nce - Linux kernel: bypassing SCTP Firewall rules
January 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
When the Conntrack module was not loaded, an attacker can bypass
SCTP rules of the Linux kernel firewall.
Impacted products: Linux, netfilter
Severity: 2/4
Creation date: 14/01/2015
DESCRIPTION OF THE VULNERABILITY
The SCTP protocol is used to transport several message streams,
multiplexed over one connection.
The iptables firewall supports rules for the SCTP protocol.
However, if the SCTP Conntrack module is not loaded, all SCTP
streams are allowed.
When the Conntrack module was not loaded, an attacker can
therefore bypass SCTP rules of the Linux kernel firewall.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-bypassing-SCTP-Firewall-rules-15960