Test Kennung:	1.3.6.1.4.1.25623.1.0.123378
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2014-3048)
Zusammenfassung:	The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-400.36.4.el5uek, mlnx_en-2.6.32-400.36.4.el6uek, ofa-2.6.32-400.36.4.el5uek, ofa-2.6.32-400.36.4.el6uek' package(s) announced via the ELSA-2014-3048 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'kernel-uek, mlnx_en-2.6.32-400.36.4.el5uek, mlnx_en-2.6.32-400.36.4.el6uek, ofa-2.6.32-400.36.4.el5uek, ofa-2.6.32-400.36.4.el6uek' package(s) announced via the ELSA-2014-3048 advisory. Vulnerability Insight: kernel-uek [2.6.32-400.36.4uek] - l2tp: fix an unprivileged user to kernel privilege escalation (Sasha Levin) [Orabug: 19229529] {CVE-2014-4943} {CVE-2014-4943} - ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) [Orabug: 19230692] {CVE-2014-4699} Affected Software/OS: 'kernel-uek, mlnx_en-2.6.32-400.36.4.el5uek, mlnx_en-2.6.32-400.36.4.el6uek, ofa-2.6.32-400.36.4.el5uek, ofa-2.6.32-400.36.4.el6uek' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-4699 Debian Security Information: DSA-2972 (Google Search) http://www.debian.org/security/2014/dsa-2972 http://www.exploit-db.com/exploits/34134 http://packetstormsecurity.com/files/127573/Linux-Kernel-ptrace-sysret-Local-Privilege-Escalation.html http://www.openwall.com/lists/oss-security/2014/07/04/4 http://openwall.com/lists/oss-security/2014/07/05/4 http://openwall.com/lists/oss-security/2014/07/08/16 http://openwall.com/lists/oss-security/2014/07/08/5 http://www.osvdb.org/108754 http://secunia.com/advisories/59633 http://secunia.com/advisories/59639 http://secunia.com/advisories/59654 http://secunia.com/advisories/60220 http://secunia.com/advisories/60380 http://secunia.com/advisories/60393 http://www.ubuntu.com/usn/USN-2266-1 http://www.ubuntu.com/usn/USN-2267-1 http://www.ubuntu.com/usn/USN-2268-1 http://www.ubuntu.com/usn/USN-2269-1 http://www.ubuntu.com/usn/USN-2270-1 http://www.ubuntu.com/usn/USN-2271-1 http://www.ubuntu.com/usn/USN-2272-1 http://www.ubuntu.com/usn/USN-2273-1 http://www.ubuntu.com/usn/USN-2274-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-4943 Debian Security Information: DSA-2992 (Google Search) http://www.debian.org/security/2014/dsa-2992 http://www.exploit-db.com/exploits/36267 http://openwall.com/lists/oss-security/2014/07/17/1 http://osvdb.org/show/osvdb/109277 RedHat Security Advisories: RHSA-2014:1025 http://rhn.redhat.com/errata/RHSA-2014-1025.html http://www.securitytracker.com/id/1030610 http://secunia.com/advisories/59790 http://secunia.com/advisories/60011 http://secunia.com/advisories/60071 SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html XForce ISS Database: linux-kernel-cve20144943-priv-esc(94665) https://exchange.xforce.ibmcloud.com/vulnerabilities/94665
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.