Test Kennung:	1.3.6.1.4.1.25623.1.0.53011
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Security Advisory RHSA-2005:420
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory RHSA-2005:420. The Linux kernel handles the basic functions of the operating system. This is the first regular kernel update to Red Hat Enterprise Linux 4. A flaw affecting the auditing code was discovered. On Itanium architectures a local user could use this flaw to cause a denial of service (crash). This issue is rated as having important security impact (CVE-2005-0136). A flaw was discovered in the servicing of a raw device ioctl. A local user who has access to raw devices could use this flaw to write to kernel memory and cause a denial of service or potentially gain privileges. This issue is rated as having moderate security impact (CVE-2005-1264). A number of other bugfixes and improvements have been made. Please visit the referenced security advisory for a more detailed description. All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-420.html Risk factor : High CVSS Score: 7.2
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0136 http://openvz.org/news/updates/kernel-022stab045.1-released https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=148862 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=155283 http://lists.alioth.debian.org/pipermail/kernel-svn-changes/2005-August/002597.html http://www.gelato.unsw.edu.au/archives/linux-ia64/0409/11073.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11628 http://www.redhat.com/support/errata/RHSA-2005-420.html http://www.redhat.com/support/errata/RHSA-2005-663.html http://secunia.com/advisories/17002 http://www.vupen.com/english/advisories/2005/1878 Common Vulnerability Exposure (CVE) ID: CVE-2005-1264 13651 http://www.securityfocus.com/bid/13651 20050516 Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0045.html 20050517 Re: Linux kernel pktcdvd and rawdevice ioctl break user space limit vulnerability http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0046.html ADV-2005-0557 http://www.vupen.com/english/advisories/2005/0557 FLSA:157459-3 http://www.securityfocus.com/archive/1/427980/100/0/threaded RHSA-2005:420 [linux-kernel] 20050517 [PATCH] Fix root hole in raw device http://marc.info/?l=linux-kernel&m=111630512512222 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.10 oval:org.mitre.oval:def:10264 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10264 Common Vulnerability Exposure (CVE) ID: CVE-2005-1263 13589 http://www.securityfocus.com/bid/13589 19185 http://secunia.com/advisories/19185 19607 http://secunia.com/advisories/19607 20050511 Linux kernel ELF core dump privilege elevation http://www.securityfocus.com/archive/1/397966 20060402-01-U ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U ADV-2005-0524 http://www.vupen.com/english/advisories/2005/0524 FLSA:157459-1 http://www.securityfocus.com/archive/1/428028/100/0/threaded FLSA:157459-2 http://www.securityfocus.com/archive/1/428058/100/0/threaded RHSA-2005:472 http://www.redhat.com/support/errata/RHSA-2005-472.html RHSA-2005:529 http://www.redhat.com/support/errata/RHSA-2005-529.html RHSA-2005:551 http://www.redhat.com/support/errata/RHSA-2005-551.html http://www.isec.pl/vulnerabilities/isec-0023-coredump.txt oval:org.mitre.oval:def:10909 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10909 oval:org.mitre.oval:def:1122 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1122
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.