Test Kennung:	1.3.6.1.4.1.25623.1.0.55976
Kategorie:	Trustix Local Security Checks
Titel:	Trustix Security Advisory TSLSA-2005-0070 (kernel, perl)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory TSLSA-2005-0070. kernel < TSL 3.0 > - New Upstream. - SECURITY Fix: Memory leak in the VFS file lease handling in locks.c allows local users to cause a denial of service via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function. - The auto-reap of child processes in Linux kernel 2.6 includes processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a denial of service (crash). - The time_out_leases function in locks.c allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-3807, CVE-2005-3784 and CVE-2005-3857 to these issues. perl < TSL 3.0 > < TSL 2.2 > < TSEL 2 > - SECURITY Fix: Integer overflow in the format string functionality (Perl_sv_vcatpvfn) allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-3962 to this issue. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2005-0070 Risk factor : Medium CVSS Score: 4.9
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-3807 BugTraq ID: 15745 http://www.securityfocus.com/bid/15745 http://www.securityfocus.com/archive/1/427981/100/0/threaded http://marc.info/?l=linux-kernel&m=113190437101622&w=2 http://secunia.com/advisories/17917 http://secunia.com/advisories/17918 http://secunia.com/advisories/18203 SuSE Security Announcement: SUSE-SA:2005:067 (Google Search) http://www.securityfocus.com/advisories/9806 SuSE Security Announcement: SUSE-SA:2005:068 (Google Search) http://www.securityfocus.com/archive/1/419522/100/0/threaded http://www.trustix.org/errata/2005/0070 http://www.ubuntulinux.org/usn/usn-231-1 Common Vulnerability Exposure (CVE) ID: CVE-2005-3784 BugTraq ID: 15625 http://www.securityfocus.com/bid/15625 Bugtraq: 20060706 Re: [ MDKSA-2006:116 ] - Updated kernel packages fixes multiple vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/439623/100/100/threaded Debian Security Information: DSA-1017 (Google Search) http://www.debian.org/security/2006/dsa-1017 http://www.mandriva.com/security/advisories?name=MDKSA-2006:018 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174078 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9080 http://www.redhat.com/support/errata/RHSA-2006-0101.html http://secunia.com/advisories/17786 http://secunia.com/advisories/17787 http://secunia.com/advisories/18510 http://secunia.com/advisories/19374 https://usn.ubuntu.com/231-1/ http://www.vupen.com/english/advisories/2005/2649 Common Vulnerability Exposure (CVE) ID: CVE-2005-3857 BugTraq ID: 15627 http://www.securityfocus.com/bid/15627 Debian Security Information: DSA-1018 (Google Search) http://www.debian.org/security/2006/dsa-1018 http://www.securityfocus.com/archive/1/428028/100/0/threaded http://www.securityfocus.com/archive/1/428058/100/0/threaded http://www.mandriva.com/security/advisories?name=MDKSA-2006:072 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174337 http://marc.info/?l=linux-kernel&m=113175851920568&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9727 http://www.redhat.com/support/errata/RHSA-2006-0140.html http://secunia.com/advisories/18562 http://secunia.com/advisories/19369 http://secunia.com/advisories/19607 SGI Security Advisory: 20060402-01-U ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U Common Vulnerability Exposure (CVE) ID: CVE-2005-3962 102192 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102192-1 15629 http://www.securityfocus.com/bid/15629 17762 http://secunia.com/advisories/17762 17802 http://secunia.com/advisories/17802 17844 http://secunia.com/advisories/17844 17941 http://secunia.com/advisories/17941 17952 http://secunia.com/advisories/17952 17993 http://secunia.com/advisories/17993 18075 http://secunia.com/advisories/18075 18183 http://secunia.com/advisories/18183 18187 http://secunia.com/advisories/18187 18295 http://secunia.com/advisories/18295 18413 http://secunia.com/advisories/18413 18517 http://secunia.com/advisories/18517 19041 http://secunia.com/advisories/19041 20051201 Perl format string integer wrap vulnerability http://marc.info/?l=full-disclosure&m=113342788118630&w=2 http://www.securityfocus.com/archive/1/418333/100/0/threaded 20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U 20894 http://secunia.com/advisories/20894 21345 http://www.osvdb.org/21345 22255 http://www.osvdb.org/22255 23155 http://secunia.com/advisories/23155 31208 http://secunia.com/advisories/31208 ADV-2005-2688 http://www.vupen.com/english/advisories/2005/2688 ADV-2006-0771 http://www.vupen.com/english/advisories/2006/0771 ADV-2006-2613 http://www.vupen.com/english/advisories/2006/2613 ADV-2006-4750 http://www.vupen.com/english/advisories/2006/4750 APPLE-SA-2006-11-28 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html CLSA-2006:1056 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056 DSA-943 http://www.debian.org/security/2006/dsa-943 FLSA-2006:176731 https://www.redhat.com/archives/fedora-legacy-announce/2006-February/msg00008.html GLSA-200512-01 http://www.gentoo.org/security/en/glsa/glsa-200512-01.xml HPSBTU02125 http://www.securityfocus.com/archive/1/438726/100/0/threaded MDKSA-2005:225 http://www.mandriva.com/security/advisories?name=MDKSA-2005:225 OpenPKG-SA-2005.025 http://www.openpkg.org/security/OpenPKG-SA-2005.025-perl.html RHSA-2005:880 http://www.redhat.com/support/errata/RHSA-2005-880.html RHSA-2005:881 http://www.redhat.com/support/errata/RHSA-2005-881.html SSRT061105 SUSE-SA:2005:071 http://www.novell.com/linux/security/advisories/2005_71_perl.html SUSE-SR:2005:029 http://www.novell.com/linux/security/advisories/2005_29_sr.html TA06-333A http://www.us-cert.gov/cas/techalerts/TA06-333A.html TSLSA-2005-0070 USN-222-1 https://usn.ubuntu.com/222-1/ VU#948385 http://www.kb.cert.org/vuls/id/948385 [3.7] 20060105 007: SECURITY FIX: January 5, 2006 http://www.openbsd.org/errata37.html#perl ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/001_perl.patch http://docs.info.apple.com/article.html?artnum=304829 http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://www.dyadsecurity.com/perl-0002.html http://www.ipcop.org/index.php?name=News&file=article&sid=41 oval:org.mitre.oval:def:10598 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10598 oval:org.mitre.oval:def:1074 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1074
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.