| Beschreibung: | Description:
The remote host is missing updates announced in
advisory TSLSA-2006-0004.
kernel < TSL 3.0 >
- SECURITY Fix: Missing validation of the nlmsg_len value in
netlink_rcv_skb() can cause an infinite loop which can be exploited
by local users to cause a DoS by setting the value to 0.
- An error in the PPTP NAT helper in the handling of inbound
PPTP_IN_CALL_REQUEST packets can cause an error in offset calculation.
This can be exploited to cause random memory corruption and can crash
the kernel.
- ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in
Linux kernel 2.6.14, and other versions, allows local users to cause a
denial of service via a crafted outbound packet that causes an incorrect
offset to be calculated from pointer arithmetic when non-linear SKBs
(socket buffers) are used.
- Stefan Rompf has reported a vulnerability caused due to the dm-crypt
driver failing to clear memory before freeing it. This can be exploited
by local users to obtain sensitive information.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-0035, CVE-2006-0036, CVE-2006-0037 and
CVE-2006-0095 to these issues.
openssh < TSL 3.0 > < TSL 2.2 > < TSEL 2 >
- SECURITY Fix: Josh Bressers has reported a weakness in OpenSSH
caused due to the insecure use of the system() function in
scp when performing copy operations using filenames that are
supplied by the user from the command line. This can be exploited
to execute shell commands with privileges of the user running scp.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-0225 to this issue.
Solution:
Update your system with the packages as indicated in
the referenced security advisory.
http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2006-0004
Risk factor : High
CVSS Score:
7.8
|
