| Beschreibung: | Description:
The remote host is missing updates announced in
advisory TSLSA-2006-0030.
kernel < TSL 3.0 >
- New Upstream.
- SECURITY Fix: A race condition in the do_add_counters() function
in netfilter can be exploited by local users to read kernel memory
or cause the system to crash via a race condition that produces a
size value that is different from the size of the allocated memory.
- An input validation error in SCTP when processing a HB-ACK chunk
with a specially-crafted parameter length can be exploited to cause
out-of-bounds memory access. This can potentially cause the system
to crash.
- An error in SCTP chunk length calculation during parameter
processing can be exploited to cause out-of-bounds memory access.
This can potentially cause the system to crash.
- A vulnerability has been reported which is caused due to some errors
within the snmp_trap_decode() function when handling certain SNMP
packets. This can be exploited to cause memory corruption due to
incorrect freeing of memory, which can potentially cause the system
to crash.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2006-0039, CVE-2006-1857, CVE-2006-1858
and CVE-2006-2444 to these issue.
quagga < TSL 3.0 >
- New Upstream.
- SECURITY Fix: Konstantin V. Gavrilenko has reported two security
issues in Quagga, which can be exploited by malicious people to bypass
certain security restrictions and to disclose system information.
- An error in RIPd does not properly implement configurations that
1) disable RIPv1 or 2) require plaintext or MD5 authentication. This allows
remote attackers to obtain sensitive information via REQUEST packets
such as SEND UPDATE.
- An error in RIPd does not properly enforce RIPv2 authentication
requirements. This allows remote attackers to modify routing state via
RIPv1 RESPONSE packets.
- Fredrik Widell has reported a vulnerability in Quagga caused due to an
infinite loop error in bgpd within the community_str2com() function.
This can be exploited to cause the process to consume large amounts of
CPU resources by issuing the sh ip bgp command command via the telnet
management interface.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-2223, CVE-2006-2224 and CVE-2006-2276 to
these issues.
Solution:
Update your system with the packages as indicated in
the referenced security advisory.
http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2006-0030
Risk factor : Critical
CVSS Score:
9.0
|
