English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.57036
Kategorie:Trustix Local Security Checks
Titel:Trustix Security Advisory TSLSA-2006-0037 (kernel, netpbm)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory TSLSA-2006-0037.

kernel < TSL 3.0 >
- New upstream.
- Module qlogicfc successfully replaced with qla2xxx.
- Added scsi_transport_spi to initrd module list.
- SECURITY FIX: A race condition error in the posix-cpu-timers.c
script that does not prevent another CPU from attaching the timer
to an exiting process, which could be exploited by attackers to
cause a denial of service.
- Flaw due to errors in powerpc/kernel/signal_32.c and
powerpc/kernel/signal_32.c, which could allow userspace to
provoke a machine check on 32-bit kernels.
- An infinite loop in netfilter/xt_sctp.c, which could be exploited
by attackers to exhaust all available memory resources, creating
a denial of service condition.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2006-2445, CVE-2006-2448 and
CVE-2006-3085 to this issue.

netpbm < TSL 3.0 > < TSL 2.2 >
- SECURITY Fix: A vulnerability has been reported in NetPBM, caused due
to an off-by-one boundary error within pamtofits. This can be
exploited to cause a single byte buffer overflow when processing
a specially crafted input file.

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2006-0037

Risk factor : High

CVSS Score:
7.8

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2006-2445
BugTraq ID: 18615
http://www.securityfocus.com/bid/18615
Bugtraq: 20060623 rPSA-2006-0110-1 kernel (Google Search)
http://www.securityfocus.com/archive/1/438168/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDKSA-2006:123
http://www.mandriva.com/security/advisories?name=MDKSA-2006:151
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=30f1e3dd8c72abda343bcf415f7d8894a02b4290
http://marc.info/?l=linux-kernel&m=115015841413687
http://www.osvdb.org/26947
http://secunia.com/advisories/20703
http://secunia.com/advisories/20831
http://secunia.com/advisories/20991
http://secunia.com/advisories/21045
http://secunia.com/advisories/21179
SuSE Security Announcement: SUSE-SA:2006:042 (Google Search)
http://www.novell.com/linux/security/advisories/2006_42_kernel.html
http://www.trustix.org/errata/2006/0037
http://www.ubuntu.com/usn/usn-311-1
http://www.vupen.com/english/advisories/2006/2451
XForce ISS Database: linux-runposixcputimers-dos(27380)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27380
Common Vulnerability Exposure (CVE) ID: CVE-2006-2448
18616
http://www.securityfocus.com/bid/18616
2006-0037
20060623 rPSA-2006-0110-1 kernel
20703
20831
20991
21179
21465
http://secunia.com/advisories/21465
21498
http://secunia.com/advisories/21498
22417
http://secunia.com/advisories/22417
ADV-2006-2451
RHSA-2006:0575
http://www.redhat.com/support/errata/RHSA-2006-0575.html
SUSE-SA:2006:042
SUSE-SA:2006:047
http://www.novell.com/linux/security/advisories/2006_47_kernel.html
USN-311-1
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7c85d1f9d358b24c5b05c3a2783a78423775a080
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.21
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=194215
oval:org.mitre.oval:def:10040
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10040
Common Vulnerability Exposure (CVE) ID: CVE-2006-3085
BugTraq ID: 18550
http://www.securityfocus.com/bid/18550
http://www.osvdb.org/26680
http://securitytracker.com/id?1016347
SuSE Security Announcement: SUSE-SA:2006:047 (Google Search)
XForce ISS Database: linux-xt-sctp-dos(27384)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27384
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.