Test Kennung:	1.3.6.1.4.1.25623.1.0.60322
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDVSA-2008:043 (kernel)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to kernel announced via advisory MDVSA-2008:043. A flaw in the vmsplice system call did not properly verify address arguments passed by user-space processes, which allowed local attackers to overwrite arbitrary kernel memory and gain root privileges. Mandriva urges all users to upgrade to these new kernels immediately as this flaw is being actively exploited. This issue only affects 2.6.17 and newer Linux kernels, so neither Corporate 3.0 nor Corporate 4.0 are affected. To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate Affected: 2007.0, 2007.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:043 Risk factor : High CVSS Score: 7.2
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0600 1019393 http://securitytracker.com/id?1019393 20080212 rPSA-2008-0052-1 kernel http://www.securityfocus.com/archive/1/488009/100/0/threaded 27704 http://www.securityfocus.com/bid/27704 27801 http://www.securityfocus.com/bid/27801 28835 http://secunia.com/advisories/28835 28858 http://secunia.com/advisories/28858 28875 http://secunia.com/advisories/28875 28889 http://secunia.com/advisories/28889 28896 http://secunia.com/advisories/28896 28912 http://secunia.com/advisories/28912 28925 http://secunia.com/advisories/28925 28933 http://secunia.com/advisories/28933 28937 http://secunia.com/advisories/28937 29245 http://secunia.com/advisories/29245 30818 http://secunia.com/advisories/30818 5092 https://www.exploit-db.com/exploits/5092 ADV-2008-0487 http://www.vupen.com/english/advisories/2008/0487/references DSA-1494 http://www.debian.org/security/2008/dsa-1494 FEDORA-2008-1422 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html FEDORA-2008-1423 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html FEDORA-2008-1433 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00270.html FEDORA-2008-1629 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00485.html MDVSA-2008:043 http://www.mandriva.com/security/advisories?name=MDVSA-2008:043 MDVSA-2008:044 http://www.mandriva.com/security/advisories?name=MDVSA-2008:044 RHSA-2008:0129 http://www.redhat.com/support/errata/RHSA-2008-0129.html SUSE-SA:2008:007 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html SUSE-SA:2008:013 http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html SUSE-SA:2008:030 http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html USN-577-1 http://www.ubuntu.com/usn/usn-577-1 [linux-kernel] 20080210 Re: [PATCH] kernel 2.6.24.1 still vulnerable to the vmsplice local root exploit http://marc.info/?l=linux-kernel&m=120263652322197&w=2 http://marc.info/?l=linux-kernel&m=120264520431307&w=2 http://marc.info/?l=linux-kernel&m=120264773202422&w=2 http://marc.info/?l=linux-kernel&m=120266328220808&w=2 http://marc.info/?l=linux-kernel&m=120266353621139&w=2 http://wiki.rpath.com/Advisories:rPSA-2008-0052 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0052 https://bugzilla.redhat.com/show_bug.cgi?id=432229 https://bugzilla.redhat.com/show_bug.cgi?id=432517 https://issues.rpath.com/browse/RPL-2237 oval:org.mitre.oval:def:11358 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11358
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.