English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.60697
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2008:0055
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory RHSA-2008:0055.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated kernel packages fix the following security issues:

A flaw was found in the virtual filesystem (VFS). A local unprivileged
user could truncate directories to which they had write permission
this
could render the contents of the directory inaccessible. (CVE-2008-0001,
Important)

A flaw was found in the implementation of ptrace. A local unprivileged user
could trigger this flaw and possibly cause a denial of service (system
hang). (CVE-2007-5500, Important)

A flaw was found in the way the Red Hat Enterprise Linux 4 kernel handled
page faults when a CPU used the NUMA method for accessing memory on Itanium
architectures. A local unprivileged user could trigger this flaw and cause
a denial of service (system panic). (CVE-2007-4130, Important)

A possible NULL pointer dereference was found in the chrp_show_cpuinfo
function when using the PowerPC architecture. This may have allowed a local
unprivileged user to cause a denial of service (crash).
(CVE-2007-6694, Moderate)

A flaw was found in the way core dump files were created. If a local user
can get a root-owned process to dump a core file into a directory, which
the user has write access to, they could gain read access to that core
file. This could potentially grant unauthorized access to sensitive
information. (CVE-2007-6206, Moderate)

Two buffer overflow flaws were found in the Linux kernel ISDN subsystem. A
local unprivileged user could use these flaws to cause a denial of
service. (CVE-2007-6063, CVE-2007-6151, Moderate)

As well, these updated packages fix the following bug:

* when moving volumes that contain multiple segments, and a mirror segment
is not the first in the mapping table, running the pvmove /dev/[device]
/dev/[device] command caused a kernel panic. A kernel: Unable to handle
kernel paging request at virtual address [address] error was logged by
syslog.

Red Hat Enterprise Linux 4 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0055.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : High

CVSS Score:
7.8

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-4130
27556
http://www.securityfocus.com/bid/27556
28748
http://secunia.com/advisories/28748
RHSA-2008:0055
http://rhn.redhat.com/errata/RHSA-2008-0055.html
https://bugzilla.redhat.com/show_bug.cgi?id=179665
oval:org.mitre.oval:def:11437
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11437
Common Vulnerability Exposure (CVE) ID: CVE-2007-5500
26477
http://www.securityfocus.com/bid/26477
27664
http://secunia.com/advisories/27664
27703
http://secunia.com/advisories/27703
27888
http://secunia.com/advisories/27888
27919
http://secunia.com/advisories/27919
27922
http://secunia.com/advisories/27922
28033
http://secunia.com/advisories/28033
28170
http://secunia.com/advisories/28170
28706
http://secunia.com/advisories/28706
28971
http://secunia.com/advisories/28971
29245
http://secunia.com/advisories/29245
30818
http://secunia.com/advisories/30818
30962
http://secunia.com/advisories/30962
ADV-2007-3902
http://www.vupen.com/english/advisories/2007/3902
DSA-1428
http://www.debian.org/security/2007/dsa-1428
FEDORA-2007-3751
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00170.html
FEDORA-2007-3837
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00032.html
FEDORA-2007-759
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00302.html
MDVSA-2008:008
http://www.mandriva.com/security/advisories?name=MDVSA-2008:008
MDVSA-2008:044
http://www.mandriva.com/security/advisories?name=MDVSA-2008:044
MDVSA-2008:112
http://www.mandriva.com/security/advisories?name=MDVSA-2008:112
SUSE-SA:2007:063
http://www.novell.com/linux/security/advisories/2007_63_kernel.html
SUSE-SA:2008:013
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html
SUSE-SA:2008:030
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html
SUSE-SA:2008:032
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html
USN-558-1
http://www.ubuntu.com/usn/usn-558-1
USN-574-1
http://www.ubuntu.com/usn/usn-574-1
USN-578-1
http://www.ubuntu.com/usn/usn-578-1
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.23.y.git%3Ba=commitdiff%3Bh=36ef66c5d137b9a31fd8c35d236fb9e26ef74f97
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.8
https://issues.rpath.com/browse/RPL-1965
linux-kernel-waittaskstopped-dos(38547)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38547
oval:org.mitre.oval:def:9868
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9868
Common Vulnerability Exposure (CVE) ID: CVE-2007-6063
BugTraq ID: 26605
http://www.securityfocus.com/bid/26605
Debian Security Information: DSA-1436 (Google Search)
http://www.debian.org/security/2007/dsa-1436
Debian Security Information: DSA-1503 (Google Search)
http://www.debian.org/security/2008/dsa-1503
Debian Security Information: DSA-1504 (Google Search)
http://www.debian.org/security/2008/dsa-1504
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6514
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9846
RedHat Security Advisories: RHSA-2008:0055
http://www.redhat.com/support/errata/RHSA-2008-0154.html
http://www.redhat.com/support/errata/RHSA-2008-0787.html
http://www.redhat.com/support/errata/RHSA-2008-0973.html
http://secunia.com/advisories/27842
http://secunia.com/advisories/27912
http://secunia.com/advisories/28141
http://secunia.com/advisories/28806
http://secunia.com/advisories/29058
http://secunia.com/advisories/29236
http://secunia.com/advisories/33201
http://secunia.com/advisories/33280
SuSE Security Announcement: SUSE-SA:2007:064 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html
SuSE Security Announcement: SUSE-SA:2008:006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
http://www.vupen.com/english/advisories/2007/4046
Common Vulnerability Exposure (CVE) ID: CVE-2007-6151
BugTraq ID: 27497
http://www.securityfocus.com/bid/27497
Debian Security Information: DSA-1479 (Google Search)
http://www.debian.org/security/2008/dsa-1479
http://www.mandriva.com/security/advisories?name=MDVSA-2008:086
http://lists.vmware.com/pipermail/security-announce/2008/000023.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10971
http://www.redhat.com/support/errata/RHSA-2008-0211.html
http://secunia.com/advisories/28626
http://secunia.com/advisories/28889
http://secunia.com/advisories/29570
http://secunia.com/advisories/30110
http://secunia.com/advisories/31246
SuSE Security Announcement: SUSE-SA:2008:007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html
SuSE Security Announcement: SUSE-SA:2008:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html
SuSE Security Announcement: SUSE-SA:2008:032 (Google Search)
http://www.vupen.com/english/advisories/2008/2222/references
Common Vulnerability Exposure (CVE) ID: CVE-2007-6206
BugTraq ID: 26701
http://www.securityfocus.com/bid/26701
Bugtraq: 20080208 rPSA-2008-0048-1 kernel (Google Search)
http://www.securityfocus.com/archive/1/487808/100/0/threaded
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10719
http://www.redhat.com/support/errata/RHSA-2008-0089.html
http://secunia.com/advisories/27908
http://secunia.com/advisories/28643
http://secunia.com/advisories/28826
SuSE Security Announcement: SUSE-SA:2008:030 (Google Search)
http://www.vupen.com/english/advisories/2007/4090
XForce ISS Database: kernel-core-dump-information-disclosure(38841)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38841
Common Vulnerability Exposure (CVE) ID: CVE-2007-6694
BugTraq ID: 27555
http://www.securityfocus.com/bid/27555
Debian Security Information: DSA-1565 (Google Search)
http://www.debian.org/security/2008/dsa-1565
http://marc.info/?l=linux-kernel&m=119576191029571&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11215
http://secunia.com/advisories/28696
http://secunia.com/advisories/30018
http://secunia.com/advisories/30515
http://secunia.com/advisories/30769
https://usn.ubuntu.com/614-1/
http://www.ubuntu.com/usn/usn-618-1
http://www.vupen.com/english/advisories/2008/0380
Common Vulnerability Exposure (CVE) ID: CVE-2008-0001
1019289
http://securitytracker.com/id?1019289
20080117 rPSA-2008-0021-1 kernel
http://www.securityfocus.com/archive/1/486485/100/0/threaded
27280
http://www.securityfocus.com/bid/27280
28485
http://secunia.com/advisories/28485
28558
http://secunia.com/advisories/28558
28626
28628
http://secunia.com/advisories/28628
28643
28664
http://secunia.com/advisories/28664
28806
ADV-2008-0151
http://www.vupen.com/english/advisories/2008/0151
DSA-1479
FEDORA-2008-0748
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00828.html
RHSA-2008:0089
SUSE-SA:2008:006
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=974a9f0b47da74e28f68b9c8645c3786aa5ace1a
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.16
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0021
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.14
https://issues.rpath.com/browse/RPL-2146
linux-directory-security-bypass(39672)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39672
oval:org.mitre.oval:def:9709
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9709
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.