English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.67321
Kategorie:Mandrake Local Security Checks
Titel:Mandriva Security Advisory MDVSA-2010:088 (kernel)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing an update to kernel
announced via advisory MDVSA-2010:088.

Some vulnerabilities were discovered and corrected in the Linux
2.6 kernel:

The ATI Rage 128 (aka r128) driver in the Linux kernel before
2.6.31-git11 does not properly verify Concurrent Command Engine (CCE)
state initialization, which allows local users to cause a denial of
service (NULL pointer dereference and system crash) or possibly gain
privileges via unspecified ioctl calls. (CVE-2009-3620)

fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always
follow NFS automount symlinks, which allows attackers to have an
unknown impact, related to LOOKUP_FOLLOW. (CVE-2010-1088)

The wake_futex_pi function in kernel/futex.c in the Linux kernel
before 2.6.33-rc7 does not properly handle certain unlock operations
for a Priority Inheritance (PI) futex, which allows local users to
cause a denial of service (OOPS) and possibly have unspecified other
impact via vectors involving modification of the futex value from
user space. (CVE-2010-0622)

drivers/connector/connector.c in the Linux kernel before 2.6.32.8
allows local users to cause a denial of service (memory consumption
and system crash) by sending the kernel many NETLINK_CONNECTOR
messages. (CVE-2010-0410)

The futex_lock_pi function in kernel/futex.c in the Linux kernel before
2.6.33-rc7 does not properly manage a certain reference count, which
allows local users to cause a denial of service (OOPS) via vectors
involving an unmount of an ext3 filesystem. (CVE-2010-0623)

Aditionally, the kernel was updated to the 2.6.31.13 stable release,
it was added support for Cirrus Logic CS420x HDA codec, Wacom driver
was updated to version 0.8.5-12 and there is a fix in the driver for
backlight on Eee PC 1201HA.

To update your kernel, please follow the directions located at:

http://www.mandriva.com/en/security/kernelupdate

Affected: 2010.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:088

Risk factor : High

CVSS Score:
5.4

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2009-3620
36707
http://secunia.com/advisories/36707
36824
http://www.securityfocus.com/bid/36824
37909
http://secunia.com/advisories/37909
38794
http://secunia.com/advisories/38794
38834
http://secunia.com/advisories/38834
ADV-2010-0528
http://www.vupen.com/english/advisories/2010/0528
FEDORA-2009-11038
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html
MDVSA-2010:088
http://www.mandriva.com/security/advisories?name=MDVSA-2010:088
MDVSA-2010:198
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
RHSA-2009:1540
https://rhn.redhat.com/errata/RHSA-2009-1540.html
RHSA-2009:1670
http://www.redhat.com/support/errata/RHSA-2009-1670.html
RHSA-2009:1671
http://www.redhat.com/support/errata/RHSA-2009-1671.html
RHSA-2010:0882
http://www.redhat.com/support/errata/RHSA-2010-0882.html
SUSE-SA:2009:061
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html
SUSE-SA:2009:064
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html
SUSE-SA:2010:012
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
SUSE-SA:2010:013
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
USN-864-1
http://www.ubuntu.com/usn/usn-864-1
[linux-kernel] 20090921 [git pull] drm tree.
http://article.gmane.org/gmane.linux.kernel/892259
[oss-security] 20091019 CVE request: kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised
http://www.openwall.com/lists/oss-security/2009/10/19/1
[oss-security] 20091019 Re: CVE request: kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised
http://www.openwall.com/lists/oss-security/2009/10/19/3
[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7dc482dfeeeefcfd000d4271c4626937406756d7
http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.31-git11.log
https://bugzilla.redhat.com/show_bug.cgi?id=529597
oval:org.mitre.oval:def:6763
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6763
oval:org.mitre.oval:def:9891
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9891
Common Vulnerability Exposure (CVE) ID: CVE-2010-1088
BugTraq ID: 39044
http://www.securityfocus.com/bid/39044
Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search)
http://www.securityfocus.com/archive/1/516397/100/0/threaded
Debian Security Information: DSA-2053 (Google Search)
http://www.debian.org/security/2010/dsa-2053
http://www.openwall.com/lists/oss-security/2010/02/24/3
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10093
http://secunia.com/advisories/39742
http://secunia.com/advisories/39830
http://secunia.com/advisories/43315
SuSE Security Announcement: SUSE-SA:2010:019 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html
SuSE Security Announcement: SUSE-SA:2010:023 (Google Search)
http://www.novell.com/linux/security/advisories/2010_23_kernel.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-0622
Debian Security Information: DSA-2005 (Google Search)
http://www.debian.org/security/2010/dsa-2005
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035070.html
http://www.openwall.com/lists/oss-security/2010/02/09/2
http://www.openwall.com/lists/oss-security/2010/02/11/2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9655
http://www.redhat.com/support/errata/RHSA-2010-0161.html
http://secunia.com/advisories/38779
http://secunia.com/advisories/38905
http://secunia.com/advisories/38922
http://secunia.com/advisories/39033
SuSE Security Announcement: SUSE-SA:2010:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html
SuSE Security Announcement: SUSE-SA:2010:018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html
http://www.ubuntu.com/usn/USN-914-1
http://www.vupen.com/english/advisories/2010/0638
Common Vulnerability Exposure (CVE) ID: CVE-2010-0410
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
38058
http://www.securityfocus.com/bid/38058
38492
http://secunia.com/advisories/38492
38557
http://secunia.com/advisories/38557
38779
38922
39033
39649
http://secunia.com/advisories/39649
39742
43315
ADV-2010-0638
DSA-1996
http://www.debian.org/security/2010/dsa-1996
DSA-2005
FEDORA-2010-1787
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html
FEDORA-2010-1804
RHSA-2010:0161
RHSA-2010:0398
http://www.redhat.com/support/errata/RHSA-2010-0398.html
SUSE-SA:2010:014
SUSE-SA:2010:018
SUSE-SA:2010:019
SUSE-SA:2010:023
USN-914-1
[oss-security] 20100203 CVE request: kernel OOM/crash in drivers/connector
http://www.openwall.com/lists/oss-security/2010/02/03/1
[oss-security] 20100203 Re: CVE request: kernel OOM/crash in drivers/connector
http://www.openwall.com/lists/oss-security/2010/02/03/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f98bfbd78c37c5946cc53089da32a5f741efdeb7
http://support.avaya.com/css/P8/documents/100088287
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.8
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
https://bugzilla.redhat.com/show_bug.cgi?id=561682
oval:org.mitre.oval:def:10903
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10903
Common Vulnerability Exposure (CVE) ID: CVE-2010-0623
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.