English | Deutsch | Español | Português
 Benutzerkennung:
 Passwort:
Registrieren
 About:   Dediziert  | Erweitert  | Standard  | Wiederkehrend  | Risikolos  | Desktop  | Basis  | Einmalig  | Sicherheits Siegel  | FAQ
  Preis/Funktionszusammenfassung  | Bestellen  | Neue Anfälligkeiten  | Vertraulichkeit  | Anfälligkeiten Suche
 Anfälligkeitssuche        Suche in 75096 CVE Beschreibungen
und 39644 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.69127
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu USN-1071-1 (linux-source-2.6.15)
Zusammenfassung:Ubuntu USN-1071-1 (linux-source-2.6.15)
Beschreibung:The remote host is missing an update to linux-source-2.6.15
announced via advisory USN-1071-1.

Details follow:

Tavis Ormandy discovered that the Linux kernel did not properly implement
exception fixup. A local attacker could exploit this to crash the kernel,
leading to a denial of service. (CVE-2010-3086)

Dan Rosenberg discovered that the Linux kernel TIPC implementation
contained multiple integer signedness errors. A local attacker could
exploit this to gain root privileges. (CVE-2010-3859)

Dan Rosenberg discovered that the Linux kernel X.25 implementation
incorrectly parsed facilities. A remote attacker could exploit this to
crash the kernel, leading to a denial of service. (CVE-2010-3873)

Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did
not correctly clear kernel memory. A local attacker could exploit this to
read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)

Vasiliy Kulikov discovered that the Linux kernel sockets implementation
did not properly initialize certain structures. A local attacker could
exploit this to read kernel stack memory, leading to a loss of privacy.
(CVE-2010-3876)

Nelson Elhage discovered that the Linux kernel IPv4 implementation did not
properly audit certain bytecodes in netlink messages. A local attacker
could exploit this to cause the kernel to hang, leading to a denial of
service. (CVE-2010-3880)

Dan Rosenberg discovered that the SiS video driver did not correctly clear
kernel memory. A local attacker could exploit this to read kernel stack
memory, leading to a loss of privacy. (CVE-2010-4078)

Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver
did not correctly clear kernel memory. A local attacker could exploit this
to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080,
CVE-2010-4081)

Dan Rosenberg discovered that the semctl syscall did not correctly clear
kernel memory. A local attacker could exploit this to read kernel stack
memory, leading to a loss of privacy. (CVE-2010-4083)

James Bottomley discovered that the ICP vortex storage array controller
driver did not validate certain sizes. A local attacker on a 64bit system
could exploit this to crash the kernel, leading to a denial of service.
(CVE-2010-4157)

Dan Rosenberg discovered that the Linux kernel L2TP implementation
contained multiple integer signedness errors. A local attacker could
exploit this to to crash the kernel, or possibly gain root privileges.
(CVE-2010-4160)

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
linux-image-2.6.15-55-386 2.6.15-55.93
linux-image-2.6.15-55-686 2.6.15-55.93
linux-image-2.6.15-55-amd64-generic 2.6.15-55.93
linux-image-2.6.15-55-amd64-k8 2.6.15-55.93
linux-image-2.6.15-55-amd64-server 2.6.15-55.93
linux-image-2.6.15-55-amd64-xeon 2.6.15-55.93
linux-image-2.6.15-55-hppa32 2.6.15-55.93
linux-image-2.6.15-55-hppa32-smp 2.6.15-55.93
linux-image-2.6.15-55-hppa64 2.6.15-55.93
linux-image-2.6.15-55-hppa64-smp 2.6.15-55.93
linux-image-2.6.15-55-itanium 2.6.15-55.93
linux-image-2.6.15-55-itanium-smp 2.6.15-55.93
linux-image-2.6.15-55-k7 2.6.15-55.93
linux-image-2.6.15-55-mckinley 2.6.15-55.93
linux-image-2.6.15-55-mckinley-smp 2.6.15-55.93
linux-image-2.6.15-55-powerpc 2.6.15-55.93
linux-image-2.6.15-55-powerpc-smp 2.6.15-55.93
linux-image-2.6.15-55-powerpc64-smp 2.6.15-55.93
linux-image-2.6.15-55-server 2.6.15-55.93
linux-image-2.6.15-55-server-bigiron 2.6.15-55.93
linux-image-2.6.15-55-sparc64 2.6.15-55.93
linux-image-2.6.15-55-sparc64-smp 2.6.15-55.93

After a standard system update you need to reboot your computer to make
all the necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-1071-1

Risk factor : High
Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2010-3086
Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/archive/1/520102/100/0/threaded
http://marc.info/?l=oss-security&m=128935856605589&w=2
http://www.redhat.com/support/errata/RHSA-2010-0839.html
SuSE Security Announcement: SUSE-SA:2010:060 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html
http://securitytracker.com/id?1024709
http://secunia.com/advisories/46397
Common Vulnerability Exposure (CVE) ID: CVE-2010-3859
http://marc.info/?l=linux-netdev&m=128770476511716&w=2
http://www.spinics.net/lists/netdev/msg145248.html
http://www.spinics.net/lists/netdev/msg145247.html
http://www.spinics.net/lists/netdev/msg145263.html
http://www.spinics.net/lists/netdev/msg145265.html
http://www.spinics.net/lists/netdev/msg145262.html
http://www.spinics.net/lists/netdev/msg145264.html
http://www.spinics.net/lists/netdev/msg145352.html
http://www.openwall.com/lists/oss-security/2010/10/22/2
http://www.openwall.com/lists/oss-security/2010/10/22/5
Debian Security Information: DSA-2126 (Google Search)
http://www.debian.org/security/2010/dsa-2126
http://www.mandriva.com/security/advisories?name=MDVSA-2011:029
http://www.redhat.com/support/errata/RHSA-2011-0004.html
http://www.redhat.com/support/errata/RHSA-2011-0162.html
BugTraq ID: 44354
http://www.securityfocus.com/bid/44354
http://secunia.com/advisories/42789
http://secunia.com/advisories/42963
http://www.vupen.com/english/advisories/2011/0024
http://www.vupen.com/english/advisories/2011/0168
Common Vulnerability Exposure (CVE) ID: CVE-2010-3873
http://www.spinics.net/lists/netdev/msg145786.html
http://www.spinics.net/lists/netdev/msg145873.html
http://openwall.com/lists/oss-security/2010/11/03/2
http://openwall.com/lists/oss-security/2010/11/04/3
SuSE Security Announcement: SUSE-SA:2011:008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
SuSE Security Announcement: openSUSE-SU-2013:0925 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
http://secunia.com/advisories/43291
http://www.vupen.com/english/advisories/2011/0375
Common Vulnerability Exposure (CVE) ID: CVE-2010-3875
http://marc.info/?l=linux-netdev&m=128854507120898&w=2
http://openwall.com/lists/oss-security/2010/11/02/7
http://openwall.com/lists/oss-security/2010/11/04/5
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
BugTraq ID: 44630
http://www.securityfocus.com/bid/44630
Common Vulnerability Exposure (CVE) ID: CVE-2010-3876
http://marc.info/?l=linux-netdev&m=128854507220908&w=2
http://openwall.com/lists/oss-security/2010/11/02/12
http://openwall.com/lists/oss-security/2010/11/02/10
http://openwall.com/lists/oss-security/2010/11/02/9
http://www.redhat.com/support/errata/RHSA-2010-0958.html
http://www.redhat.com/support/errata/RHSA-2011-0007.html
http://secunia.com/advisories/42890
Common Vulnerability Exposure (CVE) ID: CVE-2010-3880
http://www.spinics.net/lists/netdev/msg145899.html
http://openwall.com/lists/oss-security/2010/11/04/9
http://openwall.com/lists/oss-security/2010/11/05/3
BugTraq ID: 44665
http://www.securityfocus.com/bid/44665
http://secunia.com/advisories/42126
Common Vulnerability Exposure (CVE) ID: CVE-2010-4078
http://www.openwall.com/lists/oss-security/2010/09/25/2
http://www.openwall.com/lists/oss-security/2010/10/07/1
http://www.openwall.com/lists/oss-security/2010/10/06/6
http://www.openwall.com/lists/oss-security/2010/10/25/3
SuSE Security Announcement: SUSE-SA:2011:001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
SuSE Security Announcement: SUSE-SA:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html
SuSE Security Announcement: SUSE-SA:2011:007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
BugTraq ID: 43810
http://www.securityfocus.com/bid/43810
http://secunia.com/advisories/42778
http://secunia.com/advisories/42801
http://www.vupen.com/english/advisories/2011/0012
http://www.vupen.com/english/advisories/2011/0298
Common Vulnerability Exposure (CVE) ID: CVE-2010-4080
http://lkml.org/lkml/2010/9/25/41
http://www.redhat.com/support/errata/RHSA-2011-0017.html
BugTraq ID: 45058
http://www.securityfocus.com/bid/45058
BugTraq ID: 45063
http://www.securityfocus.com/bid/45063
http://secunia.com/advisories/42884
Common Vulnerability Exposure (CVE) ID: CVE-2010-4081
Common Vulnerability Exposure (CVE) ID: CVE-2010-4083
http://www.spinics.net/lists/mm-commits/msg80234.html
SuSE Security Announcement: SUSE-SA:2011:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html
BugTraq ID: 43809
http://www.securityfocus.com/bid/43809
http://secunia.com/advisories/42932
http://www.vupen.com/english/advisories/2011/0124
Common Vulnerability Exposure (CVE) ID: CVE-2010-4157
http://ns3.spinics.net/lists/linux-scsi/msg47361.html
http://openwall.com/lists/oss-security/2010/11/09/1
http://openwall.com/lists/oss-security/2010/11/09/3
http://openwall.com/lists/oss-security/2010/11/09/4
http://openwall.com/lists/oss-security/2010/11/09/5
http://openwall.com/lists/oss-security/2010/11/10/12
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html
BugTraq ID: 44648
http://www.securityfocus.com/bid/44648
http://secunia.com/advisories/42745
http://www.vupen.com/english/advisories/2010/3321
Common Vulnerability Exposure (CVE) ID: CVE-2010-4160
http://www.spinics.net/lists/netdev/msg145673.html
http://openwall.com/lists/oss-security/2010/11/10/5
http://openwall.com/lists/oss-security/2010/11/10/16
http://openwall.com/lists/oss-security/2010/11/24/4
http://openwall.com/lists/oss-security/2010/11/24/5
http://openwall.com/lists/oss-security/2010/11/24/6
http://openwall.com/lists/oss-security/2010/11/24/12
http://xorl.wordpress.com/2010/11/11/cve-2010-4160-linux-kernel-l2tp-integer-overflows/
SuSE Security Announcement: SUSE-SA:2011:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html
BugTraq ID: 44762
http://www.securityfocus.com/bid/44762
http://secunia.com/advisories/43056
http://www.vupen.com/english/advisories/2011/0213
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 39644 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Registrierung eines neuen Benutzers
Email:
Benutzerkennung:
Passwort:
Bitte schicken Sie mir den monatlichen Newsletter, der mich über die neuesten Services, Verbesserungen und Umfragen informiert.
Bitte schicken Sie mir eine Anfälligkeitstest Benachrichtigung, wenn ein neuer Test hinzugefügt wird.
   Datenschutz
Anmeldung für registrierte Benutzer
 
Benutzerkennung:   
Passwort:  

 Benutzerkennung oder Passwort vergessen?
Email/Benutzerkennung:




Startseite | Über uns | Kontakt | Partnerprogramme | Datenschutz | Mailinglisten | Missbrauch
Sicherheits Überprüfungen | Verwaltete DNS | Netzwerk Überwachung | Webseiten Analysator | Internet Recherche Berichte
Web Sonde | Whois

© 1998-2014 E-Soft Inc. Alle Rechte vorbehalten.