Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.840758
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu Update for linux-ti-omap4 USN-1220-1
Zusammenfassung:Ubuntu Update for Linux kernel vulnerabilities USN-1220-1
Beschreibung:Summary:
Ubuntu Update for Linux kernel vulnerabilities USN-1220-1

Vulnerability Insight:
Ryan Sweat discovered that the kernel incorrectly handled certain VLAN
packets. On some systems, a remote attacker could send specially crafted
traffic to crash the system, leading to a denial of service.
(CVE-2011-1576)

Timo Warns discovered that the EFI GUID partition table was not correctly
parsed. A physically local attacker that could insert mountable devices
could exploit this to crash the system or possibly gain root privileges.
(CVE-2011-1776)

Dan Rosenberg discovered that the IPv4 diagnostic routines did not
correctly validate certain requests. A local attacker could exploit this to
consume CPU resources, leading to a denial of service. (CVE-2011-2213)

Dan Rosenberg discovered that the Bluetooth stack incorrectly handled
certain L2CAP requests. If a system was using Bluetooth, a remote attacker
could send specially crafted traffic to crash the system or gain root
privileges. (CVE-2011-2497)

Mauro Carvalho Chehab discovered that the si4713 radio driver did not
correctly check the length of memory copies. If this hardware was
available, a local attacker could exploit this to crash the system or gain
root privileges. (CVE-2011-2700)

Herbert Xu discovered that certain fields were incorrectly handled when
Generic Receive Offload (CVE-2011-2723)

Time Warns discovered that long symlinks were incorrectly handled on Be
filesystems. A local attacker could exploit this with a malformed Be
filesystem and crash the system, leading to a denial of service.
(CVE-2011-2928)

Dan Kaminsky discovered that the kernel incorrectly handled random sequence
number generation. An attacker could use this flaw to possibly predict
sequence numbers and inject packets. (CVE-2011-3188)

Darren Lavender discovered that the CIFS client incorrectly handled certain
large values. A remote attacker with a malicious server could exploit this
to crash the system or possibly execute arbitrary code as the root user.
(CVE-2011-3191)

Affected Software/OS:
linux-ti-omap4 on Ubuntu 10.10

Solution:
Please Install the Updated Packages.

CVSS Score:
8.3

CVSS Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-1576
BugTraq ID: 48907
http://www.securityfocus.com/bid/48907
RedHat Security Advisories: RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
http://www.redhat.com/support/errata/RHSA-2011-1090.html
http://www.redhat.com/support/errata/RHSA-2011-1106.html
http://www.securitytracker.com/id?1025853
Common Vulnerability Exposure (CVE) ID: CVE-2011-1776
BugTraq ID: 47796
http://www.securityfocus.com/bid/47796
http://www.pre-cert.de/advisories/PRE-SA-2011-04.txt
http://openwall.com/lists/oss-security/2011/05/10/4
http://securityreason.com/securityalert/8369
Common Vulnerability Exposure (CVE) ID: CVE-2011-2213
HPdes Security Advisory: HPSBGN02970
http://marc.info/?l=bugtraq&m=139447903326211&w=2
http://article.gmane.org/gmane.linux.network/197208
http://article.gmane.org/gmane.linux.network/197206
http://article.gmane.org/gmane.linux.network/197386
http://article.gmane.org/gmane.linux.network/198809
http://www.openwall.com/lists/oss-security/2011/06/20/1
http://www.openwall.com/lists/oss-security/2011/06/20/13
http://www.openwall.com/lists/oss-security/2011/06/20/16
Common Vulnerability Exposure (CVE) ID: CVE-2011-2497
BugTraq ID: 48472
http://www.securityfocus.com/bid/48472
http://marc.info/?l=linux-kernel&m=130891911909436&w=2
http://www.openwall.com/lists/oss-security/2011/06/24/9
http://www.openwall.com/lists/oss-security/2011/06/27/3
http://www.osvdb.org/74679
http://securityreason.com/securityalert/8359
Common Vulnerability Exposure (CVE) ID: CVE-2011-2700
BugTraq ID: 48804
http://www.securityfocus.com/bid/48804
http://xorl.wordpress.com/2011/07/24/cve-2011-2700-linux-kernel-si4713-i2c-buffer-overflow/
http://openwall.com/lists/oss-security/2011/07/20/4
http://openwall.com/lists/oss-security/2011/07/20/6
Common Vulnerability Exposure (CVE) ID: CVE-2011-2723
BugTraq ID: 48929
http://www.securityfocus.com/bid/48929
http://openwall.com/lists/oss-security/2011/07/28/13
http://openwall.com/lists/oss-security/2011/07/29/1
http://www.redhat.com/support/errata/RHSA-2011-1321.html
http://securitytracker.com/id?1025876
Common Vulnerability Exposure (CVE) ID: CVE-2011-2928
BugTraq ID: 49256
http://www.securityfocus.com/bid/49256
Bugtraq: 20110819 [PRE-SA-2011-06] Linux kernel: ZERO_SIZE_PTR dereference for long symlinks in Be FS (Google Search)
http://www.securityfocus.com/archive/1/519387/100/0/threaded
http://www.pre-cert.de/advisories/PRE-SA-2011-06.txt
http://www.openwall.com/lists/oss-security/2011/08/19/1
http://www.openwall.com/lists/oss-security/2011/08/19/5
http://securityreason.com/securityalert/8360
XForce ISS Database: linux-kernel-be-dos(69343)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69343
Common Vulnerability Exposure (CVE) ID: CVE-2011-3188
http://www.openwall.com/lists/oss-security/2011/08/23/2
Common Vulnerability Exposure (CVE) ID: CVE-2011-3191
http://www.openwall.com/lists/oss-security/2011/08/24/2
CopyrightCopyright (C) 2011 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.