VMware Local Security Checks : VMware ESXi/ESX updates to third party libraries (VMSA-2012-0013)

English | Deutsch | Español

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.103558

Categoría: VMware Local Security Checks

Título: VMware ESXi/ESX updates to third party libraries (VMSA-2012-0013)

Resumen: The remote ESXi is missing one or more security related Updates from VMSA-2012-0013.

Descripción: Summary:
The remote ESXi is missing one or more security related Updates from VMSA-2012-0013.

Vulnerability Insight:
a. vCenter and ESX update to JRE 1.6.0 Update 31

The Oracle (Sun) JRE is updated to version 1.6.0_31, which addresses multiple
security issues. Oracle has documented the CVE identifiers that are addressed by
this update in the Oracle Java SE Critical Patch Update Advisory of February 2012.

b. vCenter Update Manager update to JRE 1.5.0 Update 36

The Oracle (Sun) JRE is updated to 1.5.0_36 to address multiple security issues.
Oracle has documented the CVE identifiers that are addressed in JRE 1.5.0_36 in
the Oracle Java SE Critical Patch Update Advisory for June 2012.

c. Update to ESX/ESXi userworld OpenSSL library

The ESX/ESXi userworld OpenSSL library is updated from version 0.9.8p to version
0.9.8t to resolve multiple security issues.

d. Update to ESX service console OpenSSL RPM

The service console OpenSSL RPM is updated to version 0.9.8e-22.el5_8.3 to
resolve a security issue.

e. Update to ESX service console kernel

The ESX service console kernel is updated to resolve multiple security issues.

f. Update to ESX service console Perl RPM

The ESX service console Perl RPM is updated to perl-5.8.8.32.1.8999.vmw to
resolve multiple security issues.

g. Update to ESX service console libxml2 RPM

The ESX service console libmxl2 RPMs are updated to
libxml2-2.6.26-2.1.15.el5_8.2 and libxml2-python-2.6.26-2.1.15.el5_8.2 to
resolve a security issue.

h. Update to ESX service console glibc RPM

The ESX service console glibc RPM is updated to version glibc-2.5-81.el5_8.1 to
resolve multiple security issues.

i. Update to ESX service console GnuTLS RPM

The ESX service console GnuTLS RPM is updated to version 1.4.1-7.el5_8.2 to
resolve multiple security issues.

j. Update to ESX service console popt, rpm, rpm-libs, and rpm-python RPMS

The ESX service console popt, rpm, rpm-libs, and rpm-python RPMS are updated to
the following versions to resolve multiple security issues:

k. Vulnerability in third party Apache Struts component

The version of Apache Struts in vCenter Operations has been updated to 2.3.4
which addresses an arbitrary file overwrite vulnerability. This vulnerability
allows an attacker to create a denial of service by overwriting arbitrary files
without authentication. The attacker would need to be on the same network as the
system where vCOps is installed.

Affected Software/OS:
VMware ESX without patches ESX410-201208101-SG, ESX410-201208102-SG, ESX410-201208103-SG, ESX410-201208104-SG, ESX410-201208105-SG, ESX410-201208106-SG, ESX410-201208107-SG

VMware ESXi without patch ESXi410-201208101-SG

Solution:
Apply the missing patch(es).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-4180
1024822
http://www.securitytracker.com/id?1024822
42469
http://secunia.com/advisories/42469
42473
http://secunia.com/advisories/42473
42493
http://secunia.com/advisories/42493
42571
http://secunia.com/advisories/42571
42620
http://secunia.com/advisories/42620
42811
http://secunia.com/advisories/42811
42877
http://secunia.com/advisories/42877
43169
http://secunia.com/advisories/43169
43170
http://secunia.com/advisories/43170
43171
http://secunia.com/advisories/43171
43172
http://secunia.com/advisories/43172
43173
http://secunia.com/advisories/43173
44269
http://secunia.com/advisories/44269
45164
http://www.securityfocus.com/bid/45164
69565
http://osvdb.org/69565
ADV-2010-3120
http://www.vupen.com/english/advisories/2010/3120
ADV-2010-3122
http://www.vupen.com/english/advisories/2010/3122
ADV-2010-3134
http://www.vupen.com/english/advisories/2010/3134
ADV-2010-3188
http://www.vupen.com/english/advisories/2010/3188
ADV-2011-0032
http://www.vupen.com/english/advisories/2011/0032
ADV-2011-0076
http://www.vupen.com/english/advisories/2011/0076
ADV-2011-0268
http://www.vupen.com/english/advisories/2011/0268
APPLE-SA-2011-06-23-1
http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
DSA-2141
http://www.debian.org/security/2011/dsa-2141
FEDORA-2010-18736
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html
FEDORA-2010-18765
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html
HPSBHF02706
http://marc.info/?l=bugtraq&m=132077688910227&w=2
HPSBMA02658
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777
HPSBMU02759
http://www.securityfocus.com/archive/1/522176
HPSBOV02670
http://marc.info/?l=bugtraq&m=130497251507577&w=2
HPSBUX02638
http://marc.info/?l=bugtraq&m=129916880600544&w=2
MDVSA-2010:248
http://www.mandriva.com/security/advisories?name=MDVSA-2010:248
RHSA-2010:0977
http://www.redhat.com/support/errata/RHSA-2010-0977.html
RHSA-2010:0978
http://www.redhat.com/support/errata/RHSA-2010-0978.html
RHSA-2010:0979
http://www.redhat.com/support/errata/RHSA-2010-0979.html
RHSA-2011:0896
http://www.redhat.com/support/errata/RHSA-2011-0896.html
SSA:2010-340-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471
SSRT100339
SSRT100413
SSRT100475
SSRT100613
SSRT100817
SUSE-SR:2011:001
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
SUSE-SR:2011:009
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
SUSE-SU-2011:0847
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html
USN-1029-1
http://ubuntu.com/usn/usn-1029-1
VU#737740
http://www.kb.cert.org/vuls/id/737740
http://cvs.openssl.org/chngview?cn=20131
http://openssl.org/news/secadv_20101202.txt
http://support.apple.com/kb/HT4723
https://bugzilla.redhat.com/show_bug.cgi?id=659462
https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST
openSUSE-SU-2011:0845
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html
oval:org.mitre.oval:def:18910
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910
Common Vulnerability Exposure (CVE) ID: CVE-2010-4252
1024823
http://securitytracker.com/id?1024823
45163
http://www.securityfocus.com/bid/45163
57353
http://secunia.com/advisories/57353
http://cvs.openssl.org/chngview?cn=20098
http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564
https://bugzilla.redhat.com/show_bug.cgi?id=659297
https://github.com/seb-m/jpake
oval:org.mitre.oval:def:19039
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19039
Common Vulnerability Exposure (CVE) ID: CVE-2011-0014
1025050
http://www.securitytracker.com/id?1025050
43227
http://secunia.com/advisories/43227
43286
http://secunia.com/advisories/43286
43301
http://secunia.com/advisories/43301
43339
http://secunia.com/advisories/43339
46264
http://www.securityfocus.com/bid/46264
70847
http://osvdb.org/70847
ADV-2011-0361
http://www.vupen.com/english/advisories/2011/0361
ADV-2011-0387
http://www.vupen.com/english/advisories/2011/0387
ADV-2011-0389
http://www.vupen.com/english/advisories/2011/0389
ADV-2011-0395
http://www.vupen.com/english/advisories/2011/0395
ADV-2011-0399
http://www.vupen.com/english/advisories/2011/0399
ADV-2011-0603
http://www.vupen.com/english/advisories/2011/0603
DSA-2162
http://www.debian.org/security/2011/dsa-2162
FEDORA-2011-1273
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html
HPSBUX02689
http://marc.info/?l=bugtraq&m=131042179515633&w=2
MDVSA-2011:028
http://www.mandriva.com/security/advisories?name=MDVSA-2011:028
NetBSD-SA2011-002
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc
RHSA-2011:0677
http://www.redhat.com/support/errata/RHSA-2011-0677.html
SSA:2011-041-04
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.668823
SSRT100494
SUSE-SR:2011:005
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
USN-1064-1
http://www.ubuntu.com/usn/USN-1064-1
http://www.openssl.org/news/secadv_20110208.txt
https://support.f5.com/csp/article/K10534046
oval:org.mitre.oval:def:18985
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18985
Common Vulnerability Exposure (CVE) ID: CVE-2011-4108
48528
http://secunia.com/advisories/48528
57260
http://secunia.com/advisories/57260
APPLE-SA-2013-06-04-1
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
DSA-2390
http://www.debian.org/security/2012/dsa-2390
FEDORA-2012-18035
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
HPSBMU02776
http://marc.info/?l=bugtraq&m=133951357207000&w=2
HPSBMU02786
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
HPSBOV02793
http://marc.info/?l=bugtraq&m=134039053214295&w=2
HPSBUX02734
http://marc.info/?l=bugtraq&m=132750648501816&w=2
MDVSA-2012:006
http://www.mandriva.com/security/advisories?name=MDVSA-2012:006
MDVSA-2012:007
http://www.mandriva.com/security/advisories?name=MDVSA-2012:007
RHSA-2012:1306
http://rhn.redhat.com/errata/RHSA-2012-1306.html
RHSA-2012:1307
http://rhn.redhat.com/errata/RHSA-2012-1307.html
RHSA-2012:1308
http://rhn.redhat.com/errata/RHSA-2012-1308.html
SSRT100729
SSRT100852
SSRT100877
SSRT100891
SUSE-SU-2012:0084
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00018.html
SUSE-SU-2014:0320
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc
http://support.apple.com/kb/HT5784
http://www.isg.rhul.ac.uk/~kp/dtls.pdf
http://www.openssl.org/news/secadv_20120104.txt
https://security.paloaltonetworks.com/CVE-2011-4108
openSUSE-SU-2012:0083
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00017.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-4109
openssl-policy-checks-dos(72129)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72129
Common Vulnerability Exposure (CVE) ID: CVE-2011-4576
55069
http://secunia.com/advisories/55069
Common Vulnerability Exposure (CVE) ID: CVE-2011-4577
Common Vulnerability Exposure (CVE) ID: CVE-2011-4619
HPSBUX02782
http://marc.info/?l=bugtraq&m=133728068926468&w=2
SSRT100844
Common Vulnerability Exposure (CVE) ID: CVE-2012-0050
1026548
http://www.securitytracker.com/id?1026548
47631
http://secunia.com/advisories/47631
47677
http://secunia.com/advisories/47677
47755
http://secunia.com/advisories/47755
51563
http://www.securityfocus.com/bid/51563
78320
http://osvdb.org/78320
DSA-2392
http://www.debian.org/security/2012/dsa-2392
HPSBUX02737
http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03169289
MDVSA-2012:011
http://www.mandriva.com/security/advisories?name=MDVSA-2012:011
SSRT100747
http://www.openssl.org/news/secadv_20120118.txt
Common Vulnerability Exposure (CVE) ID: CVE-2012-2110
BugTraq ID: 53158
http://www.securityfocus.com/bid/53158
Debian Security Information: DSA-2454 (Google Search)
http://www.debian.org/security/2012/dsa-2454
http://www.exploit-db.com/exploits/18756
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079149.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080176.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079299.html
http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html
HPdes Security Advisory: HPSBMU02776
HPdes Security Advisory: HPSBMU02900
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
HPdes Security Advisory: HPSBOV02793
HPdes Security Advisory: HPSBUX02782
HPdes Security Advisory: SSRT100844
HPdes Security Advisory: SSRT100852
HPdes Security Advisory: SSRT100891
HPdes Security Advisory: SSRT101210
http://www.mandriva.com/security/advisories?name=MDVSA-2012:060
http://osvdb.org/81223
RedHat Security Advisories: RHSA-2012:0518
http://rhn.redhat.com/errata/RHSA-2012-0518.html
RedHat Security Advisories: RHSA-2012:0522
http://rhn.redhat.com/errata/RHSA-2012-0522.html
RedHat Security Advisories: RHSA-2012:1306
RedHat Security Advisories: RHSA-2012:1307
RedHat Security Advisories: RHSA-2012:1308
http://www.securitytracker.com/id?1026957
http://secunia.com/advisories/48847
http://secunia.com/advisories/48895
http://secunia.com/advisories/48899
http://secunia.com/advisories/48942
http://secunia.com/advisories/48999
SuSE Security Announcement: SUSE-SU-2012:0623 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html
SuSE Security Announcement: SUSE-SU-2012:0637 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html
SuSE Security Announcement: SUSE-SU-2012:1149 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html
http://www.ubuntu.com/usn/USN-1424-1
Common Vulnerability Exposure (CVE) ID: CVE-2011-1833
SuSE Security Announcement: SUSE-SU-2011:0898 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html
http://www.ubuntu.com/usn/USN-1188-1
Common Vulnerability Exposure (CVE) ID: CVE-2011-2484
48383
http://www.securityfocus.com/bid/48383
[linux-kernel] 20110616 [PATCH] taskstats: don't allow duplicate entries in listener mode
http://lists.openwall.net/linux-kernel/2011/06/16/605
[oss-security] 20110622 CVE request: kernel: taskstats local DoS
http://openwall.com/lists/oss-security/2011/06/22/1
[oss-security] 20110622 Re: CVE request: kernel: taskstats local DoS
http://openwall.com/lists/oss-security/2011/06/22/2
https://bugzilla.redhat.com/show_bug.cgi?id=715436
kernel-taskstats-dos(68150)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68150
Common Vulnerability Exposure (CVE) ID: CVE-2011-2496
[oss-security] 20110627 Re: CVE request: kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions
http://www.openwall.com/lists/oss-security/2011/06/27/2
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=982134ba62618c2d69fbbbd166d0a11ee3b7e3d8
https://bugzilla.redhat.com/show_bug.cgi?id=716538
https://github.com/torvalds/linux/commit/982134ba62618c2d69fbbbd166d0a11ee3b7e3d8
Common Vulnerability Exposure (CVE) ID: CVE-2011-3188
HPSBGN02970
http://marc.info/?l=bugtraq&m=139447903326211&w=2
[oss-security] 20110823 Re: CVE request: kernel: change in how tcp seq numbers are generated
http://www.openwall.com/lists/oss-security/2011/08/23/2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1
https://bugzilla.redhat.com/show_bug.cgi?id=732658
https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec
https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f
https://support.f5.com/csp/article/K15301?utm_source=f5support&amp%3Butm_medium=RSS
Common Vulnerability Exposure (CVE) ID: CVE-2011-3209
[oss-security] 20111024 kernel; CVE-2011-2942 and CVE-2011-3209
http://www.openwall.com/lists/oss-security/2011/10/24/3
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f8bd2258e2d520dff28c855658bd24bdafb5102d
https://bugzilla.redhat.com/show_bug.cgi?id=732878
https://github.com/torvalds/linux/commit/f8bd2258e2d520dff28c855658bd24bdafb5102d
Common Vulnerability Exposure (CVE) ID: CVE-2011-3363
[oss-security] 20110914 Re: CVE request -- kernel: cifs: always do is_path_accessible check in cifs_mount
http://www.openwall.com/lists/oss-security/2011/09/14/12
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=70945643722ffeac779d2529a348f99567fa5c33
https://bugzilla.redhat.com/show_bug.cgi?id=738291
https://github.com/torvalds/linux/commit/70945643722ffeac779d2529a348f99567fa5c33
Common Vulnerability Exposure (CVE) ID: CVE-2011-4110
47754
http://secunia.com/advisories/47754
50755
http://www.securityfocus.com/bid/50755
USN-1324-1
http://www.ubuntu.com/usn/USN-1324-1
USN-1328-1
http://www.ubuntu.com/usn/USN-1328-1
USN-1344-1
http://www.ubuntu.com/usn/USN-1344-1
[linux-kernel] 20111115 [PATCH] KEYS: Fix a NULL pointer deref in the user-defined key type
https://lkml.org/lkml/2011/11/15/363
[oss-security] 20111121 CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type
http://www.openwall.com/lists/oss-security/2011/11/21/19
[oss-security] 20111121 Re: CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type
http://www.openwall.com/lists/oss-security/2011/11/22/6
[oss-security] 20111122 Re: CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type
http://www.openwall.com/lists/oss-security/2011/11/22/5
https://bugzilla.redhat.com/show_bug.cgi?id=751297
Common Vulnerability Exposure (CVE) ID: CVE-2011-1020
20110122 Proc filesystem and SUID-Binaries
http://seclists.org/fulldisclosure/2011/Jan/421
43496
http://secunia.com/advisories/43496
46567
http://www.securityfocus.com/bid/46567
8107
http://securityreason.com/securityalert/8107
[linux-kernel] 20110207 Re: [SECURITY] /proc/$pid/ leaks contents across setuid exec
https://lkml.org/lkml/2011/2/7/414
https://lkml.org/lkml/2011/2/7/474
[linux-kernel] 20110207 [SECURITY] /proc/$pid/ leaks contents across setuid exec
https://lkml.org/lkml/2011/2/7/368
[linux-kernel] 20110208 Re: [SECURITY] /proc/$pid/ leaks contents across setuid exec
https://lkml.org/lkml/2011/2/7/404
https://lkml.org/lkml/2011/2/7/466
[linux-kernel] 20110209 Re: [SECURITY] /proc/$pid/ leaks contents across setuid exec
https://lkml.org/lkml/2011/2/10/21
https://lkml.org/lkml/2011/2/9/417
[oss-security] 20110224 CVE request: kernel: /proc/$pid/ leaks contents across setuid exec
http://openwall.com/lists/oss-security/2011/02/24/18
[oss-security] 20110225 Re: CVE request: kernel: /proc/$pid/ leaks contents across setuid exec
http://openwall.com/lists/oss-security/2011/02/25/2
http://www.halfdog.net/Security/2011/SuidBinariesAndProcInterface/
kernel-procpid-security-bypass(65693)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65693
Common Vulnerability Exposure (CVE) ID: CVE-2011-4132
1026325
http://securitytracker.com/id?1026325
48898
http://secunia.com/advisories/48898
50663
http://www.securityfocus.com/bid/50663
SUSE-SU-2012:0554
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html
SUSE-SU-2015:0812
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
[oss-security] 20111111 CVE Request -- kernel: jbd/jbd2: invalid value of first log block leads to oops
http://www.openwall.com/lists/oss-security/2011/11/11/6
[oss-security] 20111113 Re: CVE Request -- kernel: jbd/jbd2: invalid value of first log block leads to oops
http://www.openwall.com/lists/oss-security/2011/11/13/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=8762202dd0d6e46854f786bdb6fb3780a1625efe
http://xorl.wordpress.com/2011/12/08/cve-2011-4132-linux-kernel-jbdjbd2-local-dos/
https://bugzilla.redhat.com/show_bug.cgi?id=753341
Common Vulnerability Exposure (CVE) ID: CVE-2011-4324
[oss-security] 20120206 Re: CVE-2011-4324 kernel: nfsv4: mknod(2) DoS
http://www.openwall.com/lists/oss-security/2012/02/06/3
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dc0b027dfadfcb8a5504f7d8052754bf8d501ab9
https://bugzilla.redhat.com/show_bug.cgi?id=755440
https://github.com/torvalds/linux/commit/dc0b027dfadfcb8a5504f7d8052754bf8d501ab9
Common Vulnerability Exposure (CVE) ID: CVE-2011-4325
51366
http://www.securityfocus.com/bid/51366
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=1ae88b2e4
https://bugzilla.redhat.com/show_bug.cgi?id=755455
linux-kernel-nfs-dos(72297)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72297
Common Vulnerability Exposure (CVE) ID: CVE-2012-0207
http://www.openwall.com/lists/oss-security/2012/01/10/5
Common Vulnerability Exposure (CVE) ID: CVE-2011-2699
1027274
http://www.securitytracker.com/id?1027274
MDVSA-2013:150
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
[oss-security] 20110720 Re: CVE request: kernel: ipv6: make fragment identifications less predictable
http://www.openwall.com/lists/oss-security/2011/07/20/5
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=87c48fa3b4630905f98268dde838ee43626a060c
https://bugzilla.redhat.com/show_bug.cgi?id=723429
https://github.com/torvalds/linux/commit/87c48fa3b4630905f98268dde838ee43626a060c
Common Vulnerability Exposure (CVE) ID: CVE-2012-1583
1026930
http://www.securitytracker.com/id?1026930
48881
http://secunia.com/advisories/48881
53139
http://www.securityfocus.com/bid/53139
RHSA-2012:0488
http://rhn.redhat.com/errata/RHSA-2012-0488.html
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d0772b70faaf8e9f2013b6c4273d94d5eac8047a
https://bugzilla.redhat.com/show_bug.cgi?id=752304
https://github.com/torvalds/linux/commit/d0772b70faaf8e9f2013b6c4273d94d5eac8047a
Common Vulnerability Exposure (CVE) ID: CVE-2010-2761
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053576.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053591.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:237
http://www.mandriva.com/security/advisories?name=MDVSA-2010:250
https://bugzilla.mozilla.org/show_bug.cgi?id=600464
http://openwall.com/lists/oss-security/2010/12/01/1
http://openwall.com/lists/oss-security/2010/12/01/2
http://openwall.com/lists/oss-security/2010/12/01/3
http://osvdb.org/69588
http://osvdb.org/69589
http://www.redhat.com/support/errata/RHSA-2011-1797.html
http://secunia.com/advisories/43033
http://secunia.com/advisories/43068
http://secunia.com/advisories/43147
http://secunia.com/advisories/43165
SuSE Security Announcement: SUSE-SR:2011:001 (Google Search)
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
SuSE Security Announcement: SUSE-SR:2011:005 (Google Search)
http://www.vupen.com/english/advisories/2011/0207
http://www.vupen.com/english/advisories/2011/0212
http://www.vupen.com/english/advisories/2011/0249
http://www.vupen.com/english/advisories/2011/0271
Common Vulnerability Exposure (CVE) ID: CVE-2010-4410
BugTraq ID: 44199
http://www.securityfocus.com/bid/44199
BugTraq ID: 45145
http://www.securityfocus.com/bid/45145
http://www.mandriva.com/security/advisories?name=MDVSA-2010:252
http://www.vupen.com/english/advisories/2010/3230
Common Vulnerability Exposure (CVE) ID: CVE-2011-3597
46279
http://secunia.com/advisories/46279
49911
http://www.securityfocus.com/bid/49911
51457
http://secunia.com/advisories/51457
MDVSA-2012:008
http://www.mandriva.com/security/advisories?name=MDVSA-2012:008
MDVSA-2012:009
http://www.mandriva.com/security/advisories?name=MDVSA-2012:009
RHSA-2011:1424
http://www.redhat.com/support/errata/RHSA-2011-1424.html
RHSA-2011:1797
USN-1643-1
http://www.ubuntu.com/usn/USN-1643-1
http://aix.software.ibm.com/aix/efixes/security/perl_advisory2.asc
http://cpansearch.perl.org/src/GAAS/Digest-1.17/Changes
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735
https://bugzilla.redhat.com/show_bug.cgi?id=743010
oval:org.mitre.oval:def:19446
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19446
Common Vulnerability Exposure (CVE) ID: CVE-2012-0841
1026723
http://securitytracker.com/id?1026723
52107
http://www.securityfocus.com/bid/52107
54886
http://secunia.com/advisories/54886
55568
http://secunia.com/advisories/55568
APPLE-SA-2013-09-18-2
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
APPLE-SA-2013-10-22-8
http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
DSA-2417
http://www.debian.org/security/2012/dsa-2417
RHSA-2012:0324
http://rhn.redhat.com/errata/RHSA-2012-0324.html
RHSA-2013:0217
http://rhn.redhat.com/errata/RHSA-2013-0217.html
SUSE-SU-2013:1627
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
[oss-security] 20120222 libxml2: hash table collisions CPU usage DoS
http://www.openwall.com/lists/oss-security/2012/02/22/1
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660846
http://git.gnome.org/browse/libxml2/commit/?id=8973d58b7498fa5100a876815476b81fd1a2412a
http://support.apple.com/kb/HT5934
http://support.apple.com/kb/HT6001
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
http://xmlsoft.org/news.html
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0841_denial_of
Common Vulnerability Exposure (CVE) ID: CVE-2009-5029
20111203 VSFTPD Remote Heap Overrun (low severity)
http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html
[libc-alpha] 20111215 integer overflow to heap overrun exploit in glibc
http://sourceware.org/ml/libc-alpha/2011-12/msg00037.html
http://dividead.wordpress.com/2009/06/01/glibc-timezone-integer-overflow/
http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=97ac2654b2d831acaa18a2b018b0736245903fd2
https://bugzilla.redhat.com/show_bug.cgi?id=761245
Common Vulnerability Exposure (CVE) ID: CVE-2009-5064
http://reverse.lostrealm.com/protect/ldd.html
http://www.catonmat.net/blog/ldd-arbitrary-code-execution/
https://bugzilla.redhat.com/show_bug.cgi?id=531160
https://bugzilla.redhat.com/show_bug.cgi?id=682998
http://openwall.com/lists/oss-security/2011/03/07/10
http://openwall.com/lists/oss-security/2011/03/07/7
http://openwall.com/lists/oss-security/2011/03/08/2
http://openwall.com/lists/oss-security/2011/03/07/13
http://openwall.com/lists/oss-security/2011/03/08/1
http://openwall.com/lists/oss-security/2011/03/08/10
http://openwall.com/lists/oss-security/2011/03/08/3
http://openwall.com/lists/oss-security/2011/03/08/7
http://www.redhat.com/support/errata/RHSA-2011-1526.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-0830
BugTraq ID: 40063
http://www.securityfocus.com/bid/40063
Debian Security Information: DSA-2058 (Google Search)
http://www.debian.org/security/2010/dsa-2058
http://security.gentoo.org/glsa/glsa-201011-01.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2010:111
http://www.mandriva.com/security/advisories?name=MDVSA-2010:112
http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html
http://securitytracker.com/id?1024044
http://secunia.com/advisories/39900
SuSE Security Announcement: SUSE-SA:2010:052 (Google Search)
https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html
http://www.ubuntu.com/usn/USN-944-1
http://www.vupen.com/english/advisories/2010/1246
XForce ISS Database: glibc-elf-code-execution(58915)
https://exchange.xforce.ibmcloud.com/vulnerabilities/58915
Common Vulnerability Exposure (CVE) ID: CVE-2011-1089
46740
http://www.securityfocus.com/bid/46740
MDVSA-2011:178
http://www.mandriva.com/security/advisories?name=MDVSA-2011:178
MDVSA-2011:179
http://www.mandriva.com/security/advisories?name=MDVSA-2011:179
RHSA-2011:1526
[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE
http://openwall.com/lists/oss-security/2011/03/04/11
[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE
http://openwall.com/lists/oss-security/2011/03/04/9
[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE
http://openwall.com/lists/oss-security/2011/03/04/10
http://openwall.com/lists/oss-security/2011/03/04/12
[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE
http://openwall.com/lists/oss-security/2011/03/05/3
http://openwall.com/lists/oss-security/2011/03/05/7
[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE
http://openwall.com/lists/oss-security/2011/03/07/9
[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE
http://openwall.com/lists/oss-security/2011/03/14/16
http://openwall.com/lists/oss-security/2011/03/14/5
http://openwall.com/lists/oss-security/2011/03/14/7
[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE
http://openwall.com/lists/oss-security/2011/03/15/6
[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE
http://openwall.com/lists/oss-security/2011/03/22/4
http://openwall.com/lists/oss-security/2011/03/22/6
[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE
http://openwall.com/lists/oss-security/2011/03/31/3
http://openwall.com/lists/oss-security/2011/03/31/4
[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE
http://openwall.com/lists/oss-security/2011/04/01/2
http://sourceware.org/bugzilla/show_bug.cgi?id=12625
https://bugzilla.redhat.com/show_bug.cgi?id=688980
Common Vulnerability Exposure (CVE) ID: CVE-2011-4609
https://bugzilla.redhat.com/show_bug.cgi?id=767299
Common Vulnerability Exposure (CVE) ID: CVE-2012-0864
52201
http://www.securityfocus.com/bid/52201
RHSA-2012:0393
http://rhn.redhat.com/errata/RHSA-2012-0393.html
RHSA-2012:0397
http://rhn.redhat.com/errata/RHSA-2012-0397.html
RHSA-2012:0531
http://rhn.redhat.com/errata/RHSA-2012-0531.html
[libc-alpha] 20120202 [PATCH] vfprintf: validate nargs and positional offsets
http://sourceware.org/ml/libc-alpha/2012-02/msg00023.html
http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=7c1f4834d398163d1ac8101e35e9c36fc3176e6e
http://www.phrack.org/issues.html?issue=67&id=9#article
https://bugzilla.redhat.com/show_bug.cgi?id=794766
Common Vulnerability Exposure (CVE) ID: CVE-2011-4128
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077071.html
http://www.mandriva.com/security/advisories?name=MDVSA-2012:045
http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5596
http://openwall.com/lists/oss-security/2011/11/09/2
http://openwall.com/lists/oss-security/2011/11/09/4
RedHat Security Advisories: RHSA-2012:0429
http://rhn.redhat.com/errata/RHSA-2012-0429.html
RedHat Security Advisories: RHSA-2012:0488
RedHat Security Advisories: RHSA-2012:0531
http://secunia.com/advisories/48596
http://secunia.com/advisories/48712
http://www.ubuntu.com/usn/USN-1418-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-1569
Bugtraq: 20120320 Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1 (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html
Debian Security Information: DSA-2440 (Google Search)
http://www.debian.org/security/2012/dsa-2440
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076856.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076865.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077339.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076699.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078207.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077284.html
http://www.mandriva.com/security/advisories?name=MDVSA-2012:039
http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/
http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5932
http://article.gmane.org/gmane.comp.gnu.libtasn1.general/53
http://article.gmane.org/gmane.comp.gnu.libtasn1.general/54
http://www.openwall.com/lists/oss-security/2012/03/20/3
http://www.openwall.com/lists/oss-security/2012/03/20/8
http://www.openwall.com/lists/oss-security/2012/03/21/5
RedHat Security Advisories: RHSA-2012:0427
http://rhn.redhat.com/errata/RHSA-2012-0427.html
http://www.securitytracker.com/id?1026829
http://secunia.com/advisories/48397
http://secunia.com/advisories/48488
http://secunia.com/advisories/48505
http://secunia.com/advisories/48578
http://secunia.com/advisories/49002
http://secunia.com/advisories/50739
SuSE Security Announcement: SUSE-SU-2014:0320 (Google Search)
http://www.ubuntu.com/usn/USN-1436-1
Common Vulnerability Exposure (CVE) ID: CVE-2012-1573
BugTraq ID: 52667
http://www.securityfocus.com/bid/52667
Debian Security Information: DSA-2441 (Google Search)
http://www.debian.org/security/2012/dsa-2441
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076496.html
http://www.mandriva.com/security/advisories?name=MDVSA-2012:040
http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5910
http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5912
http://www.openwall.com/lists/oss-security/2012/03/21/4
http://osvdb.org/80259
http://www.securitytracker.com/id?1026828
http://secunia.com/advisories/48511
Common Vulnerability Exposure (CVE) ID: CVE-2012-0060
BugTraq ID: 52865
http://www.securityfocus.com/bid/52865
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077960.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078819.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078907.html
http://www.mandriva.com/security/advisories?name=MDVSA-2012:056
https://bugzilla.redhat.com/show_bug.cgi?id=744858
http://www.osvdb.org/81010
RedHat Security Advisories: RHSA-2012:0451
http://rhn.redhat.com/errata/RHSA-2012-0451.html
http://www.securitytracker.com/id?1026882
http://secunia.com/advisories/48651
http://secunia.com/advisories/48716
http://secunia.com/advisories/49110
SuSE Security Announcement: openSUSE-SU-2012:0588 (Google Search)
https://hermes.opensuse.org/messages/14440932
SuSE Security Announcement: openSUSE-SU-2012:0589 (Google Search)
https://hermes.opensuse.org/messages/14441362
http://www.ubuntu.com/usn/USN-1695-1
XForce ISS Database: rpm-loadsigverify-code-execution(74582)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74582
Common Vulnerability Exposure (CVE) ID: CVE-2012-0061
https://bugzilla.redhat.com/show_bug.cgi?id=798585
XForce ISS Database: rpm-headerload-code-execution(74583)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74583
Common Vulnerability Exposure (CVE) ID: CVE-2012-0815
https://bugzilla.redhat.com/show_bug.cgi?id=744104
http://www.osvdb.org/81009
XForce ISS Database: rpm-headerverifyinfo-code-execution(74581)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74581
Common Vulnerability Exposure (CVE) ID: CVE-2012-0393
Bugtraq: 20120105 SEC Consult SA-20120104-0 :: Multiple critical vulnerabilities in Apache Struts2 (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2012-01/0031.html
http://www.exploit-db.com/exploits/18329
https://www.sec-consult.com/files/20120104-0_Apache_Struts2_Multiple_Critical_Vulnerabilities.txt
http://secunia.com/advisories/47393
Common Vulnerability Exposure (CVE) ID: CVE-2012-0507
BugTraq ID: 52161
http://www.securityfocus.com/bid/52161
Debian Security Information: DSA-2420 (Google Search)
http://www.debian.org/security/2012/dsa-2420
HPdes Security Advisory: HPSBMU02797
http://marc.info/?l=bugtraq&m=134254957702612&w=2
HPdes Security Advisory: HPSBMU02799
http://marc.info/?l=bugtraq&m=134254866602253&w=2
HPdes Security Advisory: HPSBUX02757
http://marc.info/?l=bugtraq&m=133364885411663&w=2
HPdes Security Advisory: HPSBUX02760
http://marc.info/?l=bugtraq&m=133365109612558&w=2
HPdes Security Advisory: HPSBUX02784
http://marc.info/?l=bugtraq&m=133847939902305&w=2
HPdes Security Advisory: SSRT100779
HPdes Security Advisory: SSRT100805
HPdes Security Advisory: SSRT100867
HPdes Security Advisory: SSRT100871
http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx
http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/
http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3
RedHat Security Advisories: RHSA-2012:0508
http://rhn.redhat.com/errata/RHSA-2012-0508.html
RedHat Security Advisories: RHSA-2012:0514
http://rhn.redhat.com/errata/RHSA-2012-0514.html
RedHat Security Advisories: RHSA-2013:1455
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://secunia.com/advisories/48589
http://secunia.com/advisories/48692
http://secunia.com/advisories/48915
http://secunia.com/advisories/48948
http://secunia.com/advisories/48950
SuSE Security Announcement: SUSE-SU-2012:0602 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
SuSE Security Announcement: SUSE-SU-2012:0603 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

© 1998-2025 E-Soft Inc. Todos los derechos reservados.