Red Hat Local Security Checks : RedHat Security Advisory RHSA-2003:147

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50974

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2003:147

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2003:147.

For complete details of the list of fixes, please visit
the referenced advisory. A script_summary( of the fixes is listed
below:

Data corruption under heavy complex I/O loads.
Flaw in hash table implementation in kernel networking code.
Flaw in ioperm system call

In addition, the following drivers have been updated to the versions indicated:

-aacraid: 0.9.9ac6-TEST
-qlogic qla2100, qla2200, qla2300: 6.04.01
-aic7xxx_mod: 6.2.30 and aic79xx: 1.3.4
-ips: v6.00.26
-cpqfc: 2.1.2
-fusion: 2.05.00
-e100: 2.2.21-k1
-e1000: 5.0.43-k1, and added netdump support
-natsemi: 1.07+LK1.0.17
-cciss: 2.4.45.
-cpqarray: 2.4.26

If the system is configured to use alternate drivers, we recommend applying
the kudzu errata RHEA-2003:132 prior to updating the kernel.

A number of edge conditions in the virtual memory system have been
identified and resolved. These included the elimination of memory
allocation failures occuring when the system had not depleted all of the
physical memory. This would typically lead to process creation and network
driver failures, and general performance degradation. Additional memory
reclamation improvements were introduced to further smooth out the natural
system performance degradation that occur under memory exhaustion conditions.

In addition, the latest summit patches have been included.

All users should upgrade to these errata packages, which address these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2003-147.html

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2003-0244
BugTraq ID: 7601
http://www.securityfocus.com/bid/7601
Bugtraq: 20030618 [slackware-security] 2.4.21 kernels available (SSA:2003-168-01) (Google Search)
http://marc.info/?l=bugtraq&m=105595901923063&w=2
Debian Security Information: DSA-311 (Google Search)
http://www.debian.org/security/2003/dsa-311
Debian Security Information: DSA-312 (Google Search)
http://www.debian.org/security/2003/dsa-312
Debian Security Information: DSA-332 (Google Search)
http://www.debian.org/security/2003/dsa-332
Debian Security Information: DSA-336 (Google Search)
http://www.debian.org/security/2003/dsa-336
Debian Security Information: DSA-442 (Google Search)
http://www.debian.org/security/2004/dsa-442
En Garde Linux Advisory: ESA-20030515-017
http://marc.info/?l=bugtraq&m=105301461726555&w=2
http://www.mandriva.com/security/advisories?name=MDKSA-2003:066
http://www.mandriva.com/security/advisories?name=MDKSA-2003:074
http://marc.info/?l=linux-kernel&m=104956079213417
http://www.enyo.de/fw/security/notes/linux-dst-cache-dos.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A261
http://www.redhat.com/support/errata/RHSA-2003-145.html
http://www.redhat.com/support/errata/RHSA-2003-147.html
http://www.redhat.com/support/errata/RHSA-2003-172.html
http://www.secunia.com/advisories/8786/
http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0073.html
XForce ISS Database: data-algorithmic-complexity-dos(15382)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15382
Common Vulnerability Exposure (CVE) ID: CVE-2003-0246
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A278
TurboLinux Advisory: TLSA-2003-41
http://www.turbolinux.com/security/TLSA-2003-41.txt
http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0076.html

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50974
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2003:147
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2003:147. For complete details of the list of fixes, please visit the referenced advisory. A script_summary( of the fixes is listed below: Data corruption under heavy complex I/O loads. Flaw in hash table implementation in kernel networking code. Flaw in ioperm system call In addition, the following drivers have been updated to the versions indicated: -aacraid: 0.9.9ac6-TEST -qlogic qla2100, qla2200, qla2300: 6.04.01 -aic7xxx_mod: 6.2.30 and aic79xx: 1.3.4 -ips: v6.00.26 -cpqfc: 2.1.2 -fusion: 2.05.00 -e100: 2.2.21-k1 -e1000: 5.0.43-k1, and added netdump support -natsemi: 1.07+LK1.0.17 -cciss: 2.4.45. -cpqarray: 2.4.26 If the system is configured to use alternate drivers, we recommend applying the kudzu errata RHEA-2003:132 prior to updating the kernel. A number of edge conditions in the virtual memory system have been identified and resolved. These included the elimination of memory allocation failures occuring when the system had not depleted all of the physical memory. This would typically lead to process creation and network driver failures, and general performance degradation. Additional memory reclamation improvements were introduced to further smooth out the natural system performance degradation that occur under memory exhaustion conditions. In addition, the latest summit patches have been included. All users should upgrade to these errata packages, which address these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2003-147.html Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0244 BugTraq ID: 7601 http://www.securityfocus.com/bid/7601 Bugtraq: 20030618 [slackware-security] 2.4.21 kernels available (SSA:2003-168-01) (Google Search) http://marc.info/?l=bugtraq&m=105595901923063&w=2 Debian Security Information: DSA-311 (Google Search) http://www.debian.org/security/2003/dsa-311 Debian Security Information: DSA-312 (Google Search) http://www.debian.org/security/2003/dsa-312 Debian Security Information: DSA-332 (Google Search) http://www.debian.org/security/2003/dsa-332 Debian Security Information: DSA-336 (Google Search) http://www.debian.org/security/2003/dsa-336 Debian Security Information: DSA-442 (Google Search) http://www.debian.org/security/2004/dsa-442 En Garde Linux Advisory: ESA-20030515-017 http://marc.info/?l=bugtraq&m=105301461726555&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2003:066 http://www.mandriva.com/security/advisories?name=MDKSA-2003:074 http://marc.info/?l=linux-kernel&m=104956079213417 http://www.enyo.de/fw/security/notes/linux-dst-cache-dos.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A261 http://www.redhat.com/support/errata/RHSA-2003-145.html http://www.redhat.com/support/errata/RHSA-2003-147.html http://www.redhat.com/support/errata/RHSA-2003-172.html http://www.secunia.com/advisories/8786/ http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0073.html XForce ISS Database: data-algorithmic-complexity-dos(15382) https://exchange.xforce.ibmcloud.com/vulnerabilities/15382 Common Vulnerability Exposure (CVE) ID: CVE-2003-0246 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A278 TurboLinux Advisory: TLSA-2003-41 http://www.turbolinux.com/security/TLSA-2003-41.txt http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0076.html
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com