Conectiva Local Security Checks : Conectiva Security Advisory CLA-2004:799

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.51326
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLA-2004:799
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLA-2004:799. The Linux kernel is responsible for handling the basic functions of the GNU/Linux operating system. This announcement fixes two local vulnerabilities in the kernel package: 1) mremap() local vulnerability (CVE-2003-0985[2]) Paul Starzetz from iSEC Security Research reported[1] another vulnerability in the Linux memory management code which can be used by local attackers to obtain root privileges or cause a denial of service condition (DoS). 2) Information leak in RTC code (CVE-2003-0984[3]) Russell King reported that real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://isec.pl/vulnerabilities/isec-0013-mremap.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0985 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0984 http://www.conectiva.com.br/suporte/pr/sistema.kernel.atualizar.html http://www.securityspace.com/smysecure/catid.html?in=CLA-2004:799 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002004 Risk factor : High CVSS Score: 7.2
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0985 BugTraq ID: 9356 http://www.securityfocus.com/bid/9356 Bugtraq: 20040105 Linux kernel do_mremap() proof-of-concept exploit code (Google Search) http://marc.info/?l=bugtraq&m=107340358402129&w=2 Bugtraq: 20040105 Linux kernel mremap vulnerability (Google Search) http://marc.info/?l=bugtraq&m=107332782121916&w=2 Bugtraq: 20040106 Linux mremap bug correction (Google Search) http://marc.info/?l=bugtraq&m=107340814409017&w=2 Bugtraq: 20040107 [slackware-security] Kernel security update (SSA:2004-006-01) (Google Search) http://marc.info/?l=bugtraq&m=107350348418373&w=2 Bugtraq: 20040108 [slackware-security] Slackware 8.1 kernel security update (SSA:2004-008-01) (Google Search) http://archives.neohapsis.com/archives/bugtraq/2004-01/0070.html Bugtraq: 20040112 SmoothWall Project Security Advisory SWP-2004:001 (Google Search) http://marc.info/?l=bugtraq&m=107394143105081&w=2 CERT/CC vulnerability note: VU#490620 http://www.kb.cert.org/vuls/id/490620 Computer Incident Advisory Center Bulletin: O-045 http://www.ciac.org/ciac/bulletins/o-045.shtml Conectiva Linux advisory: CLA-2004:799 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000799 Debian Security Information: DSA-1067 (Google Search) http://www.debian.org/security/2006/dsa-1067 Debian Security Information: DSA-1069 (Google Search) http://www.debian.org/security/2006/dsa-1069 Debian Security Information: DSA-1070 (Google Search) http://www.debian.org/security/2006/dsa-1070 Debian Security Information: DSA-1082 (Google Search) http://www.debian.org/security/2006/dsa-1082 Debian Security Information: DSA-413 (Google Search) http://www.debian.org/security/2004/dsa-413 Debian Security Information: DSA-417 (Google Search) http://www.debian.org/security/2004/dsa-417 Debian Security Information: DSA-423 (Google Search) http://www.debian.org/security/2004/dsa-423 Debian Security Information: DSA-427 (Google Search) http://www.debian.org/security/2004/dsa-427 Debian Security Information: DSA-439 (Google Search) http://www.debian.org/security/2004/dsa-439 Debian Security Information: DSA-440 (Google Search) http://www.debian.org/security/2004/dsa-440 Debian Security Information: DSA-442 (Google Search) http://www.debian.org/security/2004/dsa-442 Debian Security Information: DSA-450 (Google Search) http://www.debian.org/security/2004/dsa-450 Debian Security Information: DSA-470 (Google Search) http://www.debian.org/security/2004/dsa-470 Debian Security Information: DSA-475 (Google Search) http://www.debian.org/security/2004/dsa-475 En Garde Linux Advisory: ESA-20040105-001 http://www.linuxsecurity.com/advisories/engarde_advisory-3904.html Immunix Linux Advisory: IMNX-2004-73-001-01 http://download.immunix.org/ImmunixOS/7.3/updates/IMNX-2004-73-001-01 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:001 http://isec.pl/vulnerabilities/isec-0013-mremap.txt http://www.osvdb.org/3315 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A860 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A867 http://www.redhat.com/support/errata/RHSA-2003-416.html http://www.redhat.com/support/errata/RHSA-2003-417.html http://www.redhat.com/support/errata/RHSA-2003-418.html http://www.redhat.com/support/errata/RHSA-2003-419.html http://secunia.com/advisories/10532 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://secunia.com/advisories/20338 SGI Security Advisory: 20040102-01-U ftp://patches.sgi.com/support/free/security/advisories/20040102-01-U SuSE Security Announcement: SuSE-SA:2004:001 (Google Search) SuSE Security Announcement: SuSE-SA:2004:003 (Google Search) http://www.novell.com/linux/security/advisories/2004_03_linux_kernel.html http://marc.info/?l=bugtraq&m=107332754521495&w=2 XForce ISS Database: linux-domremap-gain-privileges(14135) https://exchange.xforce.ibmcloud.com/vulnerabilities/14135 Common Vulnerability Exposure (CVE) ID: CVE-2003-0984 BugTraq ID: 9154 http://www.securityfocus.com/bid/9154 http://www.redhat.com/archives/fedora-announce-list/2004-January/msg00000.html http://www.mandriva.com/security/advisories?name=MDKSA-2004:001 http://www.osvdb.org/3317 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A859 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9406 http://www.redhat.com/support/errata/RHSA-2004-188.html http://www.securitytracker.com/id?1008594 http://secunia.com/advisories/10533 http://secunia.com/advisories/10536 http://secunia.com/advisories/10537 http://secunia.com/advisories/10538 http://secunia.com/advisories/10555 http://secunia.com/advisories/10582 http://secunia.com/advisories/10583 http://secunia.com/advisories/20162 SuSE Security Announcement: SuSE-SA:2003:049 (Google Search) http://www.novell.com/linux/security/advisories/2003_049_kernel.html XForce ISS Database: linux-rtc-memory-leak(13943) https://exchange.xforce.ibmcloud.com/vulnerabilities/13943
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com