ID de Prueba:	1.3.6.1.4.1.25623.1.0.51352
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLA-2004:852
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLA-2004:852. The Linux kernel is responsible for handling the basic functions of the GNU/Linux operating system. This announcement fixes the following vulnerabilities: 1. Integer overflow in netfilter's tcp_find_option function (CVE-2004-0626[1]) Adam Osuchowski and Tomasz Dubinski noticed[2] that when using iptables and TCP options rules, the tcp_find_option function of the netfilter subsystem in Linux kernel 2.6 allows remote attackers to cause a denial of service via a large option length that produces a negative integer after a casting operation to the char type. They also provided the corretion for this bug. 2. Missing DAC check's in inode_change_ok function (CVE-2004-0497[3]) Missing Discretionary Access Control (DAC) checks in chown system call allowed a local user to change the group ownership of arbitrary files to a group that he or she belongs to, leading to a privileges escalation vulnerability. 3. Integer overflow in ip_setsockopt function (CVE-2004-0424[4]) iSEC Security Research published[5] an integer overflow vulnerability[4] in the ip_setsockopt function on Linux kernel 2.6.1 through 2.6.3 which allows local users to cause a denial of service condition or execute arbitrary code via the MCAST_MSFILTER socket option. 4. Incorrect usage of the fb_copy_cmap function in framebuffer (CVE-2004-0229[6]) The framebuffer driver in Linux kernel 2.6.x did not properly use the fb_copy_cmap function, possibly allowing privileges escalation for local attackers. 5. Integer overflow in the cpufreq proc handler (CVE-2004-0228[7]) Brad Spender found an integer overflow bug in the Linux kernel cpufreq code that allowed a local attacker to read arbitrary kernel memory. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0626 http://www.securityfocus.com/archive/1/367615/2004-06-27/2004-07-03/0 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0497 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0424 http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0229 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0228 http://www.conectiva.com.br/suporte/pr/sistema.kernel.atualizar.html http://www.securityspace.com/smysecure/catid.html?in=CLA-2004:852 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002004 Risk factor : High CVSS Score: 7.2
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0626 Bugtraq: 20040630 Remote DoS vulnerability in Linux kernel 2.6.x (Google Search) http://marc.info/?l=bugtraq&m=108861141304495&w=2 Conectiva Linux advisory: CLA-2004:852 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852 http://lwn.net/Articles/91964/ http://www.gentoo.org/security/en/glsa/glsa-200407-12.xml SuSE Security Announcement: SUSE-SA:2004:020 (Google Search) http://www.novell.com/linux/security/advisories/2004_20_kernel.html XForce ISS Database: linux-tcpfindoption-dos(16554) https://exchange.xforce.ibmcloud.com/vulnerabilities/16554 Common Vulnerability Exposure (CVE) ID: CVE-2004-0497 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867 http://www.redhat.com/support/errata/RHSA-2004-354.html http://www.redhat.com/support/errata/RHSA-2004-360.html XForce ISS Database: linux-fchown-groupid-modify(16599) https://exchange.xforce.ibmcloud.com/vulnerabilities/16599 Common Vulnerability Exposure (CVE) ID: CVE-2004-0424 BugTraq ID: 10179 http://www.securityfocus.com/bid/10179 Bugtraq: 20040420 Linux kernel setsockopt MCAST_MSFILTER integer overflow (Google Search) http://marc.info/?l=bugtraq&m=108253171301153&w=2 En Garde Linux Advisory: ESA-20040428-004 http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html http://www.mandriva.com/security/advisories?name=MDKSA-2004:037 http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11214 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A939 http://www.redhat.com/support/errata/RHSA-2004-183.html SGI Security Advisory: 20040504-01-U ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.659586 SuSE Security Announcement: SuSE-SA:2004:010 (Google Search) http://www.novell.com/linux/security/advisories/2004_10_kernel.html XForce ISS Database: linux-ipsetsockopt-integer-bo(15907) https://exchange.xforce.ibmcloud.com/vulnerabilities/15907 Common Vulnerability Exposure (CVE) ID: CVE-2004-0229 BugTraq ID: 10211 http://www.securityfocus.com/bid/10211 http://security.gentoo.org/glsa/glsa-200407-02.xml XForce ISS Database: linux-framebuffer(15974) https://exchange.xforce.ibmcloud.com/vulnerabilities/15974 Common Vulnerability Exposure (CVE) ID: CVE-2004-0228 http://fedoranews.org/updates/FEDORA-2004-111.shtml http://www.mandriva.com/security/advisories?name=MDKSA-2004:050 http://secunia.com/advisories/11429 http://secunia.com/advisories/11464 http://secunia.com/advisories/11486 http://secunia.com/advisories/11491 http://secunia.com/advisories/11683 XForce ISS Database: linux-cpufreq-info-disclosure(15951) https://exchange.xforce.ibmcloud.com/vulnerabilities/15951
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.