ID de Prueba:	1.3.6.1.4.1.25623.1.0.51711
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:092
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:092. The Linux kernel handles the basic functions of the operating system. This advisory includes fixes for several security issues: - numerous IGMP bugs - flaw in the page fault handler code - flaw in the handling of uselib(2) system call - flaw affecting the OUTS instruction of the AMD64 and Intel EM64T architecture - incorrect DMA lock check in Direct Rendering Manager - incorrect tables sizes used in the filesystem Native Language Support - flaw allowing users to unlock arbitrary shared memory segments - race exposed as a result of improvements to POSIX signal and tty standards - flaw in mlockall in 2.6.9 kernel - multiple flaws in sg_scsi_ioctl - missing access check regression - abritrary kernel memory read/rwite For details on these issues, please visit the referenced security advisory. All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-092.html http://www.isec.pl/vulnerabilities/isec-0018-igmp.txt http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt http://www.isec.pl/vulnerabilities/isec-0022-pagefault.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1056 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1137 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1235 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0001 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0092 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0176 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0177 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0178 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0204 Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1056 https://bugzilla.fedora.us/show_bug.cgi?id=2336 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9795 http://www.redhat.com/support/errata/RHSA-2005-092.html http://www.redhat.com/support/errata/RHSA-2005-529.html http://www.redhat.com/support/errata/RHSA-2005-551.html http://www.redhat.com/support/errata/RHSA-2005-663.html http://secunia.com/advisories/17002 https://www.ubuntu.com/usn/usn-38-1/ http://www.vupen.com/english/advisories/2005/1878 XForce ISS Database: linux-i810-dma-dos(15972) https://exchange.xforce.ibmcloud.com/vulnerabilities/15972 Common Vulnerability Exposure (CVE) ID: CVE-2004-1137 Bugtraq: 20041214 Linux kernel IGMP vulnerabilities (Google Search) Bugtraq: 20041214 [USN-38-1] Linux kernel vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110306397320336&w=2 Conectiva Linux advisory: CLA-2005:930 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930 http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 http://isec.pl/vulnerabilities/isec-0018-igmp.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11144 SuSE Security Announcement: SUSE-SA:2004:044 (Google Search) http://www.novell.com/linux/security/advisories/2004_44_kernel.html XForce ISS Database: linux-igmpmarksources-dos(18482) https://exchange.xforce.ibmcloud.com/vulnerabilities/18482 XForce ISS Database: linux-ipmcsource-code-execution(18481) https://exchange.xforce.ibmcloud.com/vulnerabilities/18481 Common Vulnerability Exposure (CVE) ID: CVE-2004-1235 BugTraq ID: 12190 http://www.securityfocus.com/bid/12190 Bugtraq: 20050107 Linux kernel sys_uselib local root vulnerability (Google Search) http://marc.info/?l=bugtraq&m=110512575901427&w=2 Debian Security Information: DSA-1067 (Google Search) http://www.debian.org/security/2006/dsa-1067 Debian Security Information: DSA-1069 (Google Search) http://www.debian.org/security/2006/dsa-1069 Debian Security Information: DSA-1070 (Google Search) http://www.debian.org/security/2006/dsa-1070 Debian Security Information: DSA-1082 (Google Search) http://www.debian.org/security/2006/dsa-1082 http://www.securityfocus.com/advisories/7806 http://www.securityfocus.com/advisories/7805 http://isec.pl/vulnerabilities/isec-0021-uselib.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567 http://www.redhat.com/support/errata/RHSA-2005-016.html http://www.redhat.com/support/errata/RHSA-2005-017.html http://www.redhat.com/support/errata/RHSA-2005-043.html http://secunia.com/advisories/20162 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://secunia.com/advisories/20338 SuSE Security Announcement: SUSE-SR:2005:001 (Google Search) http://www.novell.com/linux/security/advisories/2005_01_sr.html http://www.trustix.org/errata/2005/0001/ XForce ISS Database: linux-uselib-gain-privileges(18800) https://exchange.xforce.ibmcloud.com/vulnerabilities/18800 Common Vulnerability Exposure (CVE) ID: CVE-2005-0001 BugTraq ID: 12244 http://www.securityfocus.com/bid/12244 Bugtraq: 20050112 Linux kernel i386 SMP page fault handler privilege escalation (Google Search) http://marc.info/?l=bugtraq&m=110554694522719&w=2 Bugtraq: 20050114 [USN-60-0] Linux kernel vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110581146702951&w=2 http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030826.html http://isec.pl/vulnerabilities/isec-0022-pagefault.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10322 http://securitytracker.com/id?1012862 http://secunia.com/advisories/13822 XForce ISS Database: linux-fault-handler-gain-privileges(18849) https://exchange.xforce.ibmcloud.com/vulnerabilities/18849 Common Vulnerability Exposure (CVE) ID: CVE-2005-0090 BugTraq ID: 12599 http://www.securityfocus.com/bid/12599 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10425 XForce ISS Database: red-hat-regression-dos(20618) https://exchange.xforce.ibmcloud.com/vulnerabilities/20618 Common Vulnerability Exposure (CVE) ID: CVE-2005-0091 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11249 XForce ISS Database: red-hat-patch-gain-privileges(20619) https://exchange.xforce.ibmcloud.com/vulnerabilities/20619 Common Vulnerability Exposure (CVE) ID: CVE-2005-0092 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11647 XForce ISS Database: red-hat-patch-dos(20620) https://exchange.xforce.ibmcloud.com/vulnerabilities/20620 Common Vulnerability Exposure (CVE) ID: CVE-2005-0176 BugTraq ID: 12598 http://www.securityfocus.com/bid/12598 Bugtraq: 20050215 [USN-82-1] Linux kernel vulnerabilities (Google Search) http://marc.info/?l=full-disclosure&m=110846102231365&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1225 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8778 http://www.redhat.com/support/errata/RHSA-2005-472.html http://secunia.com/advisories/19607 SGI Security Advisory: 20060402-01-U ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U Common Vulnerability Exposure (CVE) ID: CVE-2005-0177 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10298 Common Vulnerability Exposure (CVE) ID: CVE-2005-0178 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10647 Common Vulnerability Exposure (CVE) ID: CVE-2005-0179 http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030660.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9890 Common Vulnerability Exposure (CVE) ID: CVE-2005-0180 BugTraq ID: 12198 http://www.securityfocus.com/bid/12198 Bugtraq: 20050107 grsecurity 2.1.0 release / 5 Linux kernel advisories (Google Search) http://www.securityfocus.com/archive/1/386374 http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10667 http://secunia.com/advisories/17826 Common Vulnerability Exposure (CVE) ID: CVE-2005-0204 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10320 http://www.redhat.com/support/errata/RHSA-2005-293.html http://secunia.com/advisories/18784 http://www.trustix.org/errata/2006/0006
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.