ID de Prueba:	1.3.6.1.4.1.25623.1.0.51973
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLA-2005:945
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLA-2005:945. The Linux kernel is responsible for handling the basic functions of the GNU/Linux operating system. The following vulnerabilities are being fixed in this update: 1. CVE-2005-0767 Race condition in the Radeon DRI driver for Linux kernel 2.6.8.1 allows local users with DRI privileges to execute arbitrary code as root. 2. CVE-2005-0209 Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via crafted IP packet fragments. 3. CVE-2005-0449 The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function. 4. CVE-2005-0210 Netfilter in the Linux kernel 2.6.8.1 allows local users to cause a denial of service (memory consumption) via certain packet fragments that are reassembled twice, which causes a data structure to be allocated twice. These other changes have also been made: - the base kernel has been upgraded to version 2.6.11. - the NVidia driver has been upgraded to version 7167 - DRBD has been upgraded to version 0.7.10 - the hsfmodem driver has been upgraded to version 7.18.00.03full - the slmodem driver has been upgraded to version 2.9.10 - the ndiswrapper driver has been upgraded to version 1.1 - lm_sensors has been upgraded to version 2.9.0[11] Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://linux.bkbits.net:8080/linux-2.6/cset@42088d17CO1mOAfgW4R46WRTm9gkwA http://linux.bkbits.net:8080/linux-2.6/gnupatch@41f59581p1swNaow4K1aBglV-q2jfQ http://linux.bkbits.net:8080/linux-2.6/gnupatch@41f8843a8ZMCNuP3meYAYnnXd3CO_g http://linux.bkbits.net:8080/linux-2.5/gnupatch@41fd96c39V0t4MxKFxE1aZn2f4b5UA http://linux.bkbits.net:8080/linux-2.5/gnupatch@41fdb84aBJklcjU85o1N1_dsch6HBw http://www.conectiva.com.br/suporte/pr/sistema.kernel.atualizar.html http://bugzilla.conectiva.com.br/show_bug.cgi?id=13716 http://www.securityspace.com/smysecure/catid.html?in=CLA-2005:945 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000945 Risk factor : High CVSS Score: 7.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0767 Conectiva Linux advisory: CLA-2005:945 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000945 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10431 RedHat Security Advisories: RHSA-2005:366 https://usn.ubuntu.com/95-1/ Common Vulnerability Exposure (CVE) ID: CVE-2005-0209 BugTraq ID: 12598 http://www.securityfocus.com/bid/12598 Bugtraq: 20050315 [USN-95-1] Linux kernel vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=111091402626556&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11855 http://www.redhat.com/support/errata/RHSA-2005-420.html SuSE Security Announcement: SUSE-SA:2005:018 (Google Search) http://www.novell.com/linux/security/advisories/2005_18_kernel.html Common Vulnerability Exposure (CVE) ID: CVE-2005-0449 Debian Security Information: DSA-1017 (Google Search) http://www.debian.org/security/2006/dsa-1017 Debian Security Information: DSA-1018 (Google Search) http://www.debian.org/security/2006/dsa-1018 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532 http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 http://oss.sgi.com/archives/netdev/2005-01/msg01036.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10753 http://www.redhat.com/support/errata/RHSA-2005-283.html http://www.redhat.com/support/errata/RHSA-2005-284.html http://www.redhat.com/support/errata/RHSA-2005-293.html http://secunia.com/advisories/19369 http://secunia.com/advisories/19374 http://secunia.com/advisories/19607 SGI Security Advisory: 20060402-01-U ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U https://usn.ubuntu.com/82-1/ Common Vulnerability Exposure (CVE) ID: CVE-2005-0210 BugTraq ID: 12816 http://www.securityfocus.com/bid/12816 http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 http://www.osvdb.org/14966 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10275 http://rhn.redhat.com/errata/RHSA-2005-366.html RedHat Security Advisories: RHSA-2005:663 http://rhn.redhat.com/errata/RHSA-2005-663.html http://secunia.com/advisories/14295 http://secunia.com/advisories/17002 http://secunia.com/advisories/17826 http://www.vupen.com/english/advisories/2005/1878
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.