English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.57246
Categoría:Red Hat Local Security Checks
Título:RedHat Security Advisory RHSA-2006:0575
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing updates announced in
advisory RHSA-2006:0575.

This update includes fixes for the security issues:

* a flaw in the USB devio handling of device removal that allowed a
local user to cause a denial of service (crash) (CVE-2005-3055,
moderate)

* a flaw in the ACL handling of nfsd that allowed a remote user to
bypass ACLs for readonly mounted NFS file systems (CVE-2005-3623,
moderate)

* a flaw in the netfilter handling that allowed a local user with
CAP_NET_ADMIN rights to cause a buffer overflow (CVE-2006-0038, low)

* a flaw in the IBM S/390 and IBM zSeries strnlen_user() function that
allowed a local user to cause a denial of service (crash) or to retrieve
random kernel data (CVE-2006-0456, important)

* a flaw in the keyctl functions that allowed a local user to cause a
denial of service (crash) or to read sensitive kernel memory
(CVE-2006-0457, important)

* a flaw in unaligned accesses handling on Itanium processors that
allowed a local user to cause a denial of service (crash)
(CVE-2006-0742, important)

* a flaw in SELinux ptrace logic that allowed a local user with ptrace
permissions to change the tracer SID to a SID of another process
(CVE-2006-1052, moderate)

* an info leak on AMD-based x86 and x86_64 systems that allowed a local
user to retrieve the floating point exception state of a process run by a
different user (CVE-2006-1056, important)

* a flaw in IPv4 packet output handling that allowed a remote user to
bypass the zero IP ID countermeasure on systems with a disabled firewall
(CVE-2006-1242, low)

* a minor info leak in socket option handling in the network code
(CVE-2006-1343, low)

* a flaw in the HB-ACK chunk handling of SCTP that allowed a remote user to
cause a denial of service (crash) (CVE-2006-1857, moderate)

* a flaw in the SCTP implementation that allowed a remote user to cause a
denial of service (deadlock) (CVE-2006-2275, moderate)

* a flaw in the socket buffer handling that allowed a remote user to cause
a denial of service (panic) (CVE-2006-2446, important)

* a flaw in the signal handling access checking on PowerPC that allowed a
local user to cause a denial of service (crash) or read arbitrary kernel
memory on 64-bit systems (CVE-2006-2448, important)

* a flaw in the netfilter SCTP module when receiving a chunkless packet
that allowed a remote user to cause a denial of service (crash)
(CVE-2006-2934, important)

There were several bug fixes in various parts of the kernel. The ongoing
effort to resolve these problems has resulted in a marked improvement
in the reliability and scalability of Red Hat Enterprise Linux 4.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2006-0575.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : Critical

CVSS Score:
9.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-3055
14955
http://www.securityfocus.com/bid/14955
17826
http://secunia.com/advisories/17826
17917
http://secunia.com/advisories/17917
17918
http://secunia.com/advisories/17918
19374
http://secunia.com/advisories/19374
21035
http://secunia.com/advisories/21035
21136
http://secunia.com/advisories/21136
21465
http://secunia.com/advisories/21465
21983
http://secunia.com/advisories/21983
22417
http://secunia.com/advisories/22417
ADV-2005-1863
http://www.vupen.com/english/advisories/2005/1863
DSA-1017
http://www.debian.org/security/2006/dsa-1017
MDKSA-2005:218
http://www.mandriva.com/security/advisories?name=MDKSA-2005:218
MDKSA-2005:219
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
MDKSA-2005:220
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
MDKSA-2005:235
http://www.mandriva.com/security/advisories?name=MDKSA-2005:235
RHSA-2006:0437
http://www.redhat.com/support/errata/RHSA-2006-0437.html
RHSA-2006:0575
http://www.redhat.com/support/errata/RHSA-2006-0575.html
RHSA-2006:0579
http://www.redhat.com/support/errata/RHSA-2006-0579.html
RHSA-2006:0580
http://www.redhat.com/support/errata/RHSA-2006-0580.html
SUSE-SA:2005:067
http://www.securityfocus.com/advisories/9806
SUSE-SA:2005:068
http://www.securityfocus.com/archive/1/419522/100/0/threaded
USN-219-1
https://usn.ubuntu.com/219-1/
[linux-kernel] 20050925 [BUG/PATCH/RFC] Oops while completing async USB via usbdevio
http://marc.info/?l=linux-kernel&m=112766129313883
http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
oval:org.mitre.oval:def:9472
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9472
Common Vulnerability Exposure (CVE) ID: CVE-2005-3623
16570
http://www.securityfocus.com/bid/16570
18788
http://secunia.com/advisories/18788
19038
http://secunia.com/advisories/19038
SUSE-SA:2006:006
http://www.novell.com/linux/security/advisories/2006_06_kernel.html
SUSE-SA:2006:012
http://lists.suse.de/archive/suse-security-announce/2006-Feb/0010.html
http://lkml.org/lkml/2005/12/23/171
oval:org.mitre.oval:def:11707
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11707
Common Vulnerability Exposure (CVE) ID: CVE-2006-0038
17178
http://www.securityfocus.com/bid/17178
19330
http://secunia.com/advisories/19330
20671
http://secunia.com/advisories/20671
20716
http://secunia.com/advisories/20716
20914
http://secunia.com/advisories/20914
ADV-2006-1046
http://www.vupen.com/english/advisories/2006/1046
ADV-2006-2554
http://www.vupen.com/english/advisories/2006/2554
DSA-1097
http://www.debian.org/security/2006/dsa-1097
DSA-1103
http://www.debian.org/security/2006/dsa-1103
USN-302-1
http://www.ubuntu.com/usn/usn-302-1
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee4bb818ae35f68d1f848eae0a7b150a38eb4168
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=186295
linux-netfilter-doreplace-overflow(25400)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25400
oval:org.mitre.oval:def:10945
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10945
Common Vulnerability Exposure (CVE) ID: CVE-2006-0456
18687
http://www.securityfocus.com/bid/18687
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=331c46591414f7f92b1cec048009abe89892ee79
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=331c46591414f7f92b1cec048009abe89892ee79
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.16-rc6
http://www.mail-archive.com/kernel-svn-changes%40lists.alioth.debian.org/msg01631.html
oval:org.mitre.oval:def:9909
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9909
Common Vulnerability Exposure (CVE) ID: CVE-2006-0457
17084
http://www.securityfocus.com/bid/17084
19220
http://secunia.com/advisories/19220
20398
http://secunia.com/advisories/20398
23894
http://www.osvdb.org/23894
MDKSA-2006:059
http://www.mandriva.com/security/advisories?name=MDKSA-2006:059
SUSE-SA:2006:028
http://www.novell.com/linux/security/advisories/2006-05-31.html
USN-263-1
https://usn.ubuntu.com/263-1/
kernel-addkey-dos(25354)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25354
oval:org.mitre.oval:def:9566
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9566
Common Vulnerability Exposure (CVE) ID: CVE-2006-0742
16993
http://www.securityfocus.com/bid/16993
19078
http://secunia.com/advisories/19078
19607
http://secunia.com/advisories/19607
20060402-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U
23660
http://www.osvdb.org/23660
ADV-2006-0856
http://www.vupen.com/english/advisories/2006/0856
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15.6
kernel-dieifkernel-dos(25068)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25068
oval:org.mitre.oval:def:10742
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10742
Common Vulnerability Exposure (CVE) ID: CVE-2006-1052
17830
http://www.securityfocus.com/bid/17830
19955
http://secunia.com/advisories/19955
20157
http://secunia.com/advisories/20157
22093
http://secunia.com/advisories/22093
25232
http://www.osvdb.org/25232
DSA-1184
http://www.debian.org/security/2006/dsa-1184
MDKSA-2006:086
http://www.mandriva.com/security/advisories?name=MDKSA-2006:086
USN-281-1
https://usn.ubuntu.com/281-1/
[git-commits-head] 20060311 [PATCH] selinux: tracer SID fix
http://marc.info/?l=git-commits-head&m=114210002712363&w=2
[selinux] 20060313 [SECURITY] SELinux ptrace bug (CVE-2006-1052)
http://marc.info/?l=selinux&m=114226465106131&w=2
http://selinuxnews.org/wp/index.php/2006/03/13/security-ptrace-bug-cve-2006-1052/
oval:org.mitre.oval:def:10102
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10102
Common Vulnerability Exposure (CVE) ID: CVE-2006-1056
1015966
http://securitytracker.com/id?1015966
17600
http://www.securityfocus.com/bid/17600
19715
http://secunia.com/advisories/19715
19724
http://secunia.com/advisories/19724
19735
http://secunia.com/advisories/19735
20060419 FreeBSD Security Advisory FreeBSD-SA-06:14.fpu
http://www.securityfocus.com/archive/1/431341
20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1
http://www.securityfocus.com/archive/1/451419/100/200/threaded
20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4
http://www.securityfocus.com/archive/1/451404/100/0/threaded
20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2
http://www.securityfocus.com/archive/1/451417/100/200/threaded
20061113 VMSA-2006-0009 - VMware ESX Server 3.0.0 AMD fxsave/restore issue
http://www.securityfocus.com/archive/1/451421/100/0/threaded
22875
http://secunia.com/advisories/22875
22876
http://secunia.com/advisories/22876
24746
http://www.osvdb.org/24746
24807
http://www.osvdb.org/24807
ADV-2006-1426
http://www.vupen.com/english/advisories/2006/1426
ADV-2006-1475
http://www.vupen.com/english/advisories/2006/1475
ADV-2006-4353
http://www.vupen.com/english/advisories/2006/4353
ADV-2006-4502
http://www.vupen.com/english/advisories/2006/4502
FEDORA-2006-423
http://lwn.net/Alerts/180820/
FreeBSD-SA-06:14
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:14.fpu.asc
SUSE-SU-2014:0446
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
[linux-kernel] 20060419 RE: Linux 2.6.16.9
http://marc.info/?l=linux-kernel&m=114548768214478&w=2
amd-fpu-information-disclosure(25871)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25871
http://kb.vmware.com/kb/2533126
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.9
http://security.freebsd.org/advisories/FreeBSD-SA-06:14-amd.txt
http://www.vmware.com/download/esx/esx-213-200610-patch.html
http://www.vmware.com/download/esx/esx-254-200610-patch.html
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187910
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187911
oval:org.mitre.oval:def:9995
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9995
Common Vulnerability Exposure (CVE) ID: CVE-2006-1242
BugTraq ID: 17109
http://www.securityfocus.com/bid/17109
Bugtraq: 20060314 Linux zero IP ID vulnerability? (Google Search)
http://www.securityfocus.com/archive/1/427622/100/0/threaded
Bugtraq: 20060323 Re: Linux zero IP ID vulnerability? (Google Search)
http://www.securityfocus.com/archive/1/427753/100/0/threaded
http://www.securityfocus.com/archive/1/427893/100/0/threaded
http://www.securityfocus.com/archive/1/428605/30/6210/threaded
Debian Security Information: DSA-1097 (Google Search)
Debian Security Information: DSA-1103 (Google Search)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10317
http://secunia.com/advisories/19402
SuSE Security Announcement: SUSE-SA:2006:028 (Google Search)
http://www.vupen.com/english/advisories/2006/1140
Common Vulnerability Exposure (CVE) ID: CVE-2006-1343
BugTraq ID: 17203
http://www.securityfocus.com/bid/17203
Bugtraq: 20060531 rPSA-2006-0087-1 kernel (Google Search)
http://www.securityfocus.com/archive/1/435490/100/0/threaded
Bugtraq: 20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1 (Google Search)
Bugtraq: 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4 (Google Search)
Bugtraq: 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2 (Google Search)
Bugtraq: 20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2 (Google Search)
http://www.securityfocus.com/archive/1/451426/100/200/threaded
Debian Security Information: DSA-1184 (Google Search)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:123
http://www.mandriva.com/security/advisories?name=MDKSA-2006:150
http://marc.info/?l=linux-netdev&m=114148078223594&w=2
http://www.osvdb.org/29841
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10875
http://secunia.com/advisories/19357
http://secunia.com/advisories/21045
http://www.trustix.org/errata/2006/0032/
http://www.vupen.com/english/advisories/2006/2071
XForce ISS Database: linux-sockaddr-memory-leak(25425)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25425
Common Vulnerability Exposure (CVE) ID: CVE-2006-1857
18085
http://www.securityfocus.com/bid/18085
20185
http://secunia.com/advisories/20185
21045
21179
http://secunia.com/advisories/21179
21476
http://secunia.com/advisories/21476
21498
http://secunia.com/advisories/21498
25695
http://www.osvdb.org/25695
ADV-2006-1893
http://www.vupen.com/english/advisories/2006/1893
MDKSA-2006:123
MDKSA-2006:150
SUSE-SA:2006:042
http://www.novell.com/linux/security/advisories/2006_42_kernel.html
SUSE-SA:2006:047
http://www.novell.com/linux/security/advisories/2006_47_kernel.html
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.17
linux-sctp-hback-dos(26584)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26584
oval:org.mitre.oval:def:10622
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10622
Common Vulnerability Exposure (CVE) ID: CVE-2006-2275
BugTraq ID: 17955
http://www.securityfocus.com/bid/17955
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11295
http://www.trustix.org/errata/2006/0026
XForce ISS Database: linux-sctp-receive-dos(26433)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26433
Common Vulnerability Exposure (CVE) ID: CVE-2006-2446
19475
http://www.securityfocus.com/bid/19475
22082
http://secunia.com/advisories/22082
DSA-1183
http://www.debian.org/security/2006/dsa-1183
MDKSA-2007:025
http://www.mandriva.com/security/advisories?name=MDKSA-2007:025
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192779
oval:org.mitre.oval:def:9117
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9117
Common Vulnerability Exposure (CVE) ID: CVE-2006-2448
18616
http://www.securityfocus.com/bid/18616
2006-0037
http://www.trustix.org/errata/2006/0037
20060623 rPSA-2006-0110-1 kernel
http://www.securityfocus.com/archive/1/438168/100/0/threaded
20703
http://secunia.com/advisories/20703
20831
http://secunia.com/advisories/20831
20991
http://secunia.com/advisories/20991
ADV-2006-2451
http://www.vupen.com/english/advisories/2006/2451
USN-311-1
http://www.ubuntu.com/usn/usn-311-1
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7c85d1f9d358b24c5b05c3a2783a78423775a080
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.21
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=194215
oval:org.mitre.oval:def:10040
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10040
Common Vulnerability Exposure (CVE) ID: CVE-2006-2934
18755
http://www.securityfocus.com/bid/18755
20060707 rPSA-2006-0122-1 kernel
http://www.securityfocus.com/archive/1/439483/100/100/threaded
20060710 Re: rPSA-2006-0122-1 kernel
http://www.securityfocus.com/archive/1/439610/100/100/threaded
20917
http://secunia.com/advisories/20917
20986
http://secunia.com/advisories/20986
21298
http://secunia.com/advisories/21298
21614
http://secunia.com/advisories/21614
21934
http://secunia.com/advisories/21934
26963
http://www.osvdb.org/26963
ADV-2006-2623
http://www.vupen.com/english/advisories/2006/2623
MDKSA-2006:151
http://www.mandriva.com/security/advisories?name=MDKSA-2006:151
USN-331-1
http://www.ubuntu.com/usn/usn-331-1
USN-346-1
http://www.ubuntu.com/usn/usn-346-1
VU#717844
http://www.kb.cert.org/vuls/id/717844
http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.17.y.git%3Ba=commit%3Bh=9c48e1ea8cf8800cc5e2d39ccbb8b5ff9704f8e9
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.23
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.3
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197387
https://issues.rpath.com/browse/RPL-488
oval:org.mitre.oval:def:10932
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10932
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.