English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.58901
Categoría:Red Hat Local Security Checks
Título:RedHat Security Advisory RHSA-2007:0347
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing updates announced in
advisory RHSA-2007:0347.

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for the following security issues:

* a flaw in the handling of IPv6 type 0 routing headers that allowed remote
users to cause a denial of service that led to a network amplification
between two routers (CVE-2007-2242, Important).

* a flaw in the nfnetlink_log netfilter module that allowed a local user to
cause a denial of service (CVE-2007-1496, Important).

* a flaw in the flow list of listening IPv6 sockets that allowed a local
user to cause a denial of service (CVE-2007-1592, Important).

* a flaw in the handling of netlink messages that allowed a local user to
cause a denial of service (infinite recursion) (CVE-2007-1861, Important).

* a flaw in the IPv4 forwarding base that allowed a local user to cause an
out-of-bounds access (CVE-2007-2172, Important).

* a flaw in the nf_conntrack netfilter module for IPv6 that allowed remote
users to bypass certain netfilter rules using IPv6 fragments
(CVE-2007-1497, Moderate).

In addition to the security issues described above, fixes for the following
have been included:

* a regression in ipv6 routing.

* an error in memory initialization that caused gdb to output inaccurate
backtraces on ia64.

* the nmi watchdog timeout was updated from 5 to 30 seconds.

* a flaw in distributed lock management that could result in errors during
virtual machine migration.

* an omitted include in kernel-headers that led to compile failures for
some packages.

Red Hat Enterprise Linux 5 users are advised to upgrade to these packages,
which contain backported patches to correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0347.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : High

CVSS Score:
7.8

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-1496
BugTraq ID: 22946
http://www.securityfocus.com/bid/22946
Debian Security Information: DSA-1289 (Google Search)
http://www.debian.org/security/2007/dsa-1289
http://www.mandriva.com/security/advisories?name=MDKSA-2007:171
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9831
http://www.redhat.com/support/errata/RHSA-2007-0347.html
http://secunia.com/advisories/24492
http://secunia.com/advisories/25228
http://secunia.com/advisories/25288
http://secunia.com/advisories/25392
http://secunia.com/advisories/25961
http://secunia.com/advisories/26620
SuSE Security Announcement: SUSE-SA:2007:043 (Google Search)
http://www.novell.com/linux/security/advisories/2007_43_kernel.html
http://www.ubuntu.com/usn/usn-464-1
http://www.vupen.com/english/advisories/2007/0944
Common Vulnerability Exposure (CVE) ID: CVE-2007-1497
BugTraq ID: 23976
http://www.securityfocus.com/bid/23976
http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
http://www.osvdb.org/33028
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10457
Common Vulnerability Exposure (CVE) ID: CVE-2007-1592
BugTraq ID: 23104
http://www.securityfocus.com/bid/23104
Debian Security Information: DSA-1286 (Google Search)
http://www.debian.org/security/2007/dsa-1286
Debian Security Information: DSA-1304 (Google Search)
http://www.debian.org/security/2007/dsa-1304
Debian Security Information: DSA-1503 (Google Search)
http://www.debian.org/security/2008/dsa-1503
http://www.mandriva.com/security/advisories?name=MDKSA-2007:078
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478
http://marc.info/?l=linux-netdev&m=117406721731891&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10130
RedHat Security Advisories: RHBA-2007-0304
http://rhn.redhat.com/errata/RHBA-2007-0304.html
RedHat Security Advisories: RHSA-2007:0436
http://rhn.redhat.com/errata/RHSA-2007-0436.html
http://www.redhat.com/support/errata/RHSA-2007-0672.html
http://www.redhat.com/support/errata/RHSA-2007-0673.html
http://secunia.com/advisories/24618
http://secunia.com/advisories/24777
http://secunia.com/advisories/25078
http://secunia.com/advisories/25099
http://secunia.com/advisories/25226
http://secunia.com/advisories/25630
http://secunia.com/advisories/25683
http://secunia.com/advisories/25714
http://secunia.com/advisories/26379
http://secunia.com/advisories/27528
http://secunia.com/advisories/29058
SuSE Security Announcement: SUSE-SA:2007:029 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html
SuSE Security Announcement: SUSE-SA:2007:030 (Google Search)
http://www.novell.com/linux/security/advisories/2007_30_kernel.html
SuSE Security Announcement: SUSE-SA:2007:035 (Google Search)
http://www.novell.com/linux/security/advisories/2007_35_kernel.html
http://www.vupen.com/english/advisories/2007/1084
XForce ISS Database: kernel-tcpv6synrecvsoc-dos(33176)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33176
Common Vulnerability Exposure (CVE) ID: CVE-2007-1861
BugTraq ID: 23677
http://www.securityfocus.com/bid/23677
Bugtraq: 20070508 FLEA-2007-0016-1: kernel (Google Search)
http://www.securityfocus.com/archive/1/467939/30/6690/threaded
Bugtraq: 20070615 rPSA-2007-0124-1 kernel xen (Google Search)
http://www.securityfocus.com/archive/1/471457
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11616
http://secunia.com/advisories/25030
http://secunia.com/advisories/25083
http://secunia.com/advisories/25691
http://secunia.com/advisories/26133
http://secunia.com/advisories/26139
http://www.ubuntu.com/usn/usn-486-1
http://www.ubuntu.com/usn/usn-489-1
http://www.vupen.com/english/advisories/2007/1595
XForce ISS Database: kernel-netlinkfiblookup-dos(34014)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34014
Common Vulnerability Exposure (CVE) ID: CVE-2007-2172
BugTraq ID: 23447
http://www.securityfocus.com/bid/23447
Debian Security Information: DSA-1356 (Google Search)
http://www.debian.org/security/2007/dsa-1356
Debian Security Information: DSA-1363 (Google Search)
http://www.debian.org/security/2007/dsa-1363
Debian Security Information: DSA-1504 (Google Search)
http://www.debian.org/security/2008/dsa-1504
http://www.mandriva.com/security/advisories?name=MDKSA-2007:216
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10764
RedHat Security Advisories: RHSA-2007:0488
http://rhn.redhat.com/errata/RHSA-2007-0488.html
http://www.redhat.com/support/errata/RHSA-2007-1049.html
http://www.redhat.com/support/errata/RHSA-2008-0787.html
http://secunia.com/advisories/25068
http://secunia.com/advisories/25838
http://secunia.com/advisories/26289
http://secunia.com/advisories/26450
http://secunia.com/advisories/26647
http://secunia.com/advisories/27913
http://secunia.com/advisories/33280
http://www.vupen.com/english/advisories/2007/2690
XForce ISS Database: kernel-dnfibprops-fibprops-dos(33979)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33979
Common Vulnerability Exposure (CVE) ID: CVE-2007-2242
BugTraq ID: 23615
http://www.securityfocus.com/bid/23615
CERT/CC vulnerability note: VU#267289
http://www.kb.cert.org/vuls/id/267289
FreeBSD Security Advisory: FreeBSD-SA-07:03.ipv6
http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc
http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf
OpenBSD Security Advisory: [3.9] 20070423 022: SECURITY FIX: April 23, 2007
http://openbsd.org/errata39.html#022_route6
OpenBSD Security Advisory: [4.0] 20070423 012: SECURITY FIX: April 23, 2007
http://openbsd.org/errata40.html#012_route6
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9574
http://www.securitytracker.com/id?1017949
http://secunia.com/advisories/24978
http://secunia.com/advisories/25033
http://secunia.com/advisories/25770
http://secunia.com/advisories/26651
http://secunia.com/advisories/26664
http://secunia.com/advisories/26703
http://secunia.com/advisories/28806
SuSE Security Announcement: SUSE-SA:2007:051 (Google Search)
http://www.novell.com/linux/security/advisories/2007_51_kernel.html
SuSE Security Announcement: SUSE-SA:2008:006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
http://www.ubuntu.com/usn/usn-508-1
http://www.vupen.com/english/advisories/2007/1563
http://www.vupen.com/english/advisories/2007/2270
http://www.vupen.com/english/advisories/2007/3050
XForce ISS Database: openbsd-ipv6-type0-dos(33851)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33851
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.