English | Deutsch | Español | Português
 ID de Usuario:
 Contraseña:
Nuevo usuario
 Acerca de:   Dedicada | Avanzada | Estándar | Periódica | Sin Riesgo | Escritorio | Básica | Individual | Sello | FAQ
  Resumen de Precio/Funciones | Ordenar  | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad
 Búsqueda de    
Vulnerabilidad   
    Buscar 76783 Descripciones CVE y
40246 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.67753
Categoría:Red Hat Local Security Checks
Título:RedHat Security Advisory RHSA-2010:0631
Resumen:Redhat Security Advisory RHSA-2010:0631
Descripción:The remote host is missing updates announced in
advisory RHSA-2010:0631.

These packages contain the Linux kernel, the core of any Linux operating
system.

Security fixes:

* unsafe sprintf() use in the Bluetooth implementation. Creating a large
number of Bluetooth L2CAP, SCO, or RFCOMM sockets could result in arbitrary
memory pages being overwritten, allowing a local, unprivileged user to
cause a denial of service or escalate their privileges. (CVE-2010-1084,
Important)

* a flaw in the Unidirectional Lightweight Encapsulation implementation,
allowing a remote attacker to send a specially-crafted ISO MPEG-2 Transport
Stream frame to a target system, resulting in a denial of service.
(CVE-2010-1086, Important)

* NULL pointer dereference in nfs_wb_page_cancel(), allowing a local user
on a system that has an NFS-mounted file system to cause a denial of
service or escalate their privileges on that system. (CVE-2010-1087,
Important)

* flaw in sctp_process_unk_param(), allowing a remote attacker to send a
specially-crafted SCTP packet to an SCTP listening port on a target system,
causing a denial of service. (CVE-2010-1173, Important)

* race condition between finding a keyring by name and destroying a freed
keyring in the key management facility, allowing a local, unprivileged
user to cause a denial of service or escalate their privileges.
(CVE-2010-1437, Important)

* systems using the kernel NFS server to export a shared memory file system
and that have the sysctl overcommit_memory variable set to never overcommit
(a value of 2
by default, it is set to 0), may experience a NULL pointer
dereference, allowing a local, unprivileged user to cause a denial of
service or escalate their privileges. (CVE-2008-7256, CVE-2010-1643,
Important)

* when an application has a stack overflow, the stack could silently
overwrite another memory mapped area instead of a segmentation fault
occurring, which could lead to local privilege escalation on 64-bit
systems. This issue is fixed with an implementation of a stack guard
feature. (CVE-2010-2240, Important)

* flaw in CIFSSMBWrite() could allow a remote attacker to send a
specially-crafted SMB response packet to a target CIFS client, resulting in
a denial of service. (CVE-2010-2248, Important)

* buffer overflow flaws in the kernel's implementation of the server-side
XDR for NFSv4 could allow an attacker on the local network to send a
specially-crafted large compound request to the NFSv4 server, possibly
resulting in a denial of service or code execution. (CVE-2010-2521,
Important)

* NULL pointer dereference in the firewire-ohci driver used for OHCI
compliant IEEE 1394 controllers could allow a local, unprivileged user with
access to /dev/fw* files to issue certain IOCTL calls, causing a denial of
service or privilege escalation. The FireWire modules are blacklisted by
default. If enabled, only root has access to the files noted above by
default. (CVE-2009-4138, Moderate)

* flaw in the link_path_walk() function. Using the file descriptor
returned by open() with the O_NOFOLLOW flag on a subordinate NFS-mounted
file system, could result in a NULL pointer dereference, causing a denial
of service or privilege escalation. (CVE-2010-1088, Moderate)

* memory leak in release_one_tty() could allow a local, unprivileged user
to cause a denial of service. (CVE-2010-1162, Moderate)

* information leak in the USB implementation. Certain USB errors could
result in an uninitialized kernel buffer being sent to user-space. An
attacker with physical access to a target system could use this flaw to
cause an information leak. (CVE-2010-1083, Low)

Red Hat would like to thank Neil Brown for reporting CVE-2010-1084
Ang Way
Chuang for reporting CVE-2010-1086
Jukka Taimisto and Olli Jarva of
Codenomicon Ltd, Nokia Siemens Networks, and Wind River on behalf of their
customer, for responsibly reporting CVE-2010-1173
the X.Org security team
for reporting CVE-2010-2240, with upstream acknowledging Rafal Wojtczuk as
the original reporter
and Marcus Meissner for reporting CVE-2010-1083.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2010-0631.html
http://www.redhat.com/security/updates/classification/#important
http://www.redhat.com/docs/en-US/errata/RHSA-2010-0631/Kernel_Security_Update/index.html

Risk factor : Critical
Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-7256
http://www.openwall.com/lists/oss-security/2010/05/27/1
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
XForce ISS Database: kernel-shmem-dos(59224)
http://xforce.iss.net/xforce/xfdb/59224
Common Vulnerability Exposure (CVE) ID: CVE-2009-4138
http://www.openwall.com/lists/oss-security/2009/12/15/1
Debian Security Information: DSA-2005 (Google Search)
http://www.debian.org/security/2010/dsa-2005
RedHat Security Advisories: RHSA-2010:0046
https://rhn.redhat.com/errata/RHSA-2010-0046.html
RedHat Security Advisories: RHSA-2010:0095
https://rhn.redhat.com/errata/RHSA-2010-0095.html
SuSE Security Announcement: SUSE-SA:2010:001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html
SuSE Security Announcement: SUSE-SA:2010:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
SuSE Security Announcement: SUSE-SA:2010:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html
BugTraq ID: 37339
http://www.securityfocus.com/bid/37339
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7376
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9527
http://secunia.com/advisories/38017
http://secunia.com/advisories/38276
Common Vulnerability Exposure (CVE) ID: CVE-2010-1083
Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/archive/1/520102/100/0/threaded
http://lwn.net/Articles/375350/
http://lkml.org/lkml/2010/3/30/759
http://www.openwall.com/lists/oss-security/2010/02/17/1
http://www.openwall.com/lists/oss-security/2010/02/17/2
http://www.openwall.com/lists/oss-security/2010/02/18/7
http://www.openwall.com/lists/oss-security/2010/02/19/1
http://www.openwall.com/lists/oss-security/2010/02/18/4
Debian Security Information: DSA-2053 (Google Search)
http://www.debian.org/security/2010/dsa-2053
http://www.redhat.com/support/errata/RHSA-2010-0394.html
http://www.redhat.com/support/errata/RHSA-2010-0723.html
SuSE Security Announcement: SUSE-SA:2010:019 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html
SuSE Security Announcement: SUSE-SA:2010:023 (Google Search)
http://www.novell.com/linux/security/advisories/2010_23_kernel.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10831
http://secunia.com/advisories/39742
http://secunia.com/advisories/39830
http://secunia.com/advisories/46397
Common Vulnerability Exposure (CVE) ID: CVE-2010-1084
Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search)
http://www.securityfocus.com/archive/1/archive/1/516397/100/0/threaded
http://www.openwall.com/lists/oss-security/2010/03/23/1
http://security-tracker.debian.org/tracker/CVE-2010-1084
http://www.redhat.com/support/errata/RHSA-2010-0610.html
BugTraq ID: 38898
http://www.securityfocus.com/bid/38898
http://secunia.com/advisories/43315
Common Vulnerability Exposure (CVE) ID: CVE-2010-1086
http://www.openwall.com/lists/oss-security/2010/03/01/1
http://www.redhat.com/support/errata/RHSA-2010-0398.html
BugTraq ID: 38479
http://www.securityfocus.com/bid/38479
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10569
http://secunia.com/advisories/39649
Common Vulnerability Exposure (CVE) ID: CVE-2010-1087
http://www.openwall.com/lists/oss-security/2010/03/03/1
SuSE Security Announcement: SUSE-SA:2010:031 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html
BugTraq ID: 39569
http://www.securityfocus.com/bid/39569
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10442
http://secunia.com/advisories/40645
http://www.vupen.com/english/advisories/2010/1857
Common Vulnerability Exposure (CVE) ID: CVE-2010-1088
http://www.openwall.com/lists/oss-security/2010/02/24/3
http://www.mandriva.com/security/advisories?name=MDVSA-2010:088
BugTraq ID: 39044
http://www.securityfocus.com/bid/39044
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10093
Common Vulnerability Exposure (CVE) ID: CVE-2010-1162
http://www.openwall.com/lists/oss-security/2010/04/14/1
http://www.openwall.com/lists/oss-security/2010/04/15/1
http://www.openwall.com/lists/oss-security/2010/04/15/2
http://www.openwall.com/lists/oss-security/2010/04/16/1
Common Vulnerability Exposure (CVE) ID: CVE-2010-1173
http://article.gmane.org/gmane.linux.network/159531
http://www.openwall.com/lists/oss-security/2010/04/29/1
http://www.openwall.com/lists/oss-security/2010/04/29/6
http://marc.info/?l=oss-security&m=127251068407878&w=2
http://www.redhat.com/support/errata/RHSA-2010-0474.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11416
http://secunia.com/advisories/40218
Common Vulnerability Exposure (CVE) ID: CVE-2010-1437
http://marc.info/?l=linux-kernel&m=127192182917857&w=2
http://marc.info/?l=linux-kernel&m=127274294622730&w=2
http://marc.info/?l=linux-kernel&m=127292492727029&w=2
http://www.openwall.com/lists/oss-security/2010/04/27/2
http://www.openwall.com/lists/oss-security/2010/04/28/2
BugTraq ID: 39719
http://www.securityfocus.com/bid/39719
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9715
XForce ISS Database: kernel-findkeyringbyname-dos(58254)
http://xforce.iss.net/xforce/xfdb/58254
Common Vulnerability Exposure (CVE) ID: CVE-2010-1643
http://www.openwall.com/lists/oss-security/2010/05/26/2
http://www.openwall.com/lists/oss-security/2010/05/26/6
http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-knfsd-9666
BugTraq ID: 40377
http://www.securityfocus.com/bid/40377
XForce ISS Database: linux-kernel-knfsd-dos(58957)
http://xforce.iss.net/xforce/xfdb/58957
Common Vulnerability Exposure (CVE) ID: CVE-2010-2240
Bugtraq: 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/archive/1/517739/100/0/threaded
http://lists.vmware.com/pipermail/security-announce/2011/000133.html
http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf
Debian Security Information: DSA-2094 (Google Search)
http://www.debian.org/security/2010/dsa-2094
http://www.mandriva.com/security/advisories?name=MDVSA-2010:172
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
RedHat Security Advisories: RHSA-2010:0661
https://rhn.redhat.com/errata/RHSA-2010-0661.html
http://www.redhat.com/support/errata/RHSA-2010-0660.html
http://www.redhat.com/support/errata/RHSA-2010-0670.html
http://www.redhat.com/support/errata/RHSA-2010-0882.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:13247
http://securitytracker.com/id?1024344
Common Vulnerability Exposure (CVE) ID: CVE-2010-2248
http://www.openwall.com/lists/oss-security/2010/06/28/1
http://www.openwall.com/lists/oss-security/2010/06/28/6
RedHat Security Advisories: RHSA-2010:0606
https://rhn.redhat.com/errata/RHSA-2010-0606.html
SuSE Security Announcement: SUSE-SA:2010:060 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html
http://www.ubuntu.com/usn/USN-1000-1
BugTraq ID: 42242
http://www.securityfocus.com/bid/42242
http://securitytracker.com/id?1024285
Common Vulnerability Exposure (CVE) ID: CVE-2010-2521
http://www.openwall.com/lists/oss-security/2010/07/07/1
http://www.openwall.com/lists/oss-security/2010/07/09/2
http://www.redhat.com/support/errata/RHSA-2010-0893.html
http://www.redhat.com/support/errata/RHSA-2010-0907.html
SuSE Security Announcement: SUSE-SA:2010:040 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html
BugTraq ID: 42249
http://www.securityfocus.com/bid/42249
http://securitytracker.com/id?1024286
http://www.vupen.com/english/advisories/2010/3050
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 40246 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:
Usuario:
Contraseña:
Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.
Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.
   Privacidad
Ingreso de Usuario Registrado
 
Usuario:   
Contraseña:  

 ¿Olvidó su usuario o contraseña??
Email/ID de Usario:




Principal | Acerca de Nosotros | Contáctenos | Programas de Asociado | Developer APIs | Privacidad | Listas de Correo | Abuso
Auditorías de Seguridad | DNS Administrado | Monitoreo de Red | Analizador de Sitio | Informes de Investigación de Internet
Prueba de Web | Whois

© 1998-2014 E-Soft Inc. Todos los derechos reservados.