English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.69169
Categoría:Red Hat Local Security Checks
Título:RedHat Security Advisory RHSA-2011:0007
Resumen:NOSUMMARY
Descripción:Description:
The remote host is missing updates announced in
advisory RHSA-2011:0007.

* Buffer overflow in eCryptfs. When /dev/ecryptfs has world writable
permissions (which it does not, by default, on Red Hat Enterprise Linux 6),
a local, unprivileged user could use this flaw to cause a denial of service
or possibly escalate their privileges. (CVE-2010-2492, Important)

* Integer overflow in the RDS protocol implementation could allow a local,
unprivileged user to cause a denial of service or escalate their
privileges. (CVE-2010-3865, Important)

* Missing boundary checks in the PPP over L2TP sockets implementation could
allow a local, unprivileged user to cause a denial of service or escalate
their privileges. (CVE-2010-4160, Important)

* NULL pointer dereference in the igb driver. If both Single Root I/O
Virtualization (SR-IOV) and promiscuous mode were enabled on an interface
using igb, it could result in a denial of service when a tagged VLAN packet
is received on that interface. (CVE-2010-4263, Important)

* Missing initialization flaw in the XFS file system implementation, and in
the network traffic policing implementation, could allow a local,
unprivileged user to cause an information leak. (CVE-2010-3078,
CVE-2010-3477, Moderate)

* NULL pointer dereference in the Open Sound System compatible sequencer
driver could allow a local, unprivileged user with access to /dev/sequencer
to cause a denial of service. /dev/sequencer is only accessible to root and
users in the audio group by default. (CVE-2010-3080, Moderate)

* Flaw in the ethtool IOCTL handler could allow a local user to cause an
information leak. (CVE-2010-3861, Moderate)

* Flaw in bcm_connect() in the Controller Area Network (CAN) Broadcast
Manager. On 64-bit systems, writing the socket address may overflow the
procname character array. (CVE-2010-3874, Moderate)

* Flaw in the module for monitoring the sockets of INET transport
protocols could allow a local, unprivileged user to cause a denial of
service. (CVE-2010-3880, Moderate)

* Missing boundary checks in the block layer implementation could allow a
local, unprivileged user to cause a denial of service. (CVE-2010-4162,
CVE-2010-4163, CVE-2010-4668, Moderate)

* NULL pointer dereference in the Bluetooth HCI UART driver could allow a
local, unprivileged user to cause a denial of service. (CVE-2010-4242,
Moderate)

* Flaw in the Linux kernel CPU time clocks implementation for the POSIX
clock interface could allow a local, unprivileged user to cause a denial of
service. (CVE-2010-4248, Moderate)

* Flaw in the garbage collector for AF_UNIX sockets could allow a local,
unprivileged user to trigger a denial of service. (CVE-2010-4249, Moderate)

* Missing upper bound integer check in the AIO implementation could allow a
local, unprivileged user to cause an information leak. (CVE-2010-3067, Low)

* Missing initialization flaws could lead to information leaks.
(CVE-2010-3298, CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4074,
CVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081,
CVE-2010-4082, CVE-2010-4083, CVE-2010-4158, Low)

* Missing initialization flaw in KVM could allow a privileged host user
with access to /dev/kvm to cause an information leak. (CVE-2010-4525, Low)

Red Hat would like to thank Andre Osterhues for reporting CVE-2010-2492

Thomas Pollet for reporting CVE-2010-3865
Dan Rosenberg for reporting
CVE-2010-4160, CVE-2010-3078, CVE-2010-3874, CVE-2010-4162, CVE-2010-4163,
CVE-2010-3298, CVE-2010-4073, CVE-2010-4074, CVE-2010-4075, CVE-2010-4077,
CVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083,
and CVE-2010-4158
Kosuke Tatsukawa for reporting CVE-2010-4263
Tavis
Ormandy for reporting CVE-2010-3080 and CVE-2010-3067
Kees Cook for
reporting CVE-2010-3861 and CVE-2010-4072
Nelson Elhage for reporting
CVE-2010-3880
Alan Cox for reporting CVE-2010-4242
Vegard Nossum for
reporting CVE-2010-4249
Vasiliy Kulikov for reporting CVE-2010-3876
and
Stephan Mueller of atsec information security for reporting CVE-2010-4525.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2011-0007.html
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Technical_Notes/ape.html#RHSA-2011-0007

Risk factor : High

CVSS Score:
7.2

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-2492
20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
http://www.securityfocus.com/archive/1/520102/100/0/threaded
42890
http://secunia.com/advisories/42890
46397
http://secunia.com/advisories/46397
MDVSA-2010:172
http://www.mandriva.com/security/advisories?name=MDVSA-2010:172
MDVSA-2010:198
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
RHSA-2010:0723
http://www.redhat.com/support/errata/RHSA-2010-0723.html
RHSA-2011:0007
http://www.redhat.com/support/errata/RHSA-2011-0007.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6f80fb7b5986fda663d94079d3bba0937a6b6ff
http://support.avaya.com/css/P8/documents/100113326
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
https://bugzilla.redhat.com/show_bug.cgi?id=611385
Common Vulnerability Exposure (CVE) ID: CVE-2010-3067
42778
http://secunia.com/advisories/42778
42801
http://secunia.com/advisories/42801
43291
http://secunia.com/advisories/43291
ADV-2011-0012
http://www.vupen.com/english/advisories/2011/0012
ADV-2011-0298
http://www.vupen.com/english/advisories/2011/0298
ADV-2011-0375
http://www.vupen.com/english/advisories/2011/0375
DSA-2126
http://www.debian.org/security/2010/dsa-2126
MDVSA-2010:257
http://www.mandriva.com/security/advisories?name=MDVSA-2010:257
MDVSA-2011:029
http://www.mandriva.com/security/advisories?name=MDVSA-2011:029
MDVSA-2011:051
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
RHSA-2010:0758
http://www.redhat.com/support/errata/RHSA-2010-0758.html
RHSA-2010:0779
http://www.redhat.com/support/errata/RHSA-2010-0779.html
RHSA-2010:0839
http://www.redhat.com/support/errata/RHSA-2010-0839.html
SUSE-SA:2010:060
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html
SUSE-SA:2011:001
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
SUSE-SA:2011:002
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html
SUSE-SA:2011:007
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
SUSE-SA:2011:008
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
USN-1000-1
http://www.ubuntu.com/usn/USN-1000-1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=75e1c70fc31490ef8a373ea2a4bea2524099b478
http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc4-next-20100915.bz2
https://bugzilla.redhat.com/show_bug.cgi?id=629441
kernel-doiosubmit-dos(61884)
https://exchange.xforce.ibmcloud.com/vulnerabilities/61884
Common Vulnerability Exposure (CVE) ID: CVE-2010-3078
1024418
http://securitytracker.com/id?1024418
41284
http://secunia.com/advisories/41284
41512
http://secunia.com/advisories/41512
43022
http://www.securityfocus.com/bid/43022
ADV-2010-2430
http://www.vupen.com/english/advisories/2010/2430
SUSE-SA:2010:041
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html
SUSE-SA:2010:050
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html
SUSE-SA:2010:054
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html
[oss-security] 20100907 CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak
http://www.openwall.com/lists/oss-security/2010/09/07/1
[oss-security] 20100907 Re: CVE request: kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak
http://www.openwall.com/lists/oss-security/2010/09/07/12
[xfs-masters] 20100906 [PATCH] xfs: prevent reading uninitialized stack memory
http://www.linux.sgi.com/archives/xfs-masters/2010-09/msg00002.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a122eb2fdfd78b58c6dd992d6f4b1aaef667eef9
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4
https://bugzilla.redhat.com/show_bug.cgi?id=630804
Common Vulnerability Exposure (CVE) ID: CVE-2010-3080
43062
http://www.securityfocus.com/bid/43062
[oss-security] 20100908 CVE-2010-3080 kernel: /dev/sequencer open failure is not handled correctly
http://www.openwall.com/lists/oss-security/2010/09/08/7
http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=c598337660c21c0afaa9df5a65bb4a7a0cf15be8
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=27f7ad53829f79e799a253285318bff79ece15bd
https://bugzilla.redhat.com/show_bug.cgi?id=630551
Common Vulnerability Exposure (CVE) ID: CVE-2010-3298
41440
http://secunia.com/advisories/41440
42758
http://secunia.com/advisories/42758
43226
http://www.securityfocus.com/bid/43226
ADV-2011-0070
http://www.vupen.com/english/advisories/2011/0070
USN-1041-1
http://www.ubuntu.com/usn/USN-1041-1
[linux-kernel] 20100911 [PATCH] drivers/net/usb/hso.c: prevent reading uninitialized memory
http://lkml.org/lkml/2010/9/11/167
[oss-security] 20100914 CVE request: kernel: numerous infoleaks
http://www.openwall.com/lists/oss-security/2010/09/14/2
[oss-security] 20100914 Re: CVE request: kernel: numerous infoleaks
http://www.openwall.com/lists/oss-security/2010/09/14/7
http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=7011e660938fc44ed86319c18a5954e95a82ab3e
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc5
https://bugzilla.redhat.com/show_bug.cgi?id=633140
Common Vulnerability Exposure (CVE) ID: CVE-2010-3477
Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search)
Debian Security Information: DSA-2126 (Google Search)
http://www.securitytracker.com/id?1024603
Common Vulnerability Exposure (CVE) ID: CVE-2010-3861
42932
http://secunia.com/advisories/42932
44427
http://www.securityfocus.com/bid/44427
ADV-2011-0124
http://www.vupen.com/english/advisories/2011/0124
RHSA-2010:0958
http://www.redhat.com/support/errata/RHSA-2010-0958.html
SUSE-SA:2011:004
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html
[oss-security] 20101025 CVE request: kernel: heap contents leak from ETHTOOL_GRXCLSRLALL
http://openwall.com/lists/oss-security/2010/10/25/4
[oss-security] 20101026 Re: CVE request: kernel: heap contents leak from ETHTOOL_GRXCLSRLALL
http://openwall.com/lists/oss-security/2010/10/26/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ae6df5f96a51818d6376da5307d773baeece4014
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36
https://bugzilla.redhat.com/show_bug.cgi?id=646725
Common Vulnerability Exposure (CVE) ID: CVE-2010-3865
42789
http://secunia.com/advisories/42789
44549
http://www.securityfocus.com/bid/44549
ADV-2011-0024
http://www.vupen.com/english/advisories/2011/0024
RHSA-2011:0004
http://www.redhat.com/support/errata/RHSA-2011-0004.html
SUSE-SA:2010:057
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00004.html
[netdev] 20101028 Re: [Security] TIPC security issues
http://www.spinics.net/lists/netdev/msg145359.html
http://www.spinics.net/lists/netdev/msg145397.html
[oss-security] 20101029 CVE request: kernel: iovec overflow in rds_rdma_pages()
http://www.openwall.com/lists/oss-security/2010/10/29/1
[oss-security] 20101101 Re: CVE request: kernel: iovec overflow in rds_rdma_pages()
http://www.openwall.com/lists/oss-security/2010/11/01/1
kernel-rdsrdmapages-overflow(62881)
https://exchange.xforce.ibmcloud.com/vulnerabilities/62881
Common Vulnerability Exposure (CVE) ID: CVE-2010-3874
42745
http://secunia.com/advisories/42745
ADV-2010-3321
http://www.vupen.com/english/advisories/2010/3321
FEDORA-2010-18983
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html
[netdev] 20101102 [SECURITY] CAN info leak/minor heap overflow
http://www.spinics.net/lists/netdev/msg145791.html
[netdev] 20101110 can-bcm: fix minor heap overflow
http://www.spinics.net/lists/netdev/msg146469.html
[oss-security] 20101103 CVE request: kernel: CAN information leak
http://openwall.com/lists/oss-security/2010/11/03/3
[oss-security] 20101104 Re: CVE request: kernel: CAN information leak
http://openwall.com/lists/oss-security/2010/11/04/4
[oss-security] 20101220 CVE request: kernel: CAN information leak, 2nd attempt
http://openwall.com/lists/oss-security/2010/12/20/2
[oss-security] 20101220 Re: CVE request: kernel: CAN information leak, 2nd attempt
http://openwall.com/lists/oss-security/2010/12/20/3
http://openwall.com/lists/oss-security/2010/12/20/4
http://openwall.com/lists/oss-security/2010/12/20/5
http://openwall.com/lists/oss-security/2010/12/21/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0597d1b99fcfc2c0eada09a698f85ed413d4ba84
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2
https://bugzilla.redhat.com/show_bug.cgi?id=649695
Common Vulnerability Exposure (CVE) ID: CVE-2010-3876
42963
http://secunia.com/advisories/42963
44630
http://www.securityfocus.com/bid/44630
ADV-2011-0168
http://www.vupen.com/english/advisories/2011/0168
RHSA-2011:0162
http://www.redhat.com/support/errata/RHSA-2011-0162.html
[netdev] 20101031 [PATCH 2/3] net: packet: fix information leak to userland
http://marc.info/?l=linux-netdev&m=128854507220908&w=2
[oss-security] 20101102 CVE request: kernel stack infoleaks
http://openwall.com/lists/oss-security/2010/11/02/7
[oss-security] 20101102 Re: CVE request: kernel stack infoleaks
http://openwall.com/lists/oss-security/2010/11/02/10
http://openwall.com/lists/oss-security/2010/11/02/12
http://openwall.com/lists/oss-security/2010/11/02/9
[oss-security] 20101104 Re: CVE request: kernel stack infoleaks
http://openwall.com/lists/oss-security/2010/11/04/5
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67286640f638f5ad41a946b9a3dc75327950248f
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2
https://bugzilla.redhat.com/show_bug.cgi?id=649715
Common Vulnerability Exposure (CVE) ID: CVE-2010-3880
42126
http://secunia.com/advisories/42126
44665
http://www.securityfocus.com/bid/44665
[netdev] 20101103 [PATCH 2/2] inet_diag: Make sure we actually run the same bytecode we audited.
http://www.spinics.net/lists/netdev/msg145899.html
[oss-security] 20101104 CVE request: kernel: logic error in INET_DIAG bytecode auditing
http://openwall.com/lists/oss-security/2010/11/04/9
[oss-security] 20101105 Re: CVE request: kernel: logic error in INET_DIAG bytecode auditing
http://openwall.com/lists/oss-security/2010/11/05/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=22e76c849d505d87c5ecf3d3e6742a65f0ff4860
https://bugzilla.redhat.com/show_bug.cgi?id=651264
Common Vulnerability Exposure (CVE) ID: CVE-2010-4072
BugTraq ID: 45054
http://www.securityfocus.com/bid/45054
http://lkml.org/lkml/2010/10/6/454
http://www.openwall.com/lists/oss-security/2010/10/07/1
http://www.openwall.com/lists/oss-security/2010/10/25/3
http://www.redhat.com/support/errata/RHSA-2011-0017.html
http://secunia.com/advisories/42884
http://secunia.com/advisories/43161
SuSE Security Announcement: SUSE-SA:2010:060 (Google Search)
SuSE Security Announcement: SUSE-SA:2011:001 (Google Search)
SuSE Security Announcement: SUSE-SA:2011:004 (Google Search)
SuSE Security Announcement: SUSE-SA:2011:007 (Google Search)
SuSE Security Announcement: SUSE-SA:2011:008 (Google Search)
http://www.ubuntu.com/usn/USN-1057-1
http://www.vupen.com/english/advisories/2011/0280
Common Vulnerability Exposure (CVE) ID: CVE-2010-4073
BugTraq ID: 45073
http://www.securityfocus.com/bid/45073
http://lkml.org/lkml/2010/10/6/492
http://securityreason.com/securityalert/8366
Common Vulnerability Exposure (CVE) ID: CVE-2010-4074
BugTraq ID: 45074
http://www.securityfocus.com/bid/45074
http://lkml.org/lkml/2010/9/15/392
http://www.openwall.com/lists/oss-security/2010/09/25/2
http://www.openwall.com/lists/oss-security/2010/10/06/6
Common Vulnerability Exposure (CVE) ID: CVE-2010-4075
BugTraq ID: 43806
http://www.securityfocus.com/bid/43806
http://lkml.indiana.edu/hypermail//linux/kernel/1009.1/03388.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-4077
BugTraq ID: 45059
http://www.securityfocus.com/bid/45059
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d281da7ff6f70efca0553c288bb883e8605b3862
http://lkml.indiana.edu/hypermail//linux/kernel/1009.1/03387.html
http://securityreason.com/securityalert/8129
Common Vulnerability Exposure (CVE) ID: CVE-2010-4079
BugTraq ID: 45062
http://www.securityfocus.com/bid/45062
http://lkml.org/lkml/2010/9/15/393
Common Vulnerability Exposure (CVE) ID: CVE-2010-4080
BugTraq ID: 45058
http://www.securityfocus.com/bid/45058
BugTraq ID: 45063
http://www.securityfocus.com/bid/45063
http://lkml.org/lkml/2010/9/25/41
SuSE Security Announcement: SUSE-SA:2011:002 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2010-4081
Common Vulnerability Exposure (CVE) ID: CVE-2010-4082
BugTraq ID: 43817
http://www.securityfocus.com/bid/43817
http://lkml.indiana.edu/hypermail//linux/kernel/1009.1/03392.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-4083
BugTraq ID: 43809
http://www.securityfocus.com/bid/43809
http://www.spinics.net/lists/mm-commits/msg80234.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-4158
20101109 Kernel 0-day
http://lists.grok.org.uk/pipermail/full-disclosure/2010-November/077321.html
http://www.securityfocus.com/archive/1/514705
20101118 Re: Kernel 0-day
http://www.securityfocus.com/archive/1/514845
42884
44758
http://www.securityfocus.com/bid/44758
RHSA-2011:0017
[netdev] 20101109 [PATCH] Prevent reading uninitialized memory with socket filters
http://www.spinics.net/lists/netdev/msg146361.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=57fe93b374a6b8711995c2d466c502af9f3a08bb
https://bugzilla.redhat.com/show_bug.cgi?id=651698
Common Vulnerability Exposure (CVE) ID: CVE-2010-4160
43056
http://secunia.com/advisories/43056
44762
http://www.securityfocus.com/bid/44762
ADV-2011-0213
http://www.vupen.com/english/advisories/2011/0213
SUSE-SA:2011:005
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html
[netdev] 20101027 Re: [PATCH 1/4] tipc: Fix bugs in tipc_msg_calc_data_size()
http://www.spinics.net/lists/netdev/msg145248.html
[netdev] 20101031 [SECURITY] L2TP send buffer allocation size overflows
http://www.spinics.net/lists/netdev/msg145673.html
[oss-security] 20101110 CVE request: kernel: L2TP send buffer allocation size overflows
http://openwall.com/lists/oss-security/2010/11/10/5
[oss-security] 20101110 Re: CVE request: kernel: L2TP send buffer allocation size overflows
http://openwall.com/lists/oss-security/2010/11/10/16
[oss-security] 20101124 Re: CVE request: kernel: L2TP send buffer allocation size overflows
http://openwall.com/lists/oss-security/2010/11/24/12
http://openwall.com/lists/oss-security/2010/11/24/4
http://openwall.com/lists/oss-security/2010/11/24/5
http://openwall.com/lists/oss-security/2010/11/24/6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=253eacc070b114c2ec1f81b067d2fed7305467b0
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8acfe468b0384e834a303f08ebc4953d72fb690a
http://xorl.wordpress.com/2010/11/11/cve-2010-4160-linux-kernel-l2tp-integer-overflows/
https://bugzilla.redhat.com/show_bug.cgi?id=651892
Common Vulnerability Exposure (CVE) ID: CVE-2010-4162
44793
http://www.securityfocus.com/bid/44793
[oss-security] 20101110 CVE request: kernel: Multiple DoS issues in block layer
http://openwall.com/lists/oss-security/2010/11/10/18
[oss-security] 20101112 Re: CVE request: kernel: Multiple DoS issues in block layer
http://openwall.com/lists/oss-security/2010/11/12/2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cb4644cac4a2797afc847e6c92736664d4b0ea34
https://bugzilla.redhat.com/show_bug.cgi?id=652529
Common Vulnerability Exposure (CVE) ID: CVE-2010-4163
[oss-security] 20101129 Re: CVE request: kernel: Multiple DoS issues in block layer
http://openwall.com/lists/oss-security/2010/11/29/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9284bcf4e335e5f18a8bc7b26461c33ab60d0689
https://bugzilla.redhat.com/show_bug.cgi?id=652957
Common Vulnerability Exposure (CVE) ID: CVE-2010-4242
45014
http://www.securityfocus.com/bid/45014
[linux-kernel] 20101007 Peculiar stuff in hci_ath3k/badness in hci_uart
https://lkml.org/lkml/2010/10/7/255
http://git.kernel.org/linus/c19483cc5e56ac5e22dd19cf25ba210ab1537773
http://xorl.wordpress.com/2010/12/01/cve-2010-4242-linux-kernel-bluetooth-hci-uart-invalid-pointer-access/
https://bugzilla.redhat.com/show_bug.cgi?id=641410
kernel-hciuartttyopen-dos(64617)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64617
Common Vulnerability Exposure (CVE) ID: CVE-2010-4248
45028
http://www.securityfocus.com/bid/45028
[oss-security] 20101123 CVE request: kernel: posix-cpu-timers: workaround to suppress the problems with mt exec
http://www.openwall.com/lists/oss-security/2010/11/23/2
[oss-security] 20101124 Re: CVE request: kernel: posix-cpu-timers: workaround to suppress the problems with mt exec
http://www.openwall.com/lists/oss-security/2010/11/24/9
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e0a70217107e6f9844628120412cb27bb4cea194
https://bugzilla.redhat.com/show_bug.cgi?id=656264
Common Vulnerability Exposure (CVE) ID: CVE-2010-4249
15622
http://www.exploit-db.com/exploits/15622/
42354
http://secunia.com/advisories/42354
45037
http://www.securityfocus.com/bid/45037
[linux-kernel] 20101123 Unix socket local DOS (OOM)
http://lkml.org/lkml/2010/11/23/395
[linux-kernel] 20101124 [PATCH net-next-2.6] scm: lower SCM_MAX_FD
http://lkml.org/lkml/2010/11/23/450
[linux-kernel] 20101125 Simple kernel attack using socketpair. easy, 100% reproductiblle, works under guest. no way to protect :(
http://lkml.org/lkml/2010/11/25/8
[netdev] 20101124 [PATCH] af_unix: limit unix_tot_inflight
http://marc.info/?l=linux-netdev&m=129059035929046&w=2
[oss-security] 20101124 CVE request: kernel: unix socket local dos
http://www.openwall.com/lists/oss-security/2010/11/24/2
[oss-security] 20101124 Re: CVE request: kernel: unix socket local dos
http://www.openwall.com/lists/oss-security/2010/11/24/10
http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=9915672d41273f5b77f1b3c29b391ffb7732b84b
http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.37-rc3-next-20101125.bz2
https://bugzilla.redhat.com/show_bug.cgi?id=656756
Common Vulnerability Exposure (CVE) ID: CVE-2010-4263
45208
http://www.securityfocus.com/bid/45208
[oss-security] 20101206 CVE request: kernel: igb panics when receiving tag vlan packet
http://openwall.com/lists/oss-security/2010/12/06/3
[oss-security] 20101206 Re: CVE request: kernel: igb panics when receiving tag vlan packet
http://openwall.com/lists/oss-security/2010/12/06/9
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=31b24b955c3ebbb6f3008a6374e61cf7c05a193c
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34
https://bugzilla.kernel.org/show_bug.cgi?id=15582
https://bugzilla.redhat.com/show_bug.cgi?id=660188
Common Vulnerability Exposure (CVE) ID: CVE-2010-4525
45676
http://www.securityfocus.com/bid/45676
70377
http://osvdb.org/70377
ADV-2011-0123
http://www.vupen.com/english/advisories/2011/0123
RHSA-2011:0028
http://www.redhat.com/support/errata/RHSA-2011-0028.html
[oss-security] 20110105 CVE-2010-4525 kvm: x86: zero kvm_vcpu_events->interrupt.pad infoleak
http://www.openwall.com/lists/oss-security/2011/01/05/1
[oss-security] 20110105 Re: CVE-2010-4525 kvm: x86: zero kvm_vcpu_events->interrupt.pad infoleak
http://www.openwall.com/lists/oss-security/2011/01/05/9
[oss-security] 20110106 Re: CVE-2010-4525 kvm: x86: zero kvm_vcpu_events->interrupt.pad infoleak
http://www.openwall.com/lists/oss-security/2011/01/06/3
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4525
kernel-kvmvcpueventsinterrupt-info-disc(64519)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64519
Common Vulnerability Exposure (CVE) ID: CVE-2010-4668
BugTraq ID: 45660
http://www.securityfocus.com/bid/45660
http://lkml.org/lkml/2010/11/29/70
http://lkml.org/lkml/2010/11/29/68
http://openwall.com/lists/oss-security/2010/11/30/4
http://openwall.com/lists/oss-security/2010/11/30/7
XForce ISS Database: linux-blkrqmapuseriov-dos(64496)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64496
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.