ID de Prueba:	1.3.6.1.4.1.25623.1.0.871654
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for kernel RHSA-2016:1633-01
Resumen:	The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the referenced advisory. Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel's networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then measuring the changes by probing packets. An off-path attacker could use this flaw to either terminate TCP connection and/or inject payload into non-secured TCP connection between two endpoints on the network. (CVE-2016-5696, Important) Red Hat would like to thank Yue Cao from Cyber Security Group in the CS department of University of California, Riverside, for reporting this issue. Affected Software/OS: kernel on Red Hat Enterprise Linux Server (v. 7) Solution: Please Install the Updated Packages. CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5696 BugTraq ID: 91704 http://www.securityfocus.com/bid/91704 http://www.prnewswire.com/news-releases/mitnick-attack-reappears-at-geekpwn-macau-contest-300270779.html https://github.com/Gnoxter/mountain_goat https://www.arista.com/en/support/advisories-notices/security-advisories/1461-security-advisory-23 https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_cao.pdf http://www.openwall.com/lists/oss-security/2016/07/12/2 RedHat Security Advisories: RHSA-2016:1631 http://rhn.redhat.com/errata/RHSA-2016-1631.html RedHat Security Advisories: RHSA-2016:1632 http://rhn.redhat.com/errata/RHSA-2016-1632.html RedHat Security Advisories: RHSA-2016:1633 http://rhn.redhat.com/errata/RHSA-2016-1633.html RedHat Security Advisories: RHSA-2016:1657 http://rhn.redhat.com/errata/RHSA-2016-1657.html RedHat Security Advisories: RHSA-2016:1664 http://rhn.redhat.com/errata/RHSA-2016-1664.html RedHat Security Advisories: RHSA-2016:1814 http://rhn.redhat.com/errata/RHSA-2016-1814.html RedHat Security Advisories: RHSA-2016:1815 http://rhn.redhat.com/errata/RHSA-2016-1815.html RedHat Security Advisories: RHSA-2016:1939 http://rhn.redhat.com/errata/RHSA-2016-1939.html http://www.securitytracker.com/id/1036625 http://www.ubuntu.com/usn/USN-3070-1 http://www.ubuntu.com/usn/USN-3070-2 http://www.ubuntu.com/usn/USN-3070-3 http://www.ubuntu.com/usn/USN-3070-4 http://www.ubuntu.com/usn/USN-3071-1 http://www.ubuntu.com/usn/USN-3071-2 http://www.ubuntu.com/usn/USN-3072-1 http://www.ubuntu.com/usn/USN-3072-2
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.