Test ID:	1.3.6.1.4.1.25623.1.0.120419
Category:	Amazon Linux Local Security Checks
Title:	Amazon Linux: Security Advisory (ALAS-2012-58)
Summary:	The remote host is missing an update for the 'kernel' package(s) announced via the ALAS-2012-58 advisory.
Description:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ALAS-2012-58 advisory. Vulnerability Insight: The ExecShield feature does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protection mechanism by leveraging a predictable base address for one of these libraries. Affected Software/OS: 'kernel' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 1.9 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1568 [oss-security] 20120320 Re: CVE request -- kernel: execshield: predictable ascii armour base address http://www.openwall.com/lists/oss-security/2012/03/20/4 [oss-security] 20120321 Re: CVE request -- kernel: execshield: predictable ascii armour base address http://openwall.com/lists/oss-security/2012/03/21/3 http://scarybeastsecurity.blogspot.com/2012/03/some-random-observations-on-linux-aslr.html https://bugzilla.redhat.com/show_bug.cgi?id=804947 https://oss.oracle.com/git/?p=redpatch.git%3Ba=commit%3Bh=302a4fc15aebf202b6dffd6c804377c6058ee6e4
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.