Test ID:	1.3.6.1.4.1.25623.1.0.51077
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2004:044
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2004:044. The Linux kernel handles the basic functions of the operating system. Alan Cox found issues in the R128 Direct Render Infrastructure that could allow local privilege escalation. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0003 to this issue. The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0700 to this issue. An overflow was found in the ixj telephony card driver in Linux kernels prior to 2.4.20. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2002-1574 to this issue. All users are advised to upgrade to these errata packages, which contain backported security patches that corrects these issues. These packages also contain a fix to enhance NFS performance, which was degraded in the last kernel update as part of Update 3. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2004-044.html Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2002-1574 BugTraq ID: 5985 http://www.securityfocus.com/bid/5985 Computer Incident Advisory Center Bulletin: N-096 http://www.ciac.org/ciac/bulletins/n-096.shtml http://www.redhat.com/support/errata/RHSA-2002-205.html http://www.redhat.com/support/errata/RHSA-2002-206.html http://www.redhat.com/support/errata/RHSA-2004-044.html http://www.redhat.com/support/errata/RHSA-2004-106.html XForce ISS Database: linux-ixj-root-privileges(10417) https://exchange.xforce.ibmcloud.com/vulnerabilities/10417 Common Vulnerability Exposure (CVE) ID: CVE-2003-0700 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A401 http://www.redhat.com/support/errata/RHSA-2003-238.html Common Vulnerability Exposure (CVE) ID: CVE-2004-0003 BugTraq ID: 9570 http://www.securityfocus.com/bid/9570 Computer Incident Advisory Center Bulletin: O-082 http://www.ciac.org/ciac/bulletins/o-082.shtml Computer Incident Advisory Center Bulletin: O-121 http://www.ciac.org/ciac/bulletins/o-121.shtml Computer Incident Advisory Center Bulletin: O-126 http://www.ciac.org/ciac/bulletins/o-126.shtml Computer Incident Advisory Center Bulletin: O-127 http://www.ciac.org/ciac/bulletins/o-127.shtml Computer Incident Advisory Center Bulletin: O-145 http://www.ciac.org/ciac/bulletins/o-145.shtml Debian Security Information: DSA-479 (Google Search) http://www.debian.org/security/2004/dsa-479 Debian Security Information: DSA-480 (Google Search) http://www.debian.org/security/2004/dsa-480 Debian Security Information: DSA-481 (Google Search) http://www.debian.org/security/2004/dsa-481 Debian Security Information: DSA-482 (Google Search) http://www.debian.org/security/2004/dsa-482 Debian Security Information: DSA-489 (Google Search) http://www.debian.org/security/2004/dsa-489 Debian Security Information: DSA-491 (Google Search) http://www.debian.org/security/2004/dsa-491 Debian Security Information: DSA-495 (Google Search) http://www.debian.org/security/2004/dsa-495 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:029 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A834 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9204 http://www.redhat.com/support/errata/RHSA-2004-065.html http://www.redhat.com/support/errata/RHSA-2004-166.html http://secunia.com/advisories/10782 http://secunia.com/advisories/10911 http://secunia.com/advisories/10912 http://secunia.com/advisories/11202 http://secunia.com/advisories/11361 http://secunia.com/advisories/11362 http://secunia.com/advisories/11369 http://secunia.com/advisories/11370 http://secunia.com/advisories/11376 http://secunia.com/advisories/11464 http://secunia.com/advisories/11891 http://secunia.com/advisories/12075 SuSE Security Announcement: SuSE-SA:2004:005 (Google Search) http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html TurboLinux Advisory: TLSA-2004-14 http://www.turbolinux.com/security/2004/TLSA-2004-14.txt XForce ISS Database: linux-r128-gain-priviliges(15029) https://exchange.xforce.ibmcloud.com/vulnerabilities/15029
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.