English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 72022 CVE descriptions
and 38680 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.51991
Category:Ubuntu Local Security Checks
Title:Ubuntu 4.10 USN-103-1 (linux-source-2.6.8.1)
Summary:Ubuntu 4.10 USN-103-1 (linux-source-2.6.8.1)
Description:
The remote host is missing an update to linux-source-2.6.8.1
announced via advisory USN-103-1.

Mathieu Lafon discovered an information leak in the ext2 file system
driver. When a new directory was created, the ext2 block written to
disk was not initialized, so that previous memory contents (which
could contain sensitive data like passwords) became visible on the raw
device. This is particularly important if the target device is
removable and thus can be read by users other than root.
(CVE-2005-0400)

Yichen Xie discovered a Denial of Service vulnerability in the ELF
loader. A specially crafted ELF library or executable could cause an
attempt to free an invalid pointer, which lead to a kernel crash.
(CVE-2005-0749)

Ilja van Sprundel discovered that the bluez_sock_create() function did
not check its protocol argument for negative values. A local
attacker could exploit this to execute arbitrary code with root
privileges by creating a Bluetooth socket with a specially crafted
protocol number. (CVE-2005-0750)

Michal Zalewski discovered that the iso9660 file system driver fails
to check ranges properly in several cases. Mounting a specially
crafted CD-ROM may have caused a buffer overflow leading to a kernel
crash or even arbitrary code execution. (CVE-2005-0815)

Previous kernels did not restrict the use of the N_MOUSE line
discipline in the serial driver. This allowed an unprivileged user to
inject mouse movement and/or keystrokes (using the sunkbd driver) into
the input subsystem, taking over the console or an X session, where
another user is logged in. (CVE-2005-0839)

A Denial of Service vulnerability was found in the tmpfs driver, which
is commonly used to mount RAM disks below /dev/shm and /tmp. The
shm_nopage() did not properly verify its address argument, which could
be exploited by a local user to cause a kernel crash with invalid
addresses.
(http://linux.bkbits.net:8080/linux-2.6/cset@420551fbRlv9-QG6Gw9Lw_bKVfPSsg)

The following packages are affected:

linux-image-2.6.8.1-5-386
linux-image-2.6.8.1-5-686
linux-image-2.6.8.1-5-686-smp
linux-image-2.6.8.1-5-amd64-generic
linux-image-2.6.8.1-5-amd64-k8
linux-image-2.6.8.1-5-amd64-k8-smp
linux-image-2.6.8.1-5-amd64-xeon
linux-image-2.6.8.1-5-k7
linux-image-2.6.8.1-5-k7-smp
linux-image-2.6.8.1-5-power3
linux-image-2.6.8.1-5-power3-smp
linux-image-2.6.8.1-5-power4
linux-image-2.6.8.1-5-power4-smp
linux-image-2.6.8.1-5-powerpc
linux-image-2.6.8.1-5-powerpc-smp
linux-patch-debian-2.6.8.1

Solution:
The problem can be corrected by upgrading the affected package to
version 2.6.8.1-16.13. You need to reboot the computer after doing a
standard system upgrade to effect the necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-103-1

Risk factor : High
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-0400
Bugtraq: 20050401 Information leak in the Linux kernel ext2 implementation (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=111238764720696&w=2
http://arkoon.net/advisories/ext2-make-empty-leak.txt
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532
http://www.redhat.com/support/errata/RHSA-2006-0190.html
http://www.redhat.com/support/errata/RHSA-2006-0191.html
http://www.redhat.com/support/errata/RHSA-2005-366.html
http://www.redhat.com/support/errata/RHSA-2005-663.html
http://www.ubuntulinux.org/support/documentation/usn/usn-103-1
BugTraq ID: 12932
http://www.securityfocus.com/bid/12932
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10336
http://www.vupen.com/english/advisories/2005/1878
http://secunia.com/advisories/18684
http://secunia.com/advisories/17002
XForce ISS Database: kernel-ext2-information-disclosure(19866)
http://xforce.iss.net/xforce/xfdb/19866
http://secunia.com/advisories/14713/
Common Vulnerability Exposure (CVE) ID: CVE-2005-0749
http://www.redhat.com/support/errata/RHSA-2005-293.html
http://www.redhat.com/support/errata/RHSA-2005-529.html
http://www.redhat.com/support/errata/RHSA-2005-551.html
SGI Security Advisory: 20060402-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U
BugTraq ID: 12935
http://www.securityfocus.com/bid/12935
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10640
http://secunia.com/advisories/19607
XForce ISS Database: kernel-loadelflibrary-dos(19867)
http://xforce.iss.net/xforce/xfdb/19867
Common Vulnerability Exposure (CVE) ID: CVE-2005-0750
Bugtraq: 20050327 local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5 (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=111204562102633&w=2
http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html
http://www.redhat.com/support/errata/RHSA-2005-283.html
http://www.redhat.com/support/errata/RHSA-2005-284.html
BugTraq ID: 12911
http://www.securityfocus.com/bid/12911
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11719
XForce ISS Database: kernel-bluezsockcreate-integer-underflow(19844)
http://xforce.iss.net/xforce/xfdb/19844
Common Vulnerability Exposure (CVE) ID: CVE-2005-0815
Bugtraq: 20050317 Linux ISO9660 handling flaws (Google Search)
http://www.securityfocus.com/archive/1/393590
http://www.mandriva.com/security/advisories?name=MDKSA-2006:072
BugTraq ID: 12837
http://www.securityfocus.com/bid/12837
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9307
XForce ISS Database: kernel-iso9660-filesystem(19741)
http://xforce.iss.net/xforce/xfdb/19741
Common Vulnerability Exposure (CVE) ID: CVE-2005-0839
http://www.mail-archive.com/linux-kernel@vger.kernel.org/msg64704.html
http://linux.bkbits.net:8080/linux-2.6/cset@41fa6464E1UuGu6zmketEYxm73KSyQ
http://www.securityfocus.com/archive/1/archive/1/427980/100/0/threaded
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9460
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 38680 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.