English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 73247 CVE descriptions
and 39212 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.54310
Category:Trustix Local Security Checks
Title:Trustix Security Advisory TSLSA-2005-0011 (kernel)
Summary:Trustix Security Advisory TSLSA-2005-0011 (kernel)
Description:
The remote host is missing updates announced in
advisory TSLSA-2005-0011.

Mathieu Lafon didcovered an information leak in the ext2 mkdir() function
where random kernel memory is written to disk.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2005-0400 to this issue.


Herbert Xu discovered a potential DOS in load_elf_library.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2005-0749 to this issue.


Ilja van Sprundel discovered an exploitable integer overflow in
af_bluetooth which could lead to priviliege escalation.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2005-0750 to this issue.


Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2005-0011

Risk factor : High
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-0400
Bugtraq: 20050401 Information leak in the Linux kernel ext2 implementation (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=111238764720696&w=2
http://arkoon.net/advisories/ext2-make-empty-leak.txt
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532
http://www.redhat.com/support/errata/RHSA-2006-0190.html
http://www.redhat.com/support/errata/RHSA-2006-0191.html
http://www.redhat.com/support/errata/RHSA-2005-366.html
http://www.redhat.com/support/errata/RHSA-2005-663.html
http://www.ubuntulinux.org/support/documentation/usn/usn-103-1
BugTraq ID: 12932
http://www.securityfocus.com/bid/12932
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10336
http://www.vupen.com/english/advisories/2005/1878
http://secunia.com/advisories/18684
http://secunia.com/advisories/17002
XForce ISS Database: kernel-ext2-information-disclosure(19866)
http://xforce.iss.net/xforce/xfdb/19866
http://secunia.com/advisories/14713/
Common Vulnerability Exposure (CVE) ID: CVE-2005-0749
http://www.redhat.com/support/errata/RHSA-2005-293.html
http://www.redhat.com/support/errata/RHSA-2005-529.html
http://www.redhat.com/support/errata/RHSA-2005-551.html
SGI Security Advisory: 20060402-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U
BugTraq ID: 12935
http://www.securityfocus.com/bid/12935
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10640
http://secunia.com/advisories/19607
XForce ISS Database: kernel-loadelflibrary-dos(19867)
http://xforce.iss.net/xforce/xfdb/19867
Common Vulnerability Exposure (CVE) ID: CVE-2005-0750
Bugtraq: 20050327 local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5 (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=111204562102633&w=2
http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html
http://www.redhat.com/support/errata/RHSA-2005-283.html
http://www.redhat.com/support/errata/RHSA-2005-284.html
BugTraq ID: 12911
http://www.securityfocus.com/bid/12911
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11719
XForce ISS Database: kernel-bluezsockcreate-integer-underflow(19844)
http://xforce.iss.net/xforce/xfdb/19844
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 39212 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.