Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.54310
Category:Trustix Local Security Checks
Title:Trustix Security Advisory TSLSA-2005-0011 (kernel)
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory TSLSA-2005-0011.

Mathieu Lafon didcovered an information leak in the ext2 mkdir() function
where random kernel memory is written to disk.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2005-0400 to this issue.


Herbert Xu discovered a potential DOS in load_elf_library.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2005-0749 to this issue.


Ilja van Sprundel discovered an exploitable integer overflow in
af_bluetooth which could lead to priviliege escalation.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2005-0750 to this issue.


Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2005-0011

Risk factor : High

CVSS Score:
7.2

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-0400
BugTraq ID: 12932
http://www.securityfocus.com/bid/12932
Bugtraq: 20050401 Information leak in the Linux kernel ext2 implementation (Google Search)
http://marc.info/?l=bugtraq&m=111238764720696&w=2
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532
http://arkoon.net/advisories/ext2-make-empty-leak.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10336
http://www.redhat.com/support/errata/RHSA-2005-366.html
http://www.redhat.com/support/errata/RHSA-2005-663.html
http://www.redhat.com/support/errata/RHSA-2006-0190.html
http://www.redhat.com/support/errata/RHSA-2006-0191.html
http://secunia.com/advisories/14713/
http://secunia.com/advisories/17002
http://secunia.com/advisories/18684
https://usn.ubuntu.com/103-1/
http://www.vupen.com/english/advisories/2005/1878
XForce ISS Database: kernel-ext2-information-disclosure(19866)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19866
Common Vulnerability Exposure (CVE) ID: CVE-2005-0749
BugTraq ID: 12935
http://www.securityfocus.com/bid/12935
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10640
http://www.redhat.com/support/errata/RHSA-2005-293.html
http://www.redhat.com/support/errata/RHSA-2005-529.html
http://www.redhat.com/support/errata/RHSA-2005-551.html
http://secunia.com/advisories/19607
SGI Security Advisory: 20060402-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U
XForce ISS Database: kernel-loadelflibrary-dos(19867)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19867
Common Vulnerability Exposure (CVE) ID: CVE-2005-0750
BugTraq ID: 12911
http://www.securityfocus.com/bid/12911
Bugtraq: 20050327 local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5 (Google Search)
http://marc.info/?l=bugtraq&m=111204562102633&w=2
http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11719
http://www.redhat.com/support/errata/RHSA-2005-283.html
http://www.redhat.com/support/errata/RHSA-2005-284.html
XForce ISS Database: kernel-bluezsockcreate-integer-underflow(19844)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19844
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.