Test ID:	1.3.6.1.4.1.25623.1.0.54310
Category:	Trustix Local Security Checks
Title:	Trustix Security Advisory TSLSA-2005-0011 (kernel)
Summary:	Trustix Security Advisory TSLSA-2005-0011 (kernel)
Description:	The remote host is missing updates announced in advisory TSLSA-2005-0011. Mathieu Lafon didcovered an information leak in the ext2 mkdir() function where random kernel memory is written to disk. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0400 to this issue. Herbert Xu discovered a potential DOS in load_elf_library. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0749 to this issue. Ilja van Sprundel discovered an exploitable integer overflow in af_bluetooth which could lead to priviliege escalation. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0750 to this issue. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2005-0011 Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0400 Bugtraq: 20050401 Information leak in the Linux kernel ext2 implementation (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=111238764720696&w=2 http://arkoon.net/advisories/ext2-make-empty-leak.txt https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532 http://www.redhat.com/support/errata/RHSA-2006-0190.html http://www.redhat.com/support/errata/RHSA-2006-0191.html http://www.redhat.com/support/errata/RHSA-2005-366.html http://www.redhat.com/support/errata/RHSA-2005-663.html http://www.ubuntulinux.org/support/documentation/usn/usn-103-1 BugTraq ID: 12932 http://www.securityfocus.com/bid/12932 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10336 http://www.vupen.com/english/advisories/2005/1878 http://secunia.com/advisories/18684 http://secunia.com/advisories/17002 XForce ISS Database: kernel-ext2-information-disclosure(19866) http://xforce.iss.net/xforce/xfdb/19866 http://secunia.com/advisories/14713/ Common Vulnerability Exposure (CVE) ID: CVE-2005-0749 http://www.redhat.com/support/errata/RHSA-2005-293.html http://www.redhat.com/support/errata/RHSA-2005-529.html http://www.redhat.com/support/errata/RHSA-2005-551.html SGI Security Advisory: 20060402-01-U ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U BugTraq ID: 12935 http://www.securityfocus.com/bid/12935 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10640 http://secunia.com/advisories/19607 XForce ISS Database: kernel-loadelflibrary-dos(19867) http://xforce.iss.net/xforce/xfdb/19867 Common Vulnerability Exposure (CVE) ID: CVE-2005-0750 Bugtraq: 20050327 local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5 (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=111204562102633&w=2 http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html http://www.redhat.com/support/errata/RHSA-2005-283.html http://www.redhat.com/support/errata/RHSA-2005-284.html BugTraq ID: 12911 http://www.securityfocus.com/bid/12911 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11719 XForce ISS Database: kernel-bluezsockcreate-integer-underflow(19844) http://xforce.iss.net/xforce/xfdb/19844
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: