Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57092
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2006:0579
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2006:0579.

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for the security issues described
below:

* a flaw in the USB devio handling of device removal that allowed a local
user to cause a denial of service (crash) (CVE-2005-3055, moderate)

* a flaw in ROSE due to missing verification of the ndigis argument of new
routes (CVE-2005-3273, moderate)

* an info leak on AMD-based x86 systems that allowed a local user to
retrieve the floating point exception state of a process run by a different
user (CVE-2006-1056, important)

* a minor info leak in socket name handling in the network code
(CVE-2006-1342, low)

* a minor info leak in socket option handling in the network code
(CVE-2006-1343, low)

* a directory traversal vulnerability in smbfs that allowed a local user to
escape chroot restrictions for an SMB-mounted filesystem via ..\\
sequences (CVE-2006-1864, moderate)

* a flaw in the mprotect system call that allowed to give write permission
to a readonly attachment of shared memory (CVE-2006-2071, moderate)

A performance bug in the NFS implementation that caused clients to
frequently pause when sending TCP segments during heavy write loads was
also addressed.

All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels
to these updated packages, which contain backported fixes to correct these
issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2006-0579.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : Medium

CVSS Score:
5.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-3055
BugTraq ID: 14955
http://www.securityfocus.com/bid/14955
Debian Security Information: DSA-1017 (Google Search)
http://www.debian.org/security/2006/dsa-1017
http://www.mandriva.com/security/advisories?name=MDKSA-2005:218
http://www.mandriva.com/security/advisories?name=MDKSA-2005:219
http://www.mandriva.com/security/advisories?name=MDKSA-2005:220
http://www.mandriva.com/security/advisories?name=MDKSA-2005:235
http://marc.info/?l=linux-kernel&m=112766129313883
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9472
http://www.redhat.com/support/errata/RHSA-2006-0437.html
http://www.redhat.com/support/errata/RHSA-2006-0575.html
http://www.redhat.com/support/errata/RHSA-2006-0579.html
http://www.redhat.com/support/errata/RHSA-2006-0580.html
http://secunia.com/advisories/17826
http://secunia.com/advisories/17917
http://secunia.com/advisories/17918
http://secunia.com/advisories/19374
http://secunia.com/advisories/21035
http://secunia.com/advisories/21136
http://secunia.com/advisories/21465
http://secunia.com/advisories/21983
http://secunia.com/advisories/22417
SuSE Security Announcement: SUSE-SA:2005:067 (Google Search)
http://www.securityfocus.com/advisories/9806
SuSE Security Announcement: SUSE-SA:2005:068 (Google Search)
http://www.securityfocus.com/archive/1/419522/100/0/threaded
https://usn.ubuntu.com/219-1/
http://www.vupen.com/english/advisories/2005/1863
Common Vulnerability Exposure (CVE) ID: CVE-2005-3273
BugTraq ID: 13886
http://www.securityfocus.com/bid/13886
Debian Security Information: DSA-922 (Google Search)
http://www.debian.org/security/2005/dsa-922
http://www.securityfocus.com/archive/1/428028/100/0/threaded
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9552
http://www.redhat.com/support/errata/RHSA-2005-663.html
http://securitytracker.com/id?1014115
http://secunia.com/advisories/18056
Common Vulnerability Exposure (CVE) ID: CVE-2006-1056
BugTraq ID: 17600
http://www.securityfocus.com/bid/17600
Bugtraq: 20060419 FreeBSD Security Advisory FreeBSD-SA-06:14.fpu (Google Search)
http://www.securityfocus.com/archive/1/431341
Bugtraq: 20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1 (Google Search)
http://www.securityfocus.com/archive/1/451419/100/200/threaded
Bugtraq: 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4 (Google Search)
http://www.securityfocus.com/archive/1/451404/100/0/threaded
Bugtraq: 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2 (Google Search)
http://www.securityfocus.com/archive/1/451417/100/200/threaded
Bugtraq: 20061113 VMSA-2006-0009 - VMware ESX Server 3.0.0 AMD fxsave/restore issue (Google Search)
http://www.securityfocus.com/archive/1/451421/100/0/threaded
Debian Security Information: DSA-1097 (Google Search)
http://www.debian.org/security/2006/dsa-1097
Debian Security Information: DSA-1103 (Google Search)
http://www.debian.org/security/2006/dsa-1103
http://lwn.net/Alerts/180820/
FreeBSD Security Advisory: FreeBSD-SA-06:14
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:14.fpu.asc
http://security.freebsd.org/advisories/FreeBSD-SA-06:14-amd.txt
http://marc.info/?l=linux-kernel&m=114548768214478&w=2
http://www.osvdb.org/24746
http://www.osvdb.org/24807
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9995
http://securitytracker.com/id?1015966
http://secunia.com/advisories/19715
http://secunia.com/advisories/19724
http://secunia.com/advisories/19735
http://secunia.com/advisories/20398
http://secunia.com/advisories/20671
http://secunia.com/advisories/20716
http://secunia.com/advisories/20914
http://secunia.com/advisories/22875
http://secunia.com/advisories/22876
SuSE Security Announcement: SUSE-SA:2006:028 (Google Search)
http://www.novell.com/linux/security/advisories/2006-05-31.html
SuSE Security Announcement: SUSE-SU-2014:0446 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
http://www.ubuntu.com/usn/usn-302-1
http://www.vupen.com/english/advisories/2006/1426
http://www.vupen.com/english/advisories/2006/1475
http://www.vupen.com/english/advisories/2006/2554
http://www.vupen.com/english/advisories/2006/4353
http://www.vupen.com/english/advisories/2006/4502
XForce ISS Database: amd-fpu-information-disclosure(25871)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25871
Common Vulnerability Exposure (CVE) ID: CVE-2006-1342
BugTraq ID: 17203
http://www.securityfocus.com/bid/17203
Bugtraq: 20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2 (Google Search)
http://www.securityfocus.com/archive/1/451426/100/200/threaded
http://marc.info/?l=linux-netdev&m=114148078223594&w=2
http://secunia.com/advisories/19357
Common Vulnerability Exposure (CVE) ID: CVE-2006-1343
Bugtraq: 20060531 rPSA-2006-0087-1 kernel (Google Search)
http://www.securityfocus.com/archive/1/435490/100/0/threaded
Debian Security Information: DSA-1184 (Google Search)
http://www.debian.org/security/2006/dsa-1184
http://www.mandriva.com/security/advisories?name=MDKSA-2006:123
http://www.mandriva.com/security/advisories?name=MDKSA-2006:150
http://www.osvdb.org/29841
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10875
http://secunia.com/advisories/19955
http://secunia.com/advisories/21045
http://secunia.com/advisories/22093
http://www.trustix.org/errata/2006/0032/
https://usn.ubuntu.com/281-1/
http://www.vupen.com/english/advisories/2006/2071
XForce ISS Database: linux-sockaddr-memory-leak(25425)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25425
Common Vulnerability Exposure (CVE) ID: CVE-2006-1864
BugTraq ID: 17735
http://www.securityfocus.com/bid/17735
http://www.mandriva.com/security/advisories?name=MDKSA-2006:151
http://www.osvdb.org/25067
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11327
http://www.redhat.com/support/errata/RHSA-2006-0493.html
http://www.redhat.com/support/errata/RHSA-2006-0710.html
http://secunia.com/advisories/19869
http://secunia.com/advisories/20237
http://secunia.com/advisories/21476
http://secunia.com/advisories/21614
http://secunia.com/advisories/21745
http://secunia.com/advisories/22497
http://secunia.com/advisories/23064
http://www.trustix.org/errata/2006/0026
XForce ISS Database: kernel-smbfs-directory-traversal(26137)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26137
Common Vulnerability Exposure (CVE) ID: CVE-2006-2071
http://www.mandriva.com/security/advisories?name=MDKSA-2006:086
http://www.osvdb.org/25139
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9978
http://www.redhat.com/support/errata/RHSA-2006-0689.html
http://secunia.com/advisories/20157
http://secunia.com/advisories/22292
http://secunia.com/advisories/22945
http://www.vupen.com/english/advisories/2006/1391
XForce ISS Database: linux-mprotect-security-bypass(26169)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26169
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.