Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57407
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 1183-1 (kernel-source-2.4.27)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to kernel-source-2.4.27
announced via advisory DSA 1183-1.

Several security related problems have been discovered in the Linux
kernel which may lead to a denial of service or even the execution of
arbitrary code. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2005-4798

A buffer overflow in NFS readlink handling allows a malicious
remote server to cause a denial of service.

CVE-2006-2935

Diego Calleja Garcia discovered a buffer overflow in the DVD
handling code that could be exploited by a specially crafted DVD
or USB storage device to execute arbitrary code.

CVE-2006-1528

A bug in the SCSI driver allows a local user to cause a denial of
service.

CVE-2006-2444

Patrick McHardy discovered a bug in the SNMP NAT helper that
allows remote attackers to cause a denial of service.

CVE-2006-2446

A race condition in the socket buffer handling allows remote
attackers to cause a denial of service.

CVE-2006-3745

Wei Wang discovered a bug in the SCTP implementation that allows
local users to cause a denial of service and possibly gain root
privileges.

CVE-2006-4535

David Miller reported a problem with the fix for CVE-2006-3745
that allows local users to crash the system using via an SCTP
socket with a certain SO_LINGER value.


The following matrix explains which kernel version for which
architecture fixes the problem mentioned above:

stable (sarge)
Source 2.4.27-10sarge4
Alpha architecture 2.4.27-10sarge4
ARM architecture 2.4.27-2sarge4
Intel IA-32 architecture 2.4.27-10sarge4
Intel IA-64 architecture 2.4.27-10sarge4
Motorola 680x0 architecture 2.4.27-3sarge4
MIPS architectures 2.4.27-10.sarge4.040815-1
PowerPC architecture 2.4.27-10sarge4
IBM S/390 2.4.27-2sarge4
Sun Sparc architecture 2.4.27-9sarge4
FAI 1.9.1sarge4
mindi-kernel 2.4.27-2sarge3
kernel-image-speakup-i386 2.4.27-1.1sarge3
systemimager 3.2.3-6sarge3


For the unstable distribution (sid) these problems won't be fixed
anymore in the 2.4 kernel series.

We recommend that you upgrade your kernel package and reboot the

Solution:
http://www.securityspace.com/smysecure/catid.html?in=DSA%201183-1

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: BugTraq ID: 18081
BugTraq ID: 18101
BugTraq ID: 18847
BugTraq ID: 19666
BugTraq ID: 20087
Common Vulnerability Exposure (CVE) ID: CVE-2005-4798
BugTraq ID: 20186
http://www.securityfocus.com/bid/20186
Debian Security Information: DSA-1183 (Google Search)
http://www.debian.org/security/2006/dsa-1183
Debian Security Information: DSA-1184 (Google Search)
http://www.debian.org/security/2006/dsa-1184
http://www.ussg.iu.edu/hypermail/linux/kernel/0509.1/1333.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11536
http://secunia.com/advisories/20398
http://secunia.com/advisories/22082
http://secunia.com/advisories/22093
SuSE Security Announcement: SUSE-SA:2006:028 (Google Search)
http://www.novell.com/linux/security/advisories/2006-05-31.html
Common Vulnerability Exposure (CVE) ID: CVE-2006-2935
http://www.securityfocus.com/bid/18847
Bugtraq: 20060831 rPSA-2006-0162-1 kernel (Google Search)
http://www.securityfocus.com/archive/1/444887/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDKSA-2006:150
http://www.mandriva.com/security/advisories?name=MDKSA-2006:151
http://bugzilla.kernel.org/show_bug.cgi?id=2966
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10886
http://www.redhat.com/support/errata/RHSA-2006-0617.html
http://www.redhat.com/support/errata/RHSA-2006-0710.html
http://www.redhat.com/support/errata/RHSA-2007-0012.html
http://www.redhat.com/support/errata/RHSA-2007-0013.html
http://secunia.com/advisories/21179
http://secunia.com/advisories/21298
http://secunia.com/advisories/21498
http://secunia.com/advisories/21605
http://secunia.com/advisories/21614
http://secunia.com/advisories/21695
http://secunia.com/advisories/21934
http://secunia.com/advisories/22174
http://secunia.com/advisories/22497
http://secunia.com/advisories/22822
http://secunia.com/advisories/23064
http://secunia.com/advisories/23788
http://secunia.com/advisories/24288
SuSE Security Announcement: SUSE-SA:2006:042 (Google Search)
http://www.novell.com/linux/security/advisories/2006_42_kernel.html
SuSE Security Announcement: SUSE-SA:2006:047 (Google Search)
http://www.novell.com/linux/security/advisories/2006_47_kernel.html
SuSE Security Announcement: SUSE-SA:2006:049 (Google Search)
http://www.novell.com/linux/security/advisories/2006_49_kernel.html
SuSE Security Announcement: SUSE-SA:2006:064 (Google Search)
http://www.novell.com/linux/security/advisories/2006_64_kernel.html
http://www.ubuntu.com/usn/usn-331-1
http://www.ubuntu.com/usn/usn-346-1
http://www.vupen.com/english/advisories/2006/2680
XForce ISS Database: linux-dvdreadbca-bo(27579)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27579
Common Vulnerability Exposure (CVE) ID: CVE-2006-1528
http://www.securityfocus.com/bid/18101
http://www.mandriva.com/security/advisories?name=MDKSA-2006:123
http://marc.info/?l=linux-scsi&m=112540053711489&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11037
http://www.redhat.com/support/errata/RHSA-2006-0493.html
http://secunia.com/advisories/20237
http://secunia.com/advisories/20716
http://secunia.com/advisories/21045
http://secunia.com/advisories/21555
http://secunia.com/advisories/21745
http://www.ubuntu.com/usn/usn-302-1
http://www.vupen.com/english/advisories/2006/3330
XForce ISS Database: kernel-sg-dos(28510)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28510
Common Vulnerability Exposure (CVE) ID: CVE-2006-2444
http://www.securityfocus.com/bid/18081
CERT/CC vulnerability note: VU#681569
http://www.kb.cert.org/vuls/id/681569
http://www.mandriva.com/security/advisories?name=MDKSA-2006:087
http://www.osvdb.org/25750
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11318
http://www.redhat.com/support/errata/RHSA-2006-0437.html
http://www.redhat.com/support/errata/RHSA-2006-0580.html
http://securitytracker.com/id?1016153
http://secunia.com/advisories/20182
http://secunia.com/advisories/20225
http://secunia.com/advisories/21035
http://secunia.com/advisories/21136
http://secunia.com/advisories/21983
http://www.vupen.com/english/advisories/2006/1916
XForce ISS Database: linux-snmp-nathelper-dos(26594)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26594
Common Vulnerability Exposure (CVE) ID: CVE-2006-2446
BugTraq ID: 19475
http://www.securityfocus.com/bid/19475
http://www.mandriva.com/security/advisories?name=MDKSA-2007:025
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192779
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9117
http://www.redhat.com/support/errata/RHSA-2006-0575.html
http://secunia.com/advisories/21465
http://secunia.com/advisories/22417
Common Vulnerability Exposure (CVE) ID: CVE-2006-3745
http://www.securityfocus.com/bid/19666
Bugtraq: 20060822 Linux Kernel SCTP Privilege Elevation Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/444066/100/0/threaded
http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0600.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10706
http://secunia.com/advisories/21576
http://secunia.com/advisories/21847
http://secunia.com/advisories/22148
SuSE Security Announcement: SUSE-SA:2006:057 (Google Search)
http://www.novell.com/linux/security/advisories/2006_57_kernel.html
SuSE Security Announcement: SUSE-SR:2006:021 (Google Search)
http://www.novell.com/linux/security/advisories/2006_21_sr.html
SuSE Security Announcement: SUSE-SR:2006:022 (Google Search)
http://www.novell.com/linux/security/advisories/2006_22_sr.html
http://www.vupen.com/english/advisories/2006/3358
XForce ISS Database: kernel-sctp-privilege-escalation(28530)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28530
Common Vulnerability Exposure (CVE) ID: CVE-2006-4535
http://www.securityfocus.com/bid/20087
http://www.mandriva.com/security/advisories?name=MDKSA-2006:182
http://www.mail-archive.com/kernel-svn-changes@lists.alioth.debian.org/msg02314.html
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204460
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10530
http://www.redhat.com/support/errata/RHSA-2006-0689.html
http://securitytracker.com/id?1016992
http://secunia.com/advisories/21945
http://secunia.com/advisories/21967
http://secunia.com/advisories/22292
http://secunia.com/advisories/22382
http://secunia.com/advisories/22945
http://www.ubuntu.com/usn/usn-347-1
XForce ISS Database: kernel-sctp-dos(29011)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29011
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.