English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57407
Category:Debian Local Security Checks
Title:Debian: Security Advisory (DSA-1183-1)
Summary:The remote host is missing an update for the Debian 'fai-kernels, kernel-source-2.4.27, systemimager' package(s) announced via the DSA-1183-1 advisory.
Description:Summary:
The remote host is missing an update for the Debian 'fai-kernels, kernel-source-2.4.27, systemimager' package(s) announced via the DSA-1183-1 advisory.

Vulnerability Insight:
Several security related problems have been discovered in the Linux kernel which may lead to a denial of service or even the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2005-4798

A buffer overflow in NFS readlink handling allows a malicious remote server to cause a denial of service.

CVE-2006-2935

Diego Calleja Garcia discovered a buffer overflow in the DVD handling code that could be exploited by a specially crafted DVD USB storage device to execute arbitrary code.

CVE-2006-1528

A bug in the SCSI driver allows a local user to cause a denial of service.

CVE-2006-2444

Patrick McHardy discovered a bug in the SNMP NAT helper that allows remote attackers to cause a denial of service.

CVE-2006-2446

A race condition in the socket buffer handling allows remote attackers to cause a denial of service.

CVE-2006-3745

Wei Wang discovered a bug in the SCTP implementation that allows local users to cause a denial of service and possibly gain root privileges.

CVE-2006-4535

David Miller reported a problem with the fix for CVE-2006-3745 that allows local users to crash the system via an SCTP socket with a certain SO_LINGER value.

The following matrix explains which kernel version for which architecture fixes the problem mentioned above:



stable (sarge)

Source

2.4.27-10sarge4

Alpha architecture

2.4.27-10sarge4

ARM architecture

2.4.27-2sarge4

Intel IA-32 architecture

2.4.27-10sarge4

Intel IA-64 architecture

2.4.27-10sarge4

Motorola 680x0 architecture

2.4.27-3sarge4

MIPS architectures

2.4.27-10.sarge4.040815-1

PowerPC architecture

2.4.27-10sarge4

IBM S/390

2.4.27-2sarge4

Sun Sparc architecture

2.4.27-9sarge4

FAI

1.9.1sarge4

mindi-kernel

2.4.27-2sarge3

kernel-image-speakup-i386

2.4.27-1.1sarge3

systemimager

3.2.3-6sarge3

For the unstable distribution (sid) these problems won't be fixed anymore in the 2.4 kernel series.

We recommend that you upgrade your kernel package and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes.

Affected Software/OS:
'fai-kernels, kernel-source-2.4.27, systemimager' package(s) on Debian 3.1.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-4798
BugTraq ID: 20186
http://www.securityfocus.com/bid/20186
Debian Security Information: DSA-1183 (Google Search)
http://www.debian.org/security/2006/dsa-1183
Debian Security Information: DSA-1184 (Google Search)
http://www.debian.org/security/2006/dsa-1184
http://www.ussg.iu.edu/hypermail/linux/kernel/0509.1/1333.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11536
http://secunia.com/advisories/20398
http://secunia.com/advisories/22082
http://secunia.com/advisories/22093
SuSE Security Announcement: SUSE-SA:2006:028 (Google Search)
http://www.novell.com/linux/security/advisories/2006-05-31.html
Common Vulnerability Exposure (CVE) ID: CVE-2006-1528
18101
http://www.securityfocus.com/bid/18101
20237
http://secunia.com/advisories/20237
20716
http://secunia.com/advisories/20716
21045
http://secunia.com/advisories/21045
21179
http://secunia.com/advisories/21179
21498
http://secunia.com/advisories/21498
21555
http://secunia.com/advisories/21555
21745
http://secunia.com/advisories/21745
22082
22093
ADV-2006-3330
http://www.vupen.com/english/advisories/2006/3330
DSA-1183
DSA-1184
MDKSA-2006:123
http://www.mandriva.com/security/advisories?name=MDKSA-2006:123
RHSA-2006:0493
http://www.redhat.com/support/errata/RHSA-2006-0493.html
SUSE-SA:2006:042
http://www.novell.com/linux/security/advisories/2006_42_kernel.html
SUSE-SA:2006:047
http://www.novell.com/linux/security/advisories/2006_47_kernel.html
USN-302-1
http://www.ubuntu.com/usn/usn-302-1
http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.1
http://linux.bkbits.net:8080/linux-2.6/cset%4043220081yu9ClBQNuqSSnW_9amW7iQ
http://marc.info/?l=linux-scsi&m=112540053711489&w=2
http://support.avaya.com/elmodocs2/security/ASA-2006-161.htm
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168791
kernel-sg-dos(28510)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28510
oval:org.mitre.oval:def:11037
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11037
Common Vulnerability Exposure (CVE) ID: CVE-2006-2444
1016153
http://securitytracker.com/id?1016153
18081
http://www.securityfocus.com/bid/18081
20182
http://secunia.com/advisories/20182
20225
http://secunia.com/advisories/20225
21035
http://secunia.com/advisories/21035
21136
http://secunia.com/advisories/21136
21605
http://secunia.com/advisories/21605
21983
http://secunia.com/advisories/21983
22174
http://secunia.com/advisories/22174
22822
http://secunia.com/advisories/22822
25750
http://www.osvdb.org/25750
ADV-2006-1916
http://www.vupen.com/english/advisories/2006/1916
MDKSA-2006:087
http://www.mandriva.com/security/advisories?name=MDKSA-2006:087
RHSA-2006:0437
http://www.redhat.com/support/errata/RHSA-2006-0437.html
RHSA-2006:0580
http://www.redhat.com/support/errata/RHSA-2006-0580.html
RHSA-2006:0617
http://www.redhat.com/support/errata/RHSA-2006-0617.html
SUSE-SA:2006:064
http://www.novell.com/linux/security/advisories/2006_64_kernel.html
VU#681569
http://www.kb.cert.org/vuls/id/681569
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.18
http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm
http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git%3Ba=commit%3Bh=1db6b5a66e93ff125ab871d6b3f7363412cc87e8
linux-snmp-nathelper-dos(26594)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26594
oval:org.mitre.oval:def:11318
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11318
Common Vulnerability Exposure (CVE) ID: CVE-2006-2446
19475
http://www.securityfocus.com/bid/19475
21465
http://secunia.com/advisories/21465
22417
http://secunia.com/advisories/22417
MDKSA-2007:025
http://www.mandriva.com/security/advisories?name=MDKSA-2007:025
RHSA-2006:0575
http://www.redhat.com/support/errata/RHSA-2006-0575.html
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192779
oval:org.mitre.oval:def:9117
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9117
Common Vulnerability Exposure (CVE) ID: CVE-2006-2935
18847
http://www.securityfocus.com/bid/18847
20060831 rPSA-2006-0162-1 kernel
http://www.securityfocus.com/archive/1/444887/100/0/threaded
21298
http://secunia.com/advisories/21298
21614
http://secunia.com/advisories/21614
21695
http://secunia.com/advisories/21695
21934
http://secunia.com/advisories/21934
22497
http://secunia.com/advisories/22497
23064
http://secunia.com/advisories/23064
23788
http://secunia.com/advisories/23788
24288
http://secunia.com/advisories/24288
ADV-2006-2680
http://www.vupen.com/english/advisories/2006/2680
MDKSA-2006:150
http://www.mandriva.com/security/advisories?name=MDKSA-2006:150
MDKSA-2006:151
http://www.mandriva.com/security/advisories?name=MDKSA-2006:151
RHSA-2006:0710
http://www.redhat.com/support/errata/RHSA-2006-0710.html
RHSA-2007:0012
http://www.redhat.com/support/errata/RHSA-2007-0012.html
RHSA-2007:0013
http://www.redhat.com/support/errata/RHSA-2007-0013.html
SUSE-SA:2006:049
http://www.novell.com/linux/security/advisories/2006_49_kernel.html
USN-331-1
http://www.ubuntu.com/usn/usn-331-1
USN-346-1
http://www.ubuntu.com/usn/usn-346-1
http://bugzilla.kernel.org/show_bug.cgi?id=2966
http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm
http://support.avaya.com/elmodocs2/security/ASA-2007-078.htm
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197670
https://issues.rpath.com/browse/RPL-611
linux-dvdreadbca-bo(27579)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27579
oval:org.mitre.oval:def:10886
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10886
Common Vulnerability Exposure (CVE) ID: CVE-2006-3745
19666
http://www.securityfocus.com/bid/19666
20060822 Linux Kernel SCTP Privilege Elevation Vulnerability
http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0600.html
http://www.securityfocus.com/archive/1/444066/100/0/threaded
21576
http://secunia.com/advisories/21576
21847
http://secunia.com/advisories/21847
22148
http://secunia.com/advisories/22148
ADV-2006-3358
http://www.vupen.com/english/advisories/2006/3358
SUSE-SA:2006:057
http://www.novell.com/linux/security/advisories/2006_57_kernel.html
SUSE-SR:2006:021
http://www.novell.com/linux/security/advisories/2006_21_sr.html
SUSE-SR:2006:022
http://www.novell.com/linux/security/advisories/2006_22_sr.html
http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.2
kernel-sctp-privilege-escalation(28530)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28530
oval:org.mitre.oval:def:10706
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10706
Common Vulnerability Exposure (CVE) ID: CVE-2006-4535
BugTraq ID: 20087
http://www.securityfocus.com/bid/20087
http://www.mandriva.com/security/advisories?name=MDKSA-2006:182
http://www.mail-archive.com/kernel-svn-changes@lists.alioth.debian.org/msg02314.html
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204460
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10530
http://www.redhat.com/support/errata/RHSA-2006-0689.html
http://securitytracker.com/id?1016992
http://secunia.com/advisories/21945
http://secunia.com/advisories/21967
http://secunia.com/advisories/22292
http://secunia.com/advisories/22382
http://secunia.com/advisories/22945
http://www.ubuntu.com/usn/usn-347-1
XForce ISS Database: kernel-sctp-dos(29011)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29011
CopyrightCopyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.