English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57629
Category:Mandrake Local Security Checks
Title:Mandrake Security Advisory MDKSA-2006:197 (kernel)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to kernel
announced via advisory MDKSA-2006:197.

Some vulnerabilities were discovered and corrected in the Linux 2.6
kernel:

Bugs in the netfilter for IPv6 code, as reported by Mark Dowd, were
fixed (CVE-2006-4572).

The ATM subsystem of the Linux kernel could allow a remote attacker to
cause a Denial of Service (panic) via unknown vectors that cause the
ATM subsystem to access the memory of socket buffers after they are
freed (CVE-2006-4997).

The provided packages are patched to fix these vulnerabilities. All
users are encouraged to upgrade to these updated kernels immediately
and reboot to effect the fixes.

In addition to these security fixes, other fixes have been included
such as:

- updated to 2.6.17.14 - fix wrong error handling in pccard_store_cis -
add NX mask for PTE entry on x86_64 - fix snd-hda-intel OOPS -
backported support r8169-related (r8168/r8169SC) network chipsets -
explicitly initialize some members of the drm_driver structure,
otherwise NULL init will have bad side effects (mach64) - support for
building a nosrc.rpm package - fixed unplug/eject on pcmcia cards with
r8169 chipsets - fix libata resource conflicts - fix xenU crash and
re-enable domU boot logs - fix refcount error triggered by software
using /proc/[pid]/auxv

To update your kernel, please follow the directions located at:

http://www.mandriva.com/en/security/kernelupdate

Affected: 2007.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:197

Risk factor : High

CVSS Score:
7.5

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-4572
20070615 rPSA-2007-0124-1 kernel xen
http://www.securityfocus.com/archive/1/471457
20955
http://www.securityfocus.com/bid/20955
22731
http://secunia.com/advisories/22731
22762
http://secunia.com/advisories/22762
23384
http://secunia.com/advisories/23384
23474
http://secunia.com/advisories/23474
24098
http://secunia.com/advisories/24098
25691
http://secunia.com/advisories/25691
ADV-2006-4386
http://www.vupen.com/english/advisories/2006/4386
MDKSA-2006:197
http://www.mandriva.com/security/advisories?name=MDKSA-2006:197
SUSE-SA:2006:079
http://www.novell.com/linux/security/advisories/2006_79_kernel.html
USN-395-1
http://www.ubuntu.com/usn/usn-395-1
USN-416-1
http://www.ubuntu.com/usn/usn-416-1
[linux-kernel] 20061105 Linux 2.6.16.31-rc1
http://readlist.com/lists/vger.kernel.org/linux-kernel/55/275979.html
http://www.kernel.org/git/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-2.6.16.y.git&a=search&s=CVE-2006-4572
http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git%3Ba=commit%3Bh=0ddfcc96928145d6a6425fdd26dad6abfe7f891d
http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git%3Ba=commit%3Bh=6ac62be885810e1f8390f0c3b9d3ee451d3d3f19
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.31
Common Vulnerability Exposure (CVE) ID: CVE-2006-4997
BugTraq ID: 20363
http://www.securityfocus.com/bid/20363
Bugtraq: 20070615 rPSA-2007-0124-1 kernel xen (Google Search)
Debian Security Information: DSA-1233 (Google Search)
http://www.us.debian.org/security/2006/dsa-1233
Debian Security Information: DSA-1237 (Google Search)
http://www.us.debian.org/security/2006/dsa-1237
http://www.mandriva.com/security/advisories?name=MDKSA-2007:012
http://www.mandriva.com/security/advisories?name=MDKSA-2007:025
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10388
http://www.redhat.com/support/errata/RHSA-2006-0689.html
http://www.redhat.com/support/errata/RHSA-2006-0710.html
http://www.redhat.com/support/errata/RHSA-2007-0012.html
http://www.redhat.com/support/errata/RHSA-2007-0013.html
http://securitytracker.com/id?1017526
http://secunia.com/advisories/22253
http://secunia.com/advisories/22279
http://secunia.com/advisories/22292
http://secunia.com/advisories/22497
http://secunia.com/advisories/22945
http://secunia.com/advisories/23064
http://secunia.com/advisories/23370
http://secunia.com/advisories/23395
http://secunia.com/advisories/23752
http://secunia.com/advisories/23788
http://secunia.com/advisories/24288
SuSE Security Announcement: SUSE-SA:2006:079 (Google Search)
http://www.vupen.com/english/advisories/2006/3937
http://www.vupen.com/english/advisories/2006/3999
XForce ISS Database: kernel-clipmkip-dos(29387)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29387
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.