English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 76783 CVE descriptions
and 40246 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59138
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-451-1 (linux-source-2.6.15/2.6.17)
Summary:Ubuntu USN-451-1 (linux-source-2.6.15/2.6.17)
Description:
The remote host is missing an update to linux-source-2.6.15/2.6.17
announced via advisory USN-451-1.

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

Details follow:

The kernel key management code did not correctly handle key reuse. A
local attacker could create many key requests, leading to a denial of
service. (CVE-2007-0006)

The kernel NFS code did not correctly validate NFSACL2 ACCESS requests.
If a system was serving NFS mounts, a remote attacker could send a
specially crafted packet, leading to a denial of service.
(CVE-2007-0772)

When dumping core, the kernel did not correctly handle PT_INTERP
processes. A local attacker could create situations where they could
read the contents of otherwise unreadable executable programs.
(CVE-2007-0958)

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
linux-image-2.6.15-28-386 2.6.15-28.53
linux-image-2.6.15-28-686 2.6.15-28.53
linux-image-2.6.15-28-amd64-generic 2.6.15-28.53
linux-image-2.6.15-28-amd64-k8 2.6.15-28.53
linux-image-2.6.15-28-amd64-server 2.6.15-28.53
linux-image-2.6.15-28-amd64-xeon 2.6.15-28.53
linux-image-2.6.15-28-k7 2.6.15-28.53
linux-image-2.6.15-28-powerpc 2.6.15-28.53
linux-image-2.6.15-28-powerpc-smp 2.6.15-28.53
linux-image-2.6.15-28-powerpc64-smp 2.6.15-28.53
linux-image-2.6.15-28-server 2.6.15-28.53
linux-image-2.6.15-28-server-bigiron 2.6.15-28.53
linux-image-2.6.15-28-sparc64 2.6.15-28.53
linux-image-2.6.15-28-sparc64-smp 2.6.15-28.53

Ubuntu 6.10:
linux-image-2.6.17-11-386 2.6.17.1-11.37
linux-image-2.6.17-11-generic 2.6.17.1-11.37
linux-image-2.6.17-11-powerpc 2.6.17.1-11.37
linux-image-2.6.17-11-powerpc-smp 2.6.17.1-11.37
linux-image-2.6.17-11-powerpc64-smp 2.6.17.1-11.37
linux-image-2.6.17-11-server 2.6.17.1-11.37
linux-image-2.6.17-11-server-bigiron 2.6.17.1-11.37
linux-image-2.6.17-11-sparc64 2.6.17.1-11.37
linux-image-2.6.17-11-sparc64-smp 2.6.17.1-11.37

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-451-1

Risk factor : High
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-0006
Bugtraq: 20070615 rPSA-2007-0124-1 kernel xen (Google Search)
http://www.securityfocus.com/archive/1/471457
http://www.mandriva.com/security/advisories?name=MDKSA-2007:047
http://www.mandriva.com/security/advisories?name=MDKSA-2007:060
http://www.redhat.com/support/errata/RHSA-2007-0085.html
http://www.redhat.com/support/errata/RHSA-2007-0099.html
SuSE Security Announcement: SUSE-SA:2007:021 (Google Search)
http://www.novell.com/linux/security/advisories/2007_21_kernel.html
http://www.ubuntu.com/usn/usn-451-1
BugTraq ID: 22539
http://www.securityfocus.com/bid/22539
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9829
http://secunia.com/advisories/24109
http://secunia.com/advisories/24259
http://secunia.com/advisories/24300
http://secunia.com/advisories/24429
http://secunia.com/advisories/24482
http://secunia.com/advisories/24547
http://secunia.com/advisories/24752
http://secunia.com/advisories/25691
Common Vulnerability Exposure (CVE) ID: CVE-2007-0772
http://fedoranews.org/cms/node/2739
http://fedoranews.org/cms/node/2740
http://www.mandriva.com/security/advisories?name=MDKSA-2007:078
SuSE Security Announcement: SUSE-SA:2007:018 (Google Search)
http://www.novell.com/linux/security/advisories/2007_18_kernel.html
BugTraq ID: 22625
http://www.securityfocus.com/bid/22625
http://www.vupen.com/english/advisories/2007/0660
http://osvdb.org/33022
http://secunia.com/advisories/24215
http://secunia.com/advisories/24201
http://secunia.com/advisories/24400
http://secunia.com/advisories/24777
XForce ISS Database: kernel-nfsaclsvc-dos(32578)
http://xforce.iss.net/xforce/xfdb/32578
Common Vulnerability Exposure (CVE) ID: CVE-2007-0958
http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt
Debian Security Information: DSA-1286 (Google Search)
http://www.debian.org/security/2007/dsa-1286
Debian Security Information: DSA-1304 (Google Search)
http://www.debian.org/security/2007/dsa-1304
RedHat Security Advisories: RHSA-2007:0488
http://rhn.redhat.com/errata/RHSA-2007-0488.html
BugTraq ID: 22903
http://www.securityfocus.com/bid/22903
http://osvdb.org/35930
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10343
http://secunia.com/advisories/25078
http://secunia.com/advisories/25714
http://secunia.com/advisories/25838
http://secunia.com/advisories/26289
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 40246 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.