English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 73247 CVE descriptions
and 39212 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59260
Category:SuSE Local Security Checks
Title:SuSE Security Advisory SUSE-SA:2007:043 (kernel)
Summary:SuSE Security Advisory SUSE-SA:2007:043 (kernel)
Description:
The remote host is missing updates announced in
advisory SUSE-SA:2007:043.

The SUSE Linux 10.0 and openSUSE 10.2 have been updated to fix various
security problems.

Please note that the SUSE Linux 10.0 has been released some weeks ago.

The SUSE Linux 10.1 is affected by some of those problems but will
be updated in some weeks to merge back with the SLE10 Service Pack
1 kernel.

- CVE-2007-1357: A denial of service problem against the AppleTalk
protocol was fixed. A remote attacker in the same AppleTalk
network segment could cause the machine to crash if it has AppleTalk
protocol loaded.

- CVE-2007-1861: The nl_fib_lookup function in net/ipv4/fib_frontend.c
allows attackers to cause a denial of service (kernel panic) via
NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and
a stack overflow.

- CVE-2007-1496: nfnetlink_log in netfilter allows attackers to cause
a denial of service (crash) via unspecified vectors involving the
(1) nfulnl_recv_config function, (2) using multiple packets per
netlink message, and (3) bridged packets, which trigger a NULL
pointer dereference.

- CVE-2007-1497: nf_conntrack in netfilter does not set nfctinfo
during reassembly of fragmented packets, which leaves the default
value as IP_CT_ESTABLISHED and might allow remote attackers to
bypass certain rulesets using IPv6 fragments.

Please note that the connection tracking option for IPv6 is not
enabled in any currently shipping SUSE Linux kernel, so it does
not affect SUSE Linux default kernels.

- CVE-2007-1592: A local user could affect a double-free of a ipv6
structure potentially causing a local denial of service attack.

- CVE-2006-7203: The compat_sys_mount function in fs/compat.c allows
local users to cause a denial of service (NULL pointer dereference
and oops) by mounting a smbfs file system in compatibility mode
(mount -t smbfs).

- CVE-2007-2453: Seeding of the kernel random generator on boot did
not work correctly due to a programming mistake and so the kernel
might have more predictable random numbers than assured.

- CVE-2007-2876: A NULL pointer dereference in SCTP connection
tracking could be caused by a remote attacker by sending specially
crafted packets.

Note that this requires SCTP set-up and active to be exploitable.

Also some non-security bugs were fixed.

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2007:043

Risk factor : High
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-7203
Debian Security Information: DSA-1504 (Google Search)
http://www.debian.org/security/2008/dsa-1504
http://www.mandriva.com/security/advisories?name=MDKSA-2007:171
http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
RedHat Security Advisories: RHSA-2007:0376
https://rhn.redhat.com/errata/RHSA-2007-0376.html
RedHat Security Advisories: RHSA-2007:0488
http://rhn.redhat.com/errata/RHSA-2007-0488.html
SuSE Security Announcement: SUSE-SA:2007:035 (Google Search)
http://www.novell.com/linux/security/advisories/2007_35_kernel.html
SuSE Security Announcement: SUSE-SA:2007:043 (Google Search)
http://www.novell.com/linux/security/advisories/2007_43_kernel.html
http://www.ubuntu.com/usn/usn-486-1
http://www.ubuntu.com/usn/usn-489-1
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10941
http://www.vupen.com/english/advisories/2007/2209
http://secunia.com/advisories/25682
http://secunia.com/advisories/25700
http://secunia.com/advisories/25683
http://secunia.com/advisories/25838
http://secunia.com/advisories/25961
http://secunia.com/advisories/26133
http://secunia.com/advisories/26139
http://secunia.com/advisories/26289
http://secunia.com/advisories/26620
http://secunia.com/advisories/29058
Common Vulnerability Exposure (CVE) ID: CVE-2007-1357
Bugtraq: 20070615 rPSA-2007-0124-1 kernel xen (Google Search)
http://www.securityfocus.com/archive/1/471457
Debian Security Information: DSA-1286 (Google Search)
http://www.debian.org/security/2007/dsa-1286
Debian Security Information: DSA-1304 (Google Search)
http://www.debian.org/security/2007/dsa-1304
SuSE Security Announcement: SUSE-SA:2007:029 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html
SuSE Security Announcement: SUSE-SA:2007:030 (Google Search)
http://www.novell.com/linux/security/advisories/2007_30_kernel.html
http://www.ubuntu.com/usn/usn-464-1
BugTraq ID: 23376
http://www.securityfocus.com/bid/23376
http://www.vupen.com/english/advisories/2007/1340
http://secunia.com/advisories/24793
http://secunia.com/advisories/24901
http://secunia.com/advisories/25078
http://secunia.com/advisories/25099
http://secunia.com/advisories/25392
http://secunia.com/advisories/25714
http://secunia.com/advisories/25691
http://secunia.com/advisories/25226
Common Vulnerability Exposure (CVE) ID: CVE-2007-1496
Debian Security Information: DSA-1289 (Google Search)
http://www.debian.org/security/2007/dsa-1289
http://www.redhat.com/support/errata/RHSA-2007-0347.html
BugTraq ID: 22946
http://www.securityfocus.com/bid/22946
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9831
http://www.vupen.com/english/advisories/2007/0944
http://secunia.com/advisories/24492
http://secunia.com/advisories/25228
http://secunia.com/advisories/25288
Common Vulnerability Exposure (CVE) ID: CVE-2007-1497
BugTraq ID: 23976
http://www.securityfocus.com/bid/23976
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10457
http://www.osvdb.org/33028
Common Vulnerability Exposure (CVE) ID: CVE-2007-1592
http://marc.info/?l=linux-netdev&m=117406721731891&w=2
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478
Debian Security Information: DSA-1503 (Google Search)
http://www.debian.org/security/2008/dsa-1503
http://www.mandriva.com/security/advisories?name=MDKSA-2007:078
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
RedHat Security Advisories: RHSA-2007:0436
http://rhn.redhat.com/errata/RHSA-2007-0436.html
http://www.redhat.com/support/errata/RHSA-2007-0673.html
http://www.redhat.com/support/errata/RHSA-2007-0672.html
RedHat Security Advisories: RHBA-2007-0304
http://rhn.redhat.com/errata/RHBA-2007-0304.html
BugTraq ID: 23104
http://www.securityfocus.com/bid/23104
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10130
http://www.vupen.com/english/advisories/2007/1084
http://secunia.com/advisories/24618
http://secunia.com/advisories/24777
http://secunia.com/advisories/25630
http://secunia.com/advisories/26379
http://secunia.com/advisories/27528
XForce ISS Database: kernel-tcpv6synrecvsoc-dos(33176)
http://xforce.iss.net/xforce/xfdb/33176
Common Vulnerability Exposure (CVE) ID: CVE-2007-1861
Bugtraq: 20070508 FLEA-2007-0016-1: kernel (Google Search)
http://www.securityfocus.com/archive/1/archive/1/467939/30/6690/threaded
BugTraq ID: 23677
http://www.securityfocus.com/bid/23677
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11616
http://www.vupen.com/english/advisories/2007/1595
http://secunia.com/advisories/25030
http://secunia.com/advisories/25083
XForce ISS Database: kernel-netlinkfiblookup-dos(34014)
http://xforce.iss.net/xforce/xfdb/34014
Common Vulnerability Exposure (CVE) ID: CVE-2007-2453
http://marc.info/?l=linux-kernel&m=118128610219959&w=2
http://marc.info/?l=linux-kernel&m=118128622431272&w=2
Debian Security Information: DSA-1356 (Google Search)
http://www.debian.org/security/2007/dsa-1356
http://www.mandriva.com/security/advisories?name=MDKSA-2007:216
SuSE Security Announcement: SUSE-SA:2007:051 (Google Search)
http://www.novell.com/linux/security/advisories/2007_51_kernel.html
http://www.ubuntu.com/usn/usn-470-1
BugTraq ID: 24390
http://www.securityfocus.com/bid/24390
http://osvdb.org/37114
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9960
http://www.vupen.com/english/advisories/2007/2105
http://www.securitytracker.com/id?1018248
http://secunia.com/advisories/25596
http://secunia.com/advisories/26450
http://secunia.com/advisories/26664
XForce ISS Database: kernel-randomnumber-weak-security(34781)
http://xforce.iss.net/xforce/xfdb/34781
Common Vulnerability Exposure (CVE) ID: CVE-2007-2876
http://www.redhat.com/support/errata/RHSA-2007-0705.html
SuSE Security Announcement: SUSE-SA:2007:053 (Google Search)
http://www.novell.com/linux/security/advisories/2007_53_kernel.html
http://www.ubuntu.com/usn/usn-510-1
BugTraq ID: 24376
http://www.securityfocus.com/bid/24376
http://osvdb.org/37112
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10116
http://secunia.com/advisories/26760
http://secunia.com/advisories/27227
XForce ISS Database: kernel-sctpnew-dos(34777)
http://xforce.iss.net/xforce/xfdb/34777
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 39212 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.