English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59524
Category:Fedora Local Security Checks
Title:Fedora Core 5 FEDORA-2007-483 (kernel)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to kernel
announced via advisory FEDORA-2007-483.

The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

Update Information:

Linux kernel 2.6.20.7
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.7
Previous kernel had most of this update already applied.

Linux kernel 2.6.20.8
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.8
Fixes CVE-2007-1861

Linux kernel 2.6.20.9
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.9
Fixes CVE-2007-2242

Linux kernel 2.6.20.10
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.10
Fixes two bugs introduced by the two previous updates.

CVE-2007-1861:
The netlink protocol has an infinite recursion bug that
allows users to cause a kernel crash.

CVE-2007-2242:
The IPv6 protocol allows remote attackers to cause a denial
of service via crafted IPv6 type 0 route headers
(IPV6_RTHDR_TYPE_0) that create network amplification
between two routers.

Solution: Apply the appropriate updates.

This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.

http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-483

Risk factor : High

CVSS Score:
7.8

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-1861
BugTraq ID: 23677
http://www.securityfocus.com/bid/23677
Bugtraq: 20070508 FLEA-2007-0016-1: kernel (Google Search)
http://www.securityfocus.com/archive/1/467939/30/6690/threaded
Bugtraq: 20070615 rPSA-2007-0124-1 kernel xen (Google Search)
http://www.securityfocus.com/archive/1/471457
Debian Security Information: DSA-1289 (Google Search)
http://www.debian.org/security/2007/dsa-1289
http://www.mandriva.com/security/advisories?name=MDKSA-2007:171
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11616
http://www.redhat.com/support/errata/RHSA-2007-0347.html
http://secunia.com/advisories/25030
http://secunia.com/advisories/25083
http://secunia.com/advisories/25228
http://secunia.com/advisories/25288
http://secunia.com/advisories/25691
http://secunia.com/advisories/25961
http://secunia.com/advisories/26133
http://secunia.com/advisories/26139
http://secunia.com/advisories/26620
SuSE Security Announcement: SUSE-SA:2007:043 (Google Search)
http://www.novell.com/linux/security/advisories/2007_43_kernel.html
http://www.ubuntu.com/usn/usn-486-1
http://www.ubuntu.com/usn/usn-489-1
http://www.vupen.com/english/advisories/2007/1595
XForce ISS Database: kernel-netlinkfiblookup-dos(34014)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34014
Common Vulnerability Exposure (CVE) ID: CVE-2007-2242
BugTraq ID: 23615
http://www.securityfocus.com/bid/23615
CERT/CC vulnerability note: VU#267289
http://www.kb.cert.org/vuls/id/267289
FreeBSD Security Advisory: FreeBSD-SA-07:03.ipv6
http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc
http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
http://www.mandriva.com/security/advisories?name=MDKSA-2007:216
http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf
OpenBSD Security Advisory: [3.9] 20070423 022: SECURITY FIX: April 23, 2007
http://openbsd.org/errata39.html#022_route6
OpenBSD Security Advisory: [4.0] 20070423 012: SECURITY FIX: April 23, 2007
http://openbsd.org/errata40.html#012_route6
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9574
http://www.securitytracker.com/id?1017949
http://secunia.com/advisories/24978
http://secunia.com/advisories/25033
http://secunia.com/advisories/25068
http://secunia.com/advisories/25770
http://secunia.com/advisories/26651
http://secunia.com/advisories/26664
http://secunia.com/advisories/26703
http://secunia.com/advisories/28806
SuSE Security Announcement: SUSE-SA:2007:051 (Google Search)
http://www.novell.com/linux/security/advisories/2007_51_kernel.html
SuSE Security Announcement: SUSE-SA:2008:006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html
http://www.ubuntu.com/usn/usn-508-1
http://www.vupen.com/english/advisories/2007/1563
http://www.vupen.com/english/advisories/2007/2270
http://www.vupen.com/english/advisories/2007/3050
XForce ISS Database: openbsd-ipv6-type0-dos(33851)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33851
Common Vulnerability Exposure (CVE) ID: CVE-2007-0005
20070309 Buffer Overflow in Linux Drivers for Omnikey CardMan 4040 (CVE-2007-0005)
http://www.securityfocus.com/archive/1/462300/100/0/threaded
20070615 rPSA-2007-0124-1 kernel xen
22870
http://www.securityfocus.com/bid/22870
24436
http://secunia.com/advisories/24436
24518
http://secunia.com/advisories/24518
24777
http://secunia.com/advisories/24777
24901
http://secunia.com/advisories/24901
25078
http://secunia.com/advisories/25078
25691
26133
26139
33023
http://www.osvdb.org/33023
ADV-2007-0872
http://www.vupen.com/english/advisories/2007/0872
DSA-1286
http://www.debian.org/security/2007/dsa-1286
FEDORA-2007-335
http://fedoranews.org/cms/node/2787
FEDORA-2007-336
http://fedoranews.org/cms/node/2788
MDKSA-2007:078
http://www.mandriva.com/security/advisories?name=MDKSA-2007:078
RHSA-2007:0099
http://www.redhat.com/support/errata/RHSA-2007-0099.html
USN-486-1
USN-489-1
http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.21-rc3
https://issues.rpath.com/browse/RPL-1035
kernel-cardman4040drivers-bo(32880)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32880
oval:org.mitre.oval:def:11238
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11238
Common Vulnerability Exposure (CVE) ID: CVE-2007-0772
BugTraq ID: 22625
http://www.securityfocus.com/bid/22625
http://fedoranews.org/cms/node/2739
http://fedoranews.org/cms/node/2740
http://www.mandriva.com/security/advisories?name=MDKSA-2007:060
http://osvdb.org/33022
http://secunia.com/advisories/24201
http://secunia.com/advisories/24215
http://secunia.com/advisories/24400
http://secunia.com/advisories/24482
http://secunia.com/advisories/24547
http://secunia.com/advisories/24752
SuSE Security Announcement: SUSE-SA:2007:018 (Google Search)
http://www.novell.com/linux/security/advisories/2007_18_kernel.html
SuSE Security Announcement: SUSE-SA:2007:021 (Google Search)
http://www.novell.com/linux/security/advisories/2007_21_kernel.html
http://www.ubuntu.com/usn/usn-451-1
http://www.vupen.com/english/advisories/2007/0660
XForce ISS Database: kernel-nfsaclsvc-dos(32578)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32578
Common Vulnerability Exposure (CVE) ID: CVE-2007-0006
22539
http://www.securityfocus.com/bid/22539
24109
http://secunia.com/advisories/24109
24259
http://secunia.com/advisories/24259
24300
http://secunia.com/advisories/24300
24429
http://secunia.com/advisories/24429
24482
24547
24752
MDKSA-2007:047
http://www.mandriva.com/security/advisories?name=MDKSA-2007:047
MDKSA-2007:060
RHSA-2007:0085
http://www.redhat.com/support/errata/RHSA-2007-0085.html
SUSE-SA:2007:021
USN-451-1
http://bugzilla.kernel.org/show_bug.cgi?id=7727
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=227495
https://issues.rpath.com/browse/RPL-1097
oval:org.mitre.oval:def:9829
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9829
Common Vulnerability Exposure (CVE) ID: CVE-2006-5757
BugTraq ID: 20920
http://www.securityfocus.com/bid/20920
Debian Security Information: DSA-1304 (Google Search)
http://www.debian.org/security/2007/dsa-1304
http://www.mandriva.com/security/advisories?name=MDKSA-2007:002
http://www.mandriva.com/security/advisories?name=MDKSA-2007:012
http://projects.info-pull.com/mokb/MOKB-05-11-2006.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10111
RedHat Security Advisories: RHSA-2007:0014
http://rhn.redhat.com/errata/RHSA-2007-0014.html
http://secunia.com/advisories/22702
http://secunia.com/advisories/22746
http://secunia.com/advisories/23474
http://secunia.com/advisories/23593
http://secunia.com/advisories/23752
http://secunia.com/advisories/23997
http://secunia.com/advisories/24098
http://secunia.com/advisories/24206
http://secunia.com/advisories/25714
SuSE Security Announcement: SUSE-SA:2006:079 (Google Search)
http://www.novell.com/linux/security/advisories/2006_79_kernel.html
http://www.ubuntu.com/usn/usn-416-1
http://www.vupen.com/english/advisories/2006/4359
XForce ISS Database: kernel-iso9660-dos(30029)
https://exchange.xforce.ibmcloud.com/vulnerabilities/30029
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.