English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 76783 CVE descriptions
and 40246 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.61103
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 1588-1 (linux-2.6)
Summary:Debian Security Advisory DSA 1588-1 (linux-2.6)
Description:The remote host is missing an update to linux-2.6
announced via advisory DSA 1588-1.

Several vulnerabilities have been discovered in the Linux kernel that may
lead to a denial of service. The Common Vulnerabilities and Exposures
project identifies the following problems:

CVE-2007-6712

Johannes Bauer discovered an integer overflow condition in the hrtimer
subsystem on 64-bit systems. This can be exploited by local users to
trigger a denial of service (DoS) by causing the kernel to execute an
infinite loop.

CVE-2008-1615

Jan Kratochvil reported a local denial of service condition that
permits local users on systems running the amd64 flavor kernel
to cause a system crash.

CVE-2008-2136

Paul Harks discovered a memory leak in the Simple Internet Transition
(SIT) code used for IPv6 over IPv4 tunnels. This can be exploited
by remote users to cause a denial of service condition.

CVE-2008-2137

David Miller and Jan Lieskovsky discovered issues with the virtual
address range checking of mmaped regions on the sparc architecture
that may be exploited by local users to cause a denial of service.

For the stable distribution (etch), this problem has been fixed in version
2.6.18.dfsg.1-18etch5.

Builds for linux-2.6/s390 and fai-kernels/powerpc were not yet available at
the time of this advisory. This advisory will be updated as these builds
become available.

We recommend that you upgrade your linux-2.6, fai-kernels, and

Solution:
http://www.securityspace.com/smysecure/catid.html?in=DSA%201588-1
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-6712
Debian Security Information: DSA-1588 (Google Search)
http://www.debian.org/security/2008/dsa-1588
http://www.redhat.com/support/errata/RHSA-2008-0275.html
http://www.redhat.com/support/errata/RHSA-2008-0585.html
SuSE Security Announcement: SUSE-SA:2008:030 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html
http://www.ubuntu.com/usn/usn-625-1
BugTraq ID: 29294
http://www.securityfocus.com/bid/29294
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9210
http://secunia.com/advisories/30294
http://secunia.com/advisories/30368
http://secunia.com/advisories/30818
http://secunia.com/advisories/31107
http://secunia.com/advisories/31628
XForce ISS Database: linux-kernel-hrtimerforward-dos(41827)
http://xforce.iss.net/xforce/xfdb/41827
Common Vulnerability Exposure (CVE) ID: CVE-2008-1615
https://bugzilla.redhat.com/show_bug.cgi?id=431430
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00357.html
http://www.mandriva.com/security/advisories?name=MDVSA-2008:167
http://www.mandriva.com/security/advisories?name=MDVSA-2008:174
http://www.redhat.com/support/errata/RHSA-2008-0237.html
SuSE Security Announcement: SUSE-SA:2008:031 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00000.html
SuSE Security Announcement: SUSE-SA:2008:032 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html
SuSE Security Announcement: SUSE-SA:2008:035 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html
SuSE Security Announcement: SUSE-SA:2008:038 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html
BugTraq ID: 29086
http://www.securityfocus.com/bid/29086
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9563
http://www.securitytracker.com/id?1020047
http://secunia.com/advisories/30252
http://secunia.com/advisories/30890
http://secunia.com/advisories/30962
http://secunia.com/advisories/30112
http://secunia.com/advisories/30982
XForce ISS Database: linux-kernel-processtrace-dos(42278)
http://xforce.iss.net/xforce/xfdb/42278
Common Vulnerability Exposure (CVE) ID: CVE-2008-2136
http://marc.info/?l=linux-netdev&m=121031533024912&w=2
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00294.html
http://www.redhat.com/support/errata/RHSA-2008-0607.html
http://www.redhat.com/support/errata/RHSA-2008-0612.html
http://www.redhat.com/support/errata/RHSA-2008-0973.html
http://www.redhat.com/support/errata/RHSA-2008-0787.html
BugTraq ID: 29235
http://www.securityfocus.com/bid/29235
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11038
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6503
http://secunia.com/advisories/30499
http://www.vupen.com/english/advisories/2008/1543/references
http://www.securitytracker.com/id?1020118
http://secunia.com/advisories/30198
http://secunia.com/advisories/30241
http://secunia.com/advisories/30276
http://secunia.com/advisories/31198
http://secunia.com/advisories/31341
http://secunia.com/advisories/31689
http://secunia.com/advisories/33201
http://secunia.com/advisories/33280
http://www.vupen.com/english/advisories/2008/1716/references
XForce ISS Database: linux-kernel-ipip6rcv-dos(42451)
http://xforce.iss.net/xforce/xfdb/42451
Common Vulnerability Exposure (CVE) ID: CVE-2008-2137
http://kerneltrap.org/mailarchive/git-commits-head/2008/5/8/1760604
BugTraq ID: 29397
http://www.securityfocus.com/bid/29397
http://www.securitytracker.com/id?1020119
XForce ISS Database: linux-kernel-mmap-dos(42681)
http://xforce.iss.net/xforce/xfdb/42681
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 40246 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.