Test ID:	1.3.6.1.4.1.25623.1.0.66826
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2010:0111
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2010:0111. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * a flaw was found in each of the following Intel PRO/1000 Linux drivers in the Linux kernel: e1000 and e1000e. A remote attacker using packets larger than the MTU could bypass the existing fragment check, resulting in partial, invalid frames being passed to the network stack. These flaws could also possibly be used to trigger a remote denial of service. (CVE-2009-4536, CVE-2009-4538, Important) * a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. Receiving overly-long frames with a certain revision of the network cards supported by this driver could possibly result in a remote denial of service. (CVE-2009-4537, Important) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0111.html http://www.redhat.com/security/updates/classification/#important Risk factor : Critical CVSS Score: 10.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4536 BugTraq ID: 37519 http://www.securityfocus.com/bid/37519 Debian Security Information: DSA-1996 (Google Search) http://www.debian.org/security/2010/dsa-1996 Debian Security Information: DSA-2005 (Google Search) http://www.debian.org/security/2010/dsa-2005 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/ http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html http://www.openwall.com/lists/oss-security/2009/12/28/1 http://www.openwall.com/lists/oss-security/2009/12/29/2 http://www.openwall.com/lists/oss-security/2009/12/31/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10607 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12440 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13226 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7453 http://www.redhat.com/support/errata/RHSA-2010-0019.html http://www.redhat.com/support/errata/RHSA-2010-0020.html http://www.redhat.com/support/errata/RHSA-2010-0041.html http://www.redhat.com/support/errata/RHSA-2010-0053.html RedHat Security Advisories: RHSA-2010:0095 https://rhn.redhat.com/errata/RHSA-2010-0095.html http://www.redhat.com/support/errata/RHSA-2010-0111.html http://www.redhat.com/support/errata/RHSA-2010-0882.html http://securitytracker.com/id?1023420 http://secunia.com/advisories/35265 http://secunia.com/advisories/38031 http://secunia.com/advisories/38276 http://secunia.com/advisories/38296 http://secunia.com/advisories/38492 http://secunia.com/advisories/38610 http://secunia.com/advisories/38779 SuSE Security Announcement: SUSE-SA:2010:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html SuSE Security Announcement: SUSE-SA:2010:007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html SuSE Security Announcement: SUSE-SA:2010:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html SuSE Security Announcement: SUSE-SA:2010:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html SuSE Security Announcement: SUSE-SA:2010:013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html SuSE Security Announcement: SUSE-SA:2010:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html XForce ISS Database: kernel-e1000main-security-bypass(55648) https://exchange.xforce.ibmcloud.com/vulnerabilities/55648 Common Vulnerability Exposure (CVE) ID: CVE-2009-4537 BugTraq ID: 37521 http://www.securityfocus.com/bid/37521 Debian Security Information: DSA-2053 (Google Search) http://www.debian.org/security/2010/dsa-2053 http://twitter.com/dakami/statuses/7104238406 http://marc.info/?l=linux-netdev&m=126202972828626&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7443 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9439 http://securitytracker.com/id?1023419 http://secunia.com/advisories/39742 http://secunia.com/advisories/39830 http://secunia.com/advisories/40645 SuSE Security Announcement: SUSE-SA:2010:023 (Google Search) http://www.novell.com/linux/security/advisories/2010_23_kernel.html SuSE Security Announcement: SUSE-SA:2010:031 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html http://www.vupen.com/english/advisories/2010/1857 XForce ISS Database: kernel-r8169-dos(55647) https://exchange.xforce.ibmcloud.com/vulnerabilities/55647 Common Vulnerability Exposure (CVE) ID: CVE-2009-4538 BugTraq ID: 37523 http://www.securityfocus.com/bid/37523 http://www.mandriva.com/security/advisories?name=MDVSA-2010:066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7016 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9702 XForce ISS Database: kernel-edriver-unspecified(55645) https://exchange.xforce.ibmcloud.com/vulnerabilities/55645
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.