English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.66873
Category:Fedora Local Security Checks
Title:Fedora Core 11 FEDORA-2010-0919 (kernel)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to kernel
announced via advisory FEDORA-2010-0919.

Update Information:

Security update: CVE-2010-0003 CVE-2010-0006 CVE-2010-0007

References:

[ 1 ] Bug #554578 - CVE-2010-0003 kernel: infoleak if print-fatal-signals=1
https://bugzilla.redhat.com/show_bug.cgi?id=554578
[ 2 ] Bug #555217 - CVE-2010-0006 kernel: ipv6: skb_dst() can be NULL in ipv6_hop_jumbo()
https://bugzilla.redhat.com/show_bug.cgi?id=555217
[ 3 ] Bug #555238 - CVE-2010-0007 kernel: netfilter: ebtables: enforce CAP_NET_ADMIN
https://bugzilla.redhat.com/show_bug.cgi?id=555238

Solution: Apply the appropriate updates.

This update can be installed with the yum update program. Use
su -c 'yum update kernel' at the command line.
For more information, refer to Managing Software with yum,
available at http://docs.fedoraproject.org/yum/.

http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2010-0919

Risk factor : High

CVSS Score:
7.2

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-0003
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
http://www.securityfocus.com/archive/1/516397/100/0/threaded
37724
http://www.securityfocus.com/bid/37724
38333
http://secunia.com/advisories/38333
38492
http://secunia.com/advisories/38492
38779
http://secunia.com/advisories/38779
39033
http://secunia.com/advisories/39033
43315
http://secunia.com/advisories/43315
DSA-1996
http://www.debian.org/security/2010/dsa-1996
DSA-2005
http://www.debian.org/security/2010/dsa-2005
FEDORA-2010-0919
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034250.html
RHSA-2010:0146
https://rhn.redhat.com/errata/RHSA-2010-0146.html
RHSA-2010:0147
http://www.redhat.com/support/errata/RHSA-2010-0147.html
RHSA-2010:0161
http://www.redhat.com/support/errata/RHSA-2010-0161.html
SUSE-SA:2010:010
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html
SUSE-SA:2010:012
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
SUSE-SA:2010:014
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html
[oss-security] 20100112 CVE request - kernel: infoleak if print-fatal-signals=1
http://www.openwall.com/lists/oss-security/2010/01/12/1
[oss-security] 20100113 Re: CVE request - kernel: infoleak if print-fatal-signals=1
http://www.openwall.com/lists/oss-security/2010/01/13/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b45c6e76bc2c72f6426c14bed64fdcbc9bf37cb0
http://patchwork.kernel.org/patch/69752/
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.4
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
https://bugzilla.redhat.com/show_bug.cgi?id=554578
oval:org.mitre.oval:def:10550
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10550
Common Vulnerability Exposure (CVE) ID: CVE-2010-0006
37810
http://www.securityfocus.com/bid/37810
38168
http://secunia.com/advisories/38168
61876
http://www.osvdb.org/61876
[linux-netdev] 20100114 [PATCH]: ipv6: skb_dst() can be NULL in ipv6_hop_jumbo().
http://marc.info/?l=linux-netdev&m=126343325807340&w=2
[oss-security] 20100114 CVE-2010-0006 - kernel: ipv6: skb_dst() can be NULL in ipv6_hop_jumbo()
http://www.openwall.com/lists/oss-security/2010/01/14/2
http://bugs.gentoo.org/show_bug.cgi?id=300951
http://cert.fi/en/reports/2010/vulnerability341748.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2570a4f5428bcdb1077622342181755741e7fa60
http://security-tracker.debian.org/tracker/CVE-2010-0006
https://bugzilla.redhat.com/show_bug.cgi?id=555217
Common Vulnerability Exposure (CVE) ID: CVE-2010-0007
37762
http://www.securityfocus.com/bid/37762
38133
http://secunia.com/advisories/38133
38296
http://secunia.com/advisories/38296
ADV-2010-0109
http://www.vupen.com/english/advisories/2010/0109
MDVSA-2011:051
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
SUSE-SA:2010:007
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html
SUSE-SA:2010:013
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
[oss-security] 20100113 CVE Request: kernel ebtables perm check
http://www.openwall.com/lists/oss-security/2010/01/14/1
[oss-security] 20100114 Re: CVE Request: kernel ebtables perm check
http://www.openwall.com/lists/oss-security/2010/01/14/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dce766af541f6605fa9889892c0280bab31c66ab
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc4
https://bugzilla.redhat.com/show_bug.cgi?id=555238
kernel-ebtables-security-bypass(55602)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55602
oval:org.mitre.oval:def:9630
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9630
Common Vulnerability Exposure (CVE) ID: CVE-2009-3547
20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel
http://www.securityfocus.com/archive/1/512019/100/0/threaded
36901
http://www.securityfocus.com/bid/36901
37351
http://secunia.com/advisories/37351
38017
http://secunia.com/advisories/38017
38794
http://secunia.com/advisories/38794
38834
http://secunia.com/advisories/38834
ADV-2010-0528
http://www.vupen.com/english/advisories/2010/0528
FEDORA-2009-11038
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html
MDVSA-2009:329
http://www.mandriva.com/security/advisories?name=MDVSA-2009:329
RHSA-2009:1540
https://rhn.redhat.com/errata/RHSA-2009-1540.html
RHSA-2009:1541
https://rhn.redhat.com/errata/RHSA-2009-1541.html
RHSA-2009:1548
https://rhn.redhat.com/errata/RHSA-2009-1548.html
RHSA-2009:1550
https://rhn.redhat.com/errata/RHSA-2009-1550.html
RHSA-2009:1672
http://www.redhat.com/support/errata/RHSA-2009-1672.html
SUSE-SA:2009:054
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html
SUSE-SA:2009:056
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html
SUSE-SA:2010:001
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html
USN-864-1
http://www.ubuntu.com/usn/usn-864-1
[linux-kernel] 20091014 fs/pipe.c null pointer dereference
http://lkml.org/lkml/2009/10/14/184
[linux-kernel] 20091021 Re: [PATCH v4 1/1]: fs: pipe.c null pointer dereference + really sign off + unmangled diffs
http://lkml.org/lkml/2009/10/21/42
[oss-security] 20091103 CVE-2009-3547 kernel: fs: pipe.c null pointer dereference
http://marc.info/?l=oss-security&m=125724568017045&w=2
[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3960243e55320d74195fb85c975e0a8cc4466c
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc6
https://bugzilla.redhat.com/show_bug.cgi?id=530490
oval:org.mitre.oval:def:11513
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11513
oval:org.mitre.oval:def:7608
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7608
oval:org.mitre.oval:def:9327
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9327
Common Vulnerability Exposure (CVE) ID: CVE-2009-3638
36803
http://www.securityfocus.com/bid/36803
[oss-security] 20091023 CVE request: kvm: integer overflow in kvm_dev_ioctl_get_supported_cpuid()
http://marc.info/?l=oss-security&m=125628917011048&w=2
[oss-security] 20091023 Re: CVE request: kvm: integer overflow in kvm_dev_ioctl_get_supported_cpuid()
http://marc.info/?l=oss-security&m=125632898507373&w=2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6a54435560efdab1a08f429a954df4d6c740bddf
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.4
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc4
https://bugzilla.redhat.com/show_bug.cgi?id=530515
linux-kernel-supportedcpuid-code-execution(53934)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53934
Common Vulnerability Exposure (CVE) ID: CVE-2009-3624
37086
http://secunia.com/advisories/37086
[oss-security] 20091022 CVE request: kernel: get_instantiation_keyring() should inc the keyring refcount in all cases
http://marc.info/?l=oss-security&m=125619420905341&w=2
[oss-security] 20091022 Re: CVE request: kernel: get_instantiation_keyring() should inc the keyring refcount in all cases
http://marc.info/?l=oss-security&m=125624091417161&w=2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=21279cfa107af07ef985539ac0de2152b9cba5f5
http://twitter.com/spendergrsec/statuses/4916661870
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc5
Common Vulnerability Exposure (CVE) ID: CVE-2009-3621
37909
http://secunia.com/advisories/37909
RHSA-2009:1670
http://www.redhat.com/support/errata/RHSA-2009-1670.html
RHSA-2009:1671
http://www.redhat.com/support/errata/RHSA-2009-1671.html
SUSE-SA:2009:061
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html
SUSE-SA:2009:064
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html
[linux-kernel] 20091019 Re: [PATCH] AF_UNIX: Fix deadlock on connecting to shutdown socket
http://lkml.org/lkml/2009/10/19/50
[oss-security] 20091019 CVE request: kernel: AF_UNIX: Fix deadlock on connecting to shutdown socket
http://www.openwall.com/lists/oss-security/2009/10/19/2
[oss-security] 20091019 Re: CVE request: kernel: AF_UNIX: Fix deadlock on connecting to shutdown socket
http://www.openwall.com/lists/oss-security/2009/10/19/4
http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=77238f2b942b38ab4e7f3aced44084493e4a8675
http://patchwork.kernel.org/patch/54678/
https://bugzilla.redhat.com/show_bug.cgi?id=529626
oval:org.mitre.oval:def:6895
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6895
oval:org.mitre.oval:def:9921
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9921
Common Vulnerability Exposure (CVE) ID: CVE-2009-3620
36707
http://secunia.com/advisories/36707
36824
http://www.securityfocus.com/bid/36824
MDVSA-2010:088
http://www.mandriva.com/security/advisories?name=MDVSA-2010:088
MDVSA-2010:198
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
RHSA-2010:0882
http://www.redhat.com/support/errata/RHSA-2010-0882.html
[linux-kernel] 20090921 [git pull] drm tree.
http://article.gmane.org/gmane.linux.kernel/892259
[oss-security] 20091019 CVE request: kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised
http://www.openwall.com/lists/oss-security/2009/10/19/1
[oss-security] 20091019 Re: CVE request: kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised
http://www.openwall.com/lists/oss-security/2009/10/19/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7dc482dfeeeefcfd000d4271c4626937406756d7
http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.31-git11.log
https://bugzilla.redhat.com/show_bug.cgi?id=529597
oval:org.mitre.oval:def:6763
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6763
oval:org.mitre.oval:def:9891
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9891
Common Vulnerability Exposure (CVE) ID: CVE-2009-3612
[oss-security] 20091014 CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7
http://www.openwall.com/lists/oss-security/2009/10/14/2
[oss-security] 20091014 Re: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7
http://www.openwall.com/lists/oss-security/2009/10/15/1
[oss-security] 20091014 Re: CVE request: kernel: tc: uninitialised kernel memory leak
http://www.openwall.com/lists/oss-security/2009/10/14/1
[oss-security] 20091015 Re: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7
http://www.openwall.com/lists/oss-security/2009/10/15/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad61df918c44316940404891d5082c63e79c256a
http://patchwork.ozlabs.org/patch/35412/
https://bugzilla.redhat.com/show_bug.cgi?id=528868
oval:org.mitre.oval:def:10395
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10395
oval:org.mitre.oval:def:7557
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7557
Common Vulnerability Exposure (CVE) ID: CVE-2009-2909
36635
http://www.securityfocus.com/bid/36635
37075
http://secunia.com/advisories/37075
FEDORA-2009-10525
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00483.html
[linux-kernel] 20091002 [071/136] net ax25: Fix signed comparison in the sockopt handler
http://article.gmane.org/gmane.linux.kernel/896907
[oss-security] 20091007 More kernel CVE info (CVE-2009-2909)
http://marc.info/?l=oss-security&m=125494119617994&w=2
http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=b7058842c940ad2c08dd829b21e5c92ebe3b8758
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.2
https://bugzilla.redhat.com/show_bug.cgi?id=528887
Common Vulnerability Exposure (CVE) ID: CVE-2009-2908
36639
http://www.securityfocus.com/bid/36639
37105
http://secunia.com/advisories/37105
USN-852-1
http://www.ubuntu.com/usn/USN-852-1
[oss-security] 20091006 Kernel ecryptfs CVE id (CVE-2009-2908)
http://www.openwall.com/lists/oss-security/2009/10/06/1
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.31.y.git%3Ba=commit%3Bh=afc2b6932f48f200736d3e36ad66fee0ec733136
https://bugs.launchpad.net/ecryptfs/+bug/387073
https://bugzilla.redhat.com/show_bug.cgi?id=527534
kernel-ecryptfs-dos(53693)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53693
oval:org.mitre.oval:def:10216
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10216
oval:org.mitre.oval:def:6992
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6992
Common Vulnerability Exposure (CVE) ID: CVE-2009-2903
36379
http://www.securityfocus.com/bid/36379
[oss-security] 20090914 CVE-2009-2903 kernel: appletalk: denial of service when handling IP tunnelled over DDP datagrams
http://www.openwall.com/lists/oss-security/2009/09/14/1
[oss-security] 20090914 Re: CVE-2009-2903 kernel: appletalk: denial of service when handling IP tunnelled over DDP datagrams
http://www.openwall.com/lists/oss-security/2009/09/14/2
[oss-security] 20090917 Re: CVE-2009-2903 kernel: appletalk: denial of service when handling IP tunnelled over DDP datagrams
http://www.openwall.com/lists/oss-security/2009/09/17/11
http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git%3Ba=commit%3Bh=ffcfb8db540ff879c2a85bf7e404954281443414
https://bugzilla.redhat.com/show_bug.cgi?id=522331
Common Vulnerability Exposure (CVE) ID: CVE-2009-3290
http://www.openwall.com/lists/oss-security/2009/09/18/1
http://www.openwall.com/lists/oss-security/2009/09/21/1
http://www.openwall.com/lists/oss-security/2009/09/22/8
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11328
http://www.redhat.com/support/errata/RHSA-2009-1465.html
Common Vulnerability Exposure (CVE) ID: CVE-2009-2847
Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search)
http://www.securityfocus.com/archive/1/507985/100/0/threaded
http://www.exploit-db.com/exploits/9352
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html
http://www.openwall.com/lists/oss-security/2009/08/04/1
http://www.openwall.com/lists/oss-security/2009/08/05/1
http://www.openwall.com/lists/oss-security/2009/08/26/2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10637
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8405
RedHat Security Advisories: RHSA-2009:1243
http://rhn.redhat.com/errata/RHSA-2009-1243.html
http://www.redhat.com/support/errata/RHSA-2009-1438.html
http://secunia.com/advisories/36136
http://secunia.com/advisories/36501
http://secunia.com/advisories/36562
http://secunia.com/advisories/36759
http://secunia.com/advisories/37471
http://www.vupen.com/english/advisories/2009/3316
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.