Test ID:	1.3.6.1.4.1.25623.1.0.66898
Category:	Fedora Local Security Checks
Title:	Fedora Core 11 FEDORA-2010-1500 (kernel)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to kernel announced via advisory FEDORA-2010-1500. Update Information: Kernel security update for Fedora 11: CVE-2009-4141 CVE-2009-4536 CVE-2009-4537 CVE-2009-4538 CVE-2010-0307 Bugs: 559100 kernel: tty->pgrp races 521265 oops in VIA padlock driver References: [ 1 ] Bug #560547 - CVE-2010-0307 kernel: DoS on x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=560547 [ 2 ] Bug #559100 - kernel: tty->pgrp races https://bugzilla.redhat.com/show_bug.cgi?id=559100 [ 3 ] Bug #550907 - CVE-2009-4537 kernel: r8169 issue reported at 26c3 https://bugzilla.redhat.com/show_bug.cgi?id=550907 [ 4 ] Bug #552126 - CVE-2009-4536 kernel: e1000 issue reported at 26c3 https://bugzilla.redhat.com/show_bug.cgi?id=552126 [ 5 ] Bug #551214 - CVE-2009-4538 kernel: e1000e frame fragment issue https://bugzilla.redhat.com/show_bug.cgi?id=551214 [ 6 ] Bug #547906 - CVE-2009-4141 kernel: create_elf_tables can leave urandom in a bad state https://bugzilla.redhat.com/show_bug.cgi?id=547906 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update kernel' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2010-1500 Risk factor : Critical CVSS Score: 10.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4141 20100114 Locked fasync file descriptors can be referenced after free in >= 2.6.28 http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0252.html 37806 http://www.securityfocus.com/bid/37806 38199 http://secunia.com/advisories/38199 39033 http://secunia.com/advisories/39033 RHSA-2010:0046 https://rhn.redhat.com/errata/RHSA-2010-0046.html RHSA-2010:0095 https://rhn.redhat.com/errata/RHSA-2010-0095.html RHSA-2010:0161 http://www.redhat.com/support/errata/RHSA-2010-0161.html SUSE-SA:2010:010 http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=53281b6d34d44308372d16acb7fb5327609f68b6 http://lock.cmpxchg8b.com/5ebe2294ecd0e0f08eab7690d2a6ee69/create_elf_tables.c http://support.avaya.com/css/P8/documents/100073666 http://twitter.com/taviso/statuses/7744108017 http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.33-rc4-git1.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=547906 oval:org.mitre.oval:def:7054 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7054 oval:org.mitre.oval:def:9201 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9201 Common Vulnerability Exposure (CVE) ID: CVE-2009-4536 BugTraq ID: 37519 http://www.securityfocus.com/bid/37519 Debian Security Information: DSA-1996 (Google Search) http://www.debian.org/security/2010/dsa-1996 Debian Security Information: DSA-2005 (Google Search) http://www.debian.org/security/2010/dsa-2005 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/ http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html http://www.openwall.com/lists/oss-security/2009/12/28/1 http://www.openwall.com/lists/oss-security/2009/12/29/2 http://www.openwall.com/lists/oss-security/2009/12/31/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10607 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12440 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13226 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7453 http://www.redhat.com/support/errata/RHSA-2010-0019.html http://www.redhat.com/support/errata/RHSA-2010-0020.html http://www.redhat.com/support/errata/RHSA-2010-0041.html http://www.redhat.com/support/errata/RHSA-2010-0053.html RedHat Security Advisories: RHSA-2010:0095 http://www.redhat.com/support/errata/RHSA-2010-0111.html http://www.redhat.com/support/errata/RHSA-2010-0882.html http://securitytracker.com/id?1023420 http://secunia.com/advisories/35265 http://secunia.com/advisories/38031 http://secunia.com/advisories/38276 http://secunia.com/advisories/38296 http://secunia.com/advisories/38492 http://secunia.com/advisories/38610 http://secunia.com/advisories/38779 SuSE Security Announcement: SUSE-SA:2010:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html SuSE Security Announcement: SUSE-SA:2010:007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html SuSE Security Announcement: SUSE-SA:2010:010 (Google Search) SuSE Security Announcement: SUSE-SA:2010:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html SuSE Security Announcement: SUSE-SA:2010:013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html SuSE Security Announcement: SUSE-SA:2010:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html XForce ISS Database: kernel-e1000main-security-bypass(55648) https://exchange.xforce.ibmcloud.com/vulnerabilities/55648 Common Vulnerability Exposure (CVE) ID: CVE-2009-4537 BugTraq ID: 37521 http://www.securityfocus.com/bid/37521 Debian Security Information: DSA-2053 (Google Search) http://www.debian.org/security/2010/dsa-2053 http://twitter.com/dakami/statuses/7104238406 http://marc.info/?l=linux-netdev&m=126202972828626&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7443 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9439 http://securitytracker.com/id?1023419 http://secunia.com/advisories/39742 http://secunia.com/advisories/39830 http://secunia.com/advisories/40645 SuSE Security Announcement: SUSE-SA:2010:023 (Google Search) http://www.novell.com/linux/security/advisories/2010_23_kernel.html SuSE Security Announcement: SUSE-SA:2010:031 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html http://www.vupen.com/english/advisories/2010/1857 XForce ISS Database: kernel-r8169-dos(55647) https://exchange.xforce.ibmcloud.com/vulnerabilities/55647 Common Vulnerability Exposure (CVE) ID: CVE-2009-4538 BugTraq ID: 37523 http://www.securityfocus.com/bid/37523 http://www.mandriva.com/security/advisories?name=MDVSA-2010:066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7016 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9702 XForce ISS Database: kernel-edriver-unspecified(55645) https://exchange.xforce.ibmcloud.com/vulnerabilities/55645 Common Vulnerability Exposure (CVE) ID: CVE-2010-0307 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX http://www.securityfocus.com/archive/1/516397/100/0/threaded 38027 http://www.securityfocus.com/bid/38027 38492 38779 38922 http://secunia.com/advisories/38922 39649 http://secunia.com/advisories/39649 43315 http://secunia.com/advisories/43315 ADV-2010-0638 http://www.vupen.com/english/advisories/2010/0638 DSA-1996 FEDORA-2010-1787 MDVSA-2010:066 RHSA-2010:0146 https://rhn.redhat.com/errata/RHSA-2010-0146.html RHSA-2010:0398 http://www.redhat.com/support/errata/RHSA-2010-0398.html RHSA-2010:0771 http://www.redhat.com/support/errata/RHSA-2010-0771.html SUSE-SA:2010:014 USN-914-1 http://www.ubuntu.com/usn/USN-914-1 [linux-mm] 20100128 DoS on x86_64 http://marc.info/?l=linux-mm&m=126466407724382&w=2 [oss-security] 20100201 CVE request - kernel: DoS on x86_64 http://www.openwall.com/lists/oss-security/2010/02/01/1 [oss-security] 20100201 Re: CVE request - kernel: DoS on x86_64 http://www.openwall.com/lists/oss-security/2010/02/01/5 [oss-security] 20100203 Re: CVE request - kernel: DoS on x86_64 http://www.openwall.com/lists/oss-security/2010/02/04/1 [oss-security] 20100204 Re: CVE request - kernel: DoS on x86_64 http://www.openwall.com/lists/oss-security/2010/02/04/9 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=221af7f87b97431e3ee21ce4b0e77d5411cf1549 http://marc.info/?t=126466700200002&r=1&w=2 http://support.avaya.com/css/P8/documents/100088287 http://www.globalsecuritymag.com/Vigil-nce-Linux-kernel-denial-of%2C20100202%2C15754.html http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.8 http://www.vmware.com/security/advisories/VMSA-2011-0003.html https://bugzilla.redhat.com/show_bug.cgi?id=560547 oval:org.mitre.oval:def:10870 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10870 Common Vulnerability Exposure (CVE) ID: CVE-2010-0003 37724 http://www.securityfocus.com/bid/37724 38333 http://secunia.com/advisories/38333 DSA-2005 FEDORA-2010-0919 http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034250.html RHSA-2010:0147 http://www.redhat.com/support/errata/RHSA-2010-0147.html SUSE-SA:2010:012 [oss-security] 20100112 CVE request - kernel: infoleak if print-fatal-signals=1 http://www.openwall.com/lists/oss-security/2010/01/12/1 [oss-security] 20100113 Re: CVE request - kernel: infoleak if print-fatal-signals=1 http://www.openwall.com/lists/oss-security/2010/01/13/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b45c6e76bc2c72f6426c14bed64fdcbc9bf37cb0 http://patchwork.kernel.org/patch/69752/ http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.4 https://bugzilla.redhat.com/show_bug.cgi?id=554578 oval:org.mitre.oval:def:10550 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10550 Common Vulnerability Exposure (CVE) ID: CVE-2010-0007 37762 http://www.securityfocus.com/bid/37762 38133 http://secunia.com/advisories/38133 38296 ADV-2010-0109 http://www.vupen.com/english/advisories/2010/0109 MDVSA-2011:051 http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 SUSE-SA:2010:007 SUSE-SA:2010:013 [oss-security] 20100113 CVE Request: kernel ebtables perm check http://www.openwall.com/lists/oss-security/2010/01/14/1 [oss-security] 20100114 Re: CVE Request: kernel ebtables perm check http://www.openwall.com/lists/oss-security/2010/01/14/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dce766af541f6605fa9889892c0280bab31c66ab http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc4 https://bugzilla.redhat.com/show_bug.cgi?id=555238 kernel-ebtables-security-bypass(55602) https://exchange.xforce.ibmcloud.com/vulnerabilities/55602 oval:org.mitre.oval:def:9630 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9630 Common Vulnerability Exposure (CVE) ID: CVE-2010-0006 37810 http://www.securityfocus.com/bid/37810 38168 http://secunia.com/advisories/38168 61876 http://www.osvdb.org/61876 [linux-netdev] 20100114 [PATCH]: ipv6: skb_dst() can be NULL in ipv6_hop_jumbo(). http://marc.info/?l=linux-netdev&m=126343325807340&w=2 [oss-security] 20100114 CVE-2010-0006 - kernel: ipv6: skb_dst() can be NULL in ipv6_hop_jumbo() http://www.openwall.com/lists/oss-security/2010/01/14/2 http://bugs.gentoo.org/show_bug.cgi?id=300951 http://cert.fi/en/reports/2010/vulnerability341748.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2570a4f5428bcdb1077622342181755741e7fa60 http://security-tracker.debian.org/tracker/CVE-2010-0006 https://bugzilla.redhat.com/show_bug.cgi?id=555217 Common Vulnerability Exposure (CVE) ID: CVE-2009-3547 20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel http://www.securityfocus.com/archive/1/512019/100/0/threaded 36901 http://www.securityfocus.com/bid/36901 37351 http://secunia.com/advisories/37351 38017 http://secunia.com/advisories/38017 38794 http://secunia.com/advisories/38794 38834 http://secunia.com/advisories/38834 ADV-2010-0528 http://www.vupen.com/english/advisories/2010/0528 FEDORA-2009-11038 https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html MDVSA-2009:329 http://www.mandriva.com/security/advisories?name=MDVSA-2009:329 RHSA-2009:1540 https://rhn.redhat.com/errata/RHSA-2009-1540.html RHSA-2009:1541 https://rhn.redhat.com/errata/RHSA-2009-1541.html RHSA-2009:1548 https://rhn.redhat.com/errata/RHSA-2009-1548.html RHSA-2009:1550 https://rhn.redhat.com/errata/RHSA-2009-1550.html RHSA-2009:1672 http://www.redhat.com/support/errata/RHSA-2009-1672.html SUSE-SA:2009:054 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html SUSE-SA:2009:056 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html SUSE-SA:2010:001 http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html USN-864-1 http://www.ubuntu.com/usn/usn-864-1 [linux-kernel] 20091014 fs/pipe.c null pointer dereference http://lkml.org/lkml/2009/10/14/184 [linux-kernel] 20091021 Re: [PATCH v4 1/1]: fs: pipe.c null pointer dereference + really sign off + unmangled diffs http://lkml.org/lkml/2009/10/21/42 [oss-security] 20091103 CVE-2009-3547 kernel: fs: pipe.c null pointer dereference http://marc.info/?l=oss-security&m=125724568017045&w=2 [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates http://lists.vmware.com/pipermail/security-announce/2010/000082.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3960243e55320d74195fb85c975e0a8cc4466c http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc6 https://bugzilla.redhat.com/show_bug.cgi?id=530490 oval:org.mitre.oval:def:11513 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11513 oval:org.mitre.oval:def:7608 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7608 oval:org.mitre.oval:def:9327 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9327 Common Vulnerability Exposure (CVE) ID: CVE-2009-3638 36803 http://www.securityfocus.com/bid/36803 [oss-security] 20091023 CVE request: kvm: integer overflow in kvm_dev_ioctl_get_supported_cpuid() http://marc.info/?l=oss-security&m=125628917011048&w=2 [oss-security] 20091023 Re: CVE request: kvm: integer overflow in kvm_dev_ioctl_get_supported_cpuid() http://marc.info/?l=oss-security&m=125632898507373&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6a54435560efdab1a08f429a954df4d6c740bddf http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.4 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc4 https://bugzilla.redhat.com/show_bug.cgi?id=530515 linux-kernel-supportedcpuid-code-execution(53934) https://exchange.xforce.ibmcloud.com/vulnerabilities/53934 Common Vulnerability Exposure (CVE) ID: CVE-2009-3624 37086 http://secunia.com/advisories/37086 [oss-security] 20091022 CVE request: kernel: get_instantiation_keyring() should inc the keyring refcount in all cases http://marc.info/?l=oss-security&m=125619420905341&w=2 [oss-security] 20091022 Re: CVE request: kernel: get_instantiation_keyring() should inc the keyring refcount in all cases http://marc.info/?l=oss-security&m=125624091417161&w=2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=21279cfa107af07ef985539ac0de2152b9cba5f5 http://twitter.com/spendergrsec/statuses/4916661870 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc5 Common Vulnerability Exposure (CVE) ID: CVE-2009-3621 37909 http://secunia.com/advisories/37909 RHSA-2009:1670 http://www.redhat.com/support/errata/RHSA-2009-1670.html RHSA-2009:1671 http://www.redhat.com/support/errata/RHSA-2009-1671.html SUSE-SA:2009:061 http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html SUSE-SA:2009:064 http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html [linux-kernel] 20091019 Re: [PATCH] AF_UNIX: Fix deadlock on connecting to shutdown socket http://lkml.org/lkml/2009/10/19/50 [oss-security] 20091019 CVE request: kernel: AF_UNIX: Fix deadlock on connecting to shutdown socket http://www.openwall.com/lists/oss-security/2009/10/19/2 [oss-security] 20091019 Re: CVE request: kernel: AF_UNIX: Fix deadlock on connecting to shutdown socket http://www.openwall.com/lists/oss-security/2009/10/19/4 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=77238f2b942b38ab4e7f3aced44084493e4a8675 http://patchwork.kernel.org/patch/54678/ https://bugzilla.redhat.com/show_bug.cgi?id=529626 oval:org.mitre.oval:def:6895 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6895 oval:org.mitre.oval:def:9921 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9921 Common Vulnerability Exposure (CVE) ID: CVE-2009-3620 36707 http://secunia.com/advisories/36707 36824 http://www.securityfocus.com/bid/36824 MDVSA-2010:088 http://www.mandriva.com/security/advisories?name=MDVSA-2010:088 MDVSA-2010:198 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 RHSA-2010:0882 [linux-kernel] 20090921 [git pull] drm tree. http://article.gmane.org/gmane.linux.kernel/892259 [oss-security] 20091019 CVE request: kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised http://www.openwall.com/lists/oss-security/2009/10/19/1 [oss-security] 20091019 Re: CVE request: kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised http://www.openwall.com/lists/oss-security/2009/10/19/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7dc482dfeeeefcfd000d4271c4626937406756d7 http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.31-git11.log https://bugzilla.redhat.com/show_bug.cgi?id=529597 oval:org.mitre.oval:def:6763 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6763 oval:org.mitre.oval:def:9891 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9891 Common Vulnerability Exposure (CVE) ID: CVE-2009-3612 [oss-security] 20091014 CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7 http://www.openwall.com/lists/oss-security/2009/10/14/2 [oss-security] 20091014 Re: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7 http://www.openwall.com/lists/oss-security/2009/10/15/1 [oss-security] 20091014 Re: CVE request: kernel: tc: uninitialised kernel memory leak http://www.openwall.com/lists/oss-security/2009/10/14/1 [oss-security] 20091015 Re: CVE request kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7 http://www.openwall.com/lists/oss-security/2009/10/15/3 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad61df918c44316940404891d5082c63e79c256a http://patchwork.ozlabs.org/patch/35412/ https://bugzilla.redhat.com/show_bug.cgi?id=528868 oval:org.mitre.oval:def:10395 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10395 oval:org.mitre.oval:def:7557 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7557 Common Vulnerability Exposure (CVE) ID: CVE-2009-2909 36635 http://www.securityfocus.com/bid/36635 37075 http://secunia.com/advisories/37075 FEDORA-2009-10525 https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00483.html [linux-kernel] 20091002 [071/136] net ax25: Fix signed comparison in the sockopt handler http://article.gmane.org/gmane.linux.kernel/896907 [oss-security] 20091007 More kernel CVE info (CVE-2009-2909) http://marc.info/?l=oss-security&m=125494119617994&w=2 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=b7058842c940ad2c08dd829b21e5c92ebe3b8758 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.2 https://bugzilla.redhat.com/show_bug.cgi?id=528887 Common Vulnerability Exposure (CVE) ID: CVE-2009-2908 36639 http://www.securityfocus.com/bid/36639 37105 http://secunia.com/advisories/37105 USN-852-1 http://www.ubuntu.com/usn/USN-852-1 [oss-security] 20091006 Kernel ecryptfs CVE id (CVE-2009-2908) http://www.openwall.com/lists/oss-security/2009/10/06/1 http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.31.y.git%3Ba=commit%3Bh=afc2b6932f48f200736d3e36ad66fee0ec733136 https://bugs.launchpad.net/ecryptfs/+bug/387073 https://bugzilla.redhat.com/show_bug.cgi?id=527534 kernel-ecryptfs-dos(53693) https://exchange.xforce.ibmcloud.com/vulnerabilities/53693 oval:org.mitre.oval:def:10216 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10216 oval:org.mitre.oval:def:6992 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6992 Common Vulnerability Exposure (CVE) ID: CVE-2009-2903 36379 http://www.securityfocus.com/bid/36379 [oss-security] 20090914 CVE-2009-2903 kernel: appletalk: denial of service when handling IP tunnelled over DDP datagrams http://www.openwall.com/lists/oss-security/2009/09/14/1 [oss-security] 20090914 Re: CVE-2009-2903 kernel: appletalk: denial of service when handling IP tunnelled over DDP datagrams http://www.openwall.com/lists/oss-security/2009/09/14/2 [oss-security] 20090917 Re: CVE-2009-2903 kernel: appletalk: denial of service when handling IP tunnelled over DDP datagrams http://www.openwall.com/lists/oss-security/2009/09/17/11 http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git%3Ba=commit%3Bh=ffcfb8db540ff879c2a85bf7e404954281443414 https://bugzilla.redhat.com/show_bug.cgi?id=522331 Common Vulnerability Exposure (CVE) ID: CVE-2009-3290 http://www.openwall.com/lists/oss-security/2009/09/18/1 http://www.openwall.com/lists/oss-security/2009/09/21/1 http://www.openwall.com/lists/oss-security/2009/09/22/8 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11328 http://www.redhat.com/support/errata/RHSA-2009-1465.html Common Vulnerability Exposure (CVE) ID: CVE-2009-2847 Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search) http://www.securityfocus.com/archive/1/507985/100/0/threaded http://www.exploit-db.com/exploits/9352 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html http://www.openwall.com/lists/oss-security/2009/08/04/1 http://www.openwall.com/lists/oss-security/2009/08/05/1 http://www.openwall.com/lists/oss-security/2009/08/26/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10637 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8405 RedHat Security Advisories: RHSA-2009:1243 http://rhn.redhat.com/errata/RHSA-2009-1243.html http://www.redhat.com/support/errata/RHSA-2009-1438.html http://secunia.com/advisories/36136 http://secunia.com/advisories/36501 http://secunia.com/advisories/36562 http://secunia.com/advisories/36759 http://secunia.com/advisories/37471 http://www.vupen.com/english/advisories/2009/3316
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.