Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.67903
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2010:0661
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2010:0661.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

* when an application has a stack overflow, the stack could silently
overwrite another memory mapped area instead of a segmentation fault
occurring, which could cause an application to execute arbitrary code,
possibly leading to privilege escalation. It is known that the X Window
System server can be used to trigger this flaw. (CVE-2010-2240, Important)

Red Hat would like to thank the X.Org security team for reporting this
issue. Upstream acknowledges Rafal Wojtczuk as the original reporter.

Users should upgrade to these updated packages, which contain backported
patches to correct this issue. The system must be rebooted for this update
to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2010-0661.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : High

CVSS Score:
7.2

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-2240
Bugtraq: 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/517739/100/0/threaded
Debian Security Information: DSA-2094 (Google Search)
http://www.debian.org/security/2010/dsa-2094
http://www.mandriva.com/security/advisories?name=MDVSA-2010:172
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf
http://lists.vmware.com/pipermail/security-announce/2011/000133.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247
http://www.redhat.com/support/errata/RHSA-2010-0660.html
RedHat Security Advisories: RHSA-2010:0661
https://rhn.redhat.com/errata/RHSA-2010-0661.html
http://www.redhat.com/support/errata/RHSA-2010-0670.html
http://www.redhat.com/support/errata/RHSA-2010-0882.html
http://securitytracker.com/id?1024344
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.