Test ID:	1.3.6.1.4.1.25623.1.0.67907
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2010:0677
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2010:0677. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * When an application has a stack overflow, the stack could silently overwrite another memory mapped area instead of a segmentation fault occurring, which could cause an application to execute arbitrary code, possibly leading to privilege escalation. It is known that the X Window System server can be used to trigger this flaw. (CVE-2010-2240, Important) Red Hat would like to thank the X.Org security team for reporting this issue. Upstream acknowledges Rafal Wojtczuk as the original reporter. Users should upgrade to these updated packages, which contain backported patches to correct this issue. The system must be rebooted for this update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0677.html http://www.redhat.com/security/updates/classification/#important Risk factor : High CVSS Score: 7.2
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2240 1024344 http://securitytracker.com/id?1024344 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console http://www.securityfocus.com/archive/1/517739/100/0/threaded DSA-2094 http://www.debian.org/security/2010/dsa-2094 MDVSA-2010:172 http://www.mandriva.com/security/advisories?name=MDVSA-2010:172 MDVSA-2010:198 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 MDVSA-2011:051 http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 RHSA-2010:0660 http://www.redhat.com/support/errata/RHSA-2010-0660.html RHSA-2010:0661 https://rhn.redhat.com/errata/RHSA-2010-0661.html RHSA-2010:0670 http://www.redhat.com/support/errata/RHSA-2010-0670.html RHSA-2010:0882 http://www.redhat.com/support/errata/RHSA-2010-0882.html [security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console http://lists.vmware.com/pipermail/security-announce/2011/000133.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893 http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2 http://www.vmware.com/security/advisories/VMSA-2011-0007.html http://www.vmware.com/security/advisories/VMSA-2011-0009.html https://bugzilla.redhat.com/show_bug.cgi?id=606611 oval:org.mitre.oval:def:13247 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.