English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 75803 CVE descriptions
and 40037 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.69141
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-1080-2 (linux-ec2)
Summary:Ubuntu USN-1080-2 (linux-ec2)
Description:The remote host is missing an update to linux-ec2
announced via advisory USN-1080-2.

Details follow:

USN-1080-1 fixed vulnerabilities in the Linux kernel. This update provides
the corresponding updates for the Linux kernel for use with EC2.

Original advisory details:

Thomas Pollet discovered that the RDS network protocol did not check
certain iovec buffers. A local attacker could exploit this to crash the
system or possibly execute arbitrary code as the root user. (CVE-2010-3865)

Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did
not correctly clear kernel memory. A local attacker could exploit this to
read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)

Vasiliy Kulikov discovered that the Linux kernel sockets implementation did
not properly initialize certain structures. A local attacker could exploit
this to read kernel stack memory, leading to a loss of privacy.
(CVE-2010-3876)

Vasiliy Kulikov discovered that the TIPC interface did not correctly
initialize certain structures. A local attacker could exploit this to read
kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)

Nelson Elhage discovered that the Linux kernel IPv4 implementation did not
properly audit certain bytecodes in netlink messages. A local attacker
could exploit this to cause the kernel to hang, leading to a denial of
service. (CVE-2010-3880)

It was discovered that multithreaded exec did not handle CPU timers
correctly. A local attacker could exploit this to crash the system, leading
to a denial of service. (CVE-2010-4248)

Krishna Gudipati discovered that the bfa adapter driver did not correctly
initialize certain structures. A local attacker could read files in /sys to
crash the system, leading to a denial of service. (CVE-2010-4343)

Tavis Ormandy discovered that the install_special_mapping function could
bypass the mmap_min_addr restriction. A local attacker could exploit this
to mmap 4096 bytes below the mmap_min_addr area, possibly improving the
chances of performing NULL pointer dereference attacks. (CVE-2010-4346)

It was discovered that the ICMP stack did not correctly handle certain
unreachable messages. If a remote attacker were able to acquire a socket
lock, they could send specially crafted traffic that would crash the
system, leading to a denial of service. (CVE-2010-4526)

Dan Rosenberg discovered that the OSS subsystem did not handle name
termination correctly. A local attacker could exploit this crash the system
or gain root privileges. (CVE-2010-4527)

Dan Carpenter discovered that the Infiniband driver did not correctly
handle certain requests. A local user could exploit this to crash the
system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.32-313-ec2 2.6.32-313.26

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

http://www.securityspace.com/smysecure/catid.html?in=USN-1080-2

Risk factor : High
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-3865
Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/archive/1/520102/100/0/threaded
http://www.spinics.net/lists/netdev/msg145359.html
http://www.spinics.net/lists/netdev/msg145397.html
http://www.openwall.com/lists/oss-security/2010/10/29/1
http://www.openwall.com/lists/oss-security/2010/11/01/1
http://www.redhat.com/support/errata/RHSA-2011-0004.html
http://www.redhat.com/support/errata/RHSA-2011-0007.html
SuSE Security Announcement: SUSE-SA:2010:057 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00004.html
SuSE Security Announcement: SUSE-SA:2011:001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
SuSE Security Announcement: SUSE-SA:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html
SuSE Security Announcement: SUSE-SA:2011:007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
BugTraq ID: 44549
http://www.securityfocus.com/bid/44549
http://secunia.com/advisories/42778
http://secunia.com/advisories/42801
http://secunia.com/advisories/42789
http://secunia.com/advisories/42890
http://secunia.com/advisories/46397
http://www.vupen.com/english/advisories/2011/0012
http://www.vupen.com/english/advisories/2011/0024
http://www.vupen.com/english/advisories/2011/0298
XForce ISS Database: kernel-rdsrdmapages-overflow(62881)
http://xforce.iss.net/xforce/xfdb/62881
Common Vulnerability Exposure (CVE) ID: CVE-2010-3875
http://marc.info/?l=linux-netdev&m=128854507120898&w=2
http://openwall.com/lists/oss-security/2010/11/02/7
http://openwall.com/lists/oss-security/2010/11/04/5
Debian Security Information: DSA-2126 (Google Search)
http://www.debian.org/security/2010/dsa-2126
http://www.mandriva.com/security/advisories?name=MDVSA-2011:029
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
BugTraq ID: 44630
http://www.securityfocus.com/bid/44630
Common Vulnerability Exposure (CVE) ID: CVE-2010-3876
http://marc.info/?l=linux-netdev&m=128854507220908&w=2
http://openwall.com/lists/oss-security/2010/11/02/12
http://openwall.com/lists/oss-security/2010/11/02/10
http://openwall.com/lists/oss-security/2010/11/02/9
http://www.redhat.com/support/errata/RHSA-2010-0958.html
http://www.redhat.com/support/errata/RHSA-2011-0162.html
http://secunia.com/advisories/42963
http://www.vupen.com/english/advisories/2011/0168
Common Vulnerability Exposure (CVE) ID: CVE-2010-3877
http://marc.info/?l=linux-netdev&m=128854507420917&w=2
http://www.redhat.com/support/errata/RHSA-2011-0017.html
http://secunia.com/advisories/42884
XForce ISS Database: kernel-getname-info-disc(64578)
http://xforce.iss.net/xforce/xfdb/64578
Common Vulnerability Exposure (CVE) ID: CVE-2010-3880
http://www.spinics.net/lists/netdev/msg145899.html
http://openwall.com/lists/oss-security/2010/11/04/9
http://openwall.com/lists/oss-security/2010/11/05/3
BugTraq ID: 44665
http://www.securityfocus.com/bid/44665
http://secunia.com/advisories/42126
Common Vulnerability Exposure (CVE) ID: CVE-2010-4248
http://www.openwall.com/lists/oss-security/2010/11/23/2
http://www.openwall.com/lists/oss-security/2010/11/24/9
BugTraq ID: 45028
http://www.securityfocus.com/bid/45028
Common Vulnerability Exposure (CVE) ID: CVE-2010-4343
http://www.spinics.net/lists/linux-scsi/msg43772.html
http://www.openwall.com/lists/oss-security/2010/12/08/3
http://www.openwall.com/lists/oss-security/2010/12/09/15
BugTraq ID: 45262
http://www.securityfocus.com/bid/45262
Common Vulnerability Exposure (CVE) ID: CVE-2010-4346
https://lkml.org/lkml/2010/12/9/222
http://openwall.com/lists/oss-security/2010/12/09/13
http://openwall.com/lists/oss-security/2010/12/09/12
http://openwall.com/lists/oss-security/2010/12/10/3
http://openwall.com/lists/oss-security/2010/12/10/2
BugTraq ID: 45323
http://www.securityfocus.com/bid/45323
http://secunia.com/advisories/42570
Common Vulnerability Exposure (CVE) ID: CVE-2010-4526
http://www.openwall.com/lists/oss-security/2011/01/04/3
http://www.openwall.com/lists/oss-security/2011/01/04/13
http://www.redhat.com/support/errata/RHSA-2011-0163.html
BugTraq ID: 45661
http://www.securityfocus.com/bid/45661
http://secunia.com/advisories/42964
http://www.vupen.com/english/advisories/2011/0169
XForce ISS Database: kernel-icmp-message-dos(64616)
http://xforce.iss.net/xforce/xfdb/64616
Common Vulnerability Exposure (CVE) ID: CVE-2010-4527
http://openwall.com/lists/oss-security/2010/12/31/1
http://openwall.com/lists/oss-security/2010/12/31/4
http://xorl.wordpress.com/2011/01/09/cve-2010-4527-linux-kernel-oss-sound-card-driver-buffer-overflow/
SuSE Security Announcement: SUSE-SA:2011:008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
BugTraq ID: 45629
http://www.securityfocus.com/bid/45629
http://secunia.com/advisories/42765
http://secunia.com/advisories/43291
http://www.vupen.com/english/advisories/2011/0375
Common Vulnerability Exposure (CVE) ID: CVE-2010-4649
RedHat Security Advisories: RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
BugTraq ID: 46073
http://www.securityfocus.com/bid/46073
Common Vulnerability Exposure (CVE) ID: CVE-2011-1044
BugTraq ID: 46488
http://www.securityfocus.com/bid/46488
XForce ISS Database: kernel-ibuverbspollcq-info-disclosure(65563)
http://xforce.iss.net/xforce/xfdb/65563
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.