English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.70887
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-1170-1 (linux-image-2.6.24-29-386)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to linux-image-2.6.24-29-386
announced via advisory USN-1170-1.

Details:

Dan Rosenberg discovered that multiple terminal ioctls did not correctly
initialize structure memory. A local attacker could exploit this to read
portions of kernel stack memory, leading to a loss of privacy.
(CVE-2010-4076, CVE-2010-4077)

It was discovered that Xen did not correctly handle certain block requests.
A local attacker in a Xen guest could cause the Xen host to use all
available CPU resources, leading to a denial of service. (CVE-2010-4247)

It was discovered that the ICMP stack did not correctly handle certain
unreachable messages. If a remote attacker were able to acquire a socket
lock, they could send specially crafted traffic that would crash the
system, leading to a denial of service. (CVE-2010-4526)

Kees Cook reported that /proc/pid/stat did not correctly filter certain
memory locations. A local attacker could determine the memory layout of
processes in an attempt to increase the chances of a successful memory
corruption exploit. (CVE-2011-0726)

Timo Warns discovered that OSF partition parsing routines did not correctly
clear memory. A local attacker with physical access could plug in a
specially crafted block device to read kernel memory, leading to a loss of
privacy. (CVE-2011-1163)

Timo Warns discovered that the GUID partition parsing routines did not
correctly validate certain structures. A local attacker with physical
access could plug in a specially crafted block device to crash the system,
leading to a denial of service. (CVE-2011-1577)

Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl
values. A local attacker with access to the video subsystem could exploit
this to crash the system, leading to a denial of service, or possibly gain
root privileges. (CVE-2011-1745, CVE-2011-2022)

Vasiliy Kulikov discovered that the AGP driver did not check the size of
certain memory allocations. A local attacker with access to the video
subsystem could exploit this to run the system out of memory, leading to a
denial of service. (CVE-2011-1746, CVE-2011-1747)

Solution:
The problem can be corrected by updating your system to the following
package versions:

Ubuntu 8.04 LTS:
linux-image-2.6.24-29-386 2.6.24-29.91
linux-image-2.6.24-29-generic 2.6.24-29.91
linux-image-2.6.24-29-hppa32 2.6.24-29.91
linux-image-2.6.24-29-hppa64 2.6.24-29.91
linux-image-2.6.24-29-itanium 2.6.24-29.91
linux-image-2.6.24-29-lpia 2.6.24-29.91
linux-image-2.6.24-29-lpiacompat 2.6.24-29.91
linux-image-2.6.24-29-mckinley 2.6.24-29.91
linux-image-2.6.24-29-openvz 2.6.24-29.91
linux-image-2.6.24-29-powerpc 2.6.24-29.91
linux-image-2.6.24-29-powerpc-smp 2.6.24-29.91
linux-image-2.6.24-29-powerpc64-smp 2.6.24-29.91
linux-image-2.6.24-29-rt 2.6.24-29.91
linux-image-2.6.24-29-server 2.6.24-29.91
linux-image-2.6.24-29-sparc64 2.6.24-29.91
linux-image-2.6.24-29-sparc64-smp 2.6.24-29.91
linux-image-2.6.24-29-virtual 2.6.24-29.91
linux-image-2.6.24-29-xen 2.6.24-29.91

http://www.securityspace.com/smysecure/catid.html?in=USN-1170-1

CVSS Score:
7.1

CVSS Vector:
AV:L/AC:H/Au:NR/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-4076
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d281da7ff6f70efca0553c288bb883e8605b3862
http://lkml.org/lkml/2010/9/15/389
http://www.openwall.com/lists/oss-security/2010/09/25/2
http://www.openwall.com/lists/oss-security/2010/10/06/6
http://www.openwall.com/lists/oss-security/2010/10/07/1
http://www.openwall.com/lists/oss-security/2010/10/25/3
Common Vulnerability Exposure (CVE) ID: CVE-2010-4077
BugTraq ID: 45059
http://www.securityfocus.com/bid/45059
http://lkml.indiana.edu/hypermail//linux/kernel/1009.1/03387.html
http://www.redhat.com/support/errata/RHSA-2010-0958.html
http://www.redhat.com/support/errata/RHSA-2011-0007.html
http://secunia.com/advisories/42890
http://securityreason.com/securityalert/8129
Common Vulnerability Exposure (CVE) ID: CVE-2010-4247
20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
http://www.securityfocus.com/archive/1/520102/100/0/threaded
35093
http://secunia.com/advisories/35093
42789
http://secunia.com/advisories/42789
45029
http://www.securityfocus.com/bid/45029
46397
http://secunia.com/advisories/46397
ADV-2011-0024
http://www.vupen.com/english/advisories/2011/0024
RHSA-2011:0004
http://www.redhat.com/support/errata/RHSA-2011-0004.html
[oss-security] 20101123 CVE request: xen: request-processing loop is unbounded in blkback
http://www.openwall.com/lists/oss-security/2010/11/23/1
[oss-security] 20101124 Re: CVE request: xen: request-processing loop is unbounded in blkback
http://www.openwall.com/lists/oss-security/2010/11/24/8
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c
http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d
https://bugzilla.redhat.com/show_bug.cgi?id=656206
Common Vulnerability Exposure (CVE) ID: CVE-2010-4526
42964
http://secunia.com/advisories/42964
45661
http://www.securityfocus.com/bid/45661
ADV-2011-0169
http://www.vupen.com/english/advisories/2011/0169
RHSA-2011:0163
http://www.redhat.com/support/errata/RHSA-2011-0163.html
[oss-security] 20110104 CVE-2010-4526 kernel: sctp: a race between ICMP protocol unreachable and connect()
http://www.openwall.com/lists/oss-security/2011/01/04/3
[oss-security] 20110104 Re: CVE-2010-4526 kernel: sctp: a race between ICMP protocol unreachable and connect()
http://www.openwall.com/lists/oss-security/2011/01/04/13
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=50b5d6ad63821cea324a5a7a19854d4de1a0a819
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4526
kernel-icmp-message-dos(64616)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64616
Common Vulnerability Exposure (CVE) ID: CVE-2011-0726
BugTraq ID: 47791
http://www.securityfocus.com/bid/47791
https://lkml.org/lkml/2011/3/11/380
http://www.spinics.net/lists/mm-commits/msg82726.html
RedHat Security Advisories: RHSA-2011:0833
http://rhn.redhat.com/errata/RHSA-2011-0833.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-1163
1025225
http://securitytracker.com/id?1025225
20110317 [PRE-SA-2011-02] Information disclosure vulnerability in the OSF partition handling code of the Linux kernel
http://www.securityfocus.com/archive/1/517050
46878
http://www.securityfocus.com/bid/46878
8189
http://securityreason.com/securityalert/8189
RHSA-2011:0833
SUSE-SU-2015:0812
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
[mm-commits] 20110314 + fs-partitions-osfc-corrupted-osf-partition-table-can-cause-information-disclosure.patch added to -mm tree
http://www.spinics.net/lists/mm-commits/msg82737.html
[oss-security] 20110315 CVE Request: kernel: fs/partitions: Corrupted OSF partition table can cause information disclosure
http://openwall.com/lists/oss-security/2011/03/15/9
[oss-security] 20110315 Re: CVE Request: kernel: fs/partitions: Corrupted OSF partition table can cause information disclosure
http://openwall.com/lists/oss-security/2011/03/15/14
http://downloads.avaya.com/css/P8/documents/100145416
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1eafbfeb7bdf59cfe173304c76188f3fd5f1fd05
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38
http://www.pre-cert.de/advisories/PRE-SA-2011-02.txt
https://bugzilla.redhat.com/show_bug.cgi?id=688021
Common Vulnerability Exposure (CVE) ID: CVE-2011-1577
1025355
http://securitytracker.com/id?1025355
20110413 [PRE-SA-2011-03] Denial-of-service vulnerability in EFI partition handling code of the Linux kernel
http://www.securityfocus.com/archive/1/517477/100/0/threaded
47343
http://www.securityfocus.com/bid/47343
8238
http://securityreason.com/securityalert/8238
FEDORA-2011-7823
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html
[mm-commits] 20110412 + fs-partitions-efic-corrupted-guid-partition-tables-can-cause-kernel-oops.patch added to -mm tree
http://www.spinics.net/lists/mm-commits/msg83274.html
[oss-security] 20110412 CVE Request: kernel: fs/partitions: Corrupted GUID partition tables can cause kernel oops
http://openwall.com/lists/oss-security/2011/04/12/17
[oss-security] 20110413 Re: CVE Request: kernel: fs/partitions: Corrupted GUID partition tables can cause kernel oops
http://openwall.com/lists/oss-security/2011/04/13/1
https://bugzilla.redhat.com/show_bug.cgi?id=695976
kernel-guid-dos(66773)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66773
Common Vulnerability Exposure (CVE) ID: CVE-2011-1745
47534
http://www.securityfocus.com/bid/47534
RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
[linux-kernel] 20110414 [PATCH] char: agp: fix arbitrary kernel memory writes
https://lkml.org/lkml/2011/4/14/293
[oss-security] 20110421 CVE request: kernel: buffer overflow and DoS issues in agp
http://openwall.com/lists/oss-security/2011/04/21/4
[oss-security] 20110422 Re: CVE request: kernel: buffer overflow and DoS issues in agp
http://openwall.com/lists/oss-security/2011/04/22/7
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=194b3da873fd334ef183806db751473512af29ce
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.5
https://bugzilla.redhat.com/show_bug.cgi?id=698996
Common Vulnerability Exposure (CVE) ID: CVE-2011-2022
BugTraq ID: 47843
http://www.securityfocus.com/bid/47843
RedHat Security Advisories: RHSA-2011:0927
Common Vulnerability Exposure (CVE) ID: CVE-2011-1746
47535
http://www.securityfocus.com/bid/47535
[linux-kernel] 20110414 [PATCH] char: agp: fix OOM and buffer overflow
https://lkml.org/lkml/2011/4/14/294
[linux-kernel] 20110419 Re: [PATCH] char: agp: fix OOM and buffer overflow
https://lkml.org/lkml/2011/4/19/400
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b522f02184b413955f3bc952e3776ce41edc6355
https://bugzilla.redhat.com/show_bug.cgi?id=698998
Common Vulnerability Exposure (CVE) ID: CVE-2011-1747
1025441
http://securitytracker.com/id?1025441
47832
http://www.securityfocus.com/bid/47832
http://openwall.com/lists/oss-security/2011/04/22/10
http://openwall.com/lists/oss-security/2011/04/22/11
http://openwall.com/lists/oss-security/2011/04/22/8
http://openwall.com/lists/oss-security/2011/04/22/9
https://bugzilla.redhat.com/show_bug.cgi?id=698999
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.