English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.70888
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-1168-1 (linux-image-2.6.32-33-386)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to linux-image-2.6.32-33-386
announced via advisory USN-1168-1.

Details:

Timo Warns discovered that the LDM disk partition handling code did not
correctly handle certain values. By inserting a specially crafted disk
device, a local attacker could exploit this to gain root privileges.
(CVE-2011-1017)

Neil Horman discovered that NFSv4 did not correctly handle certain orders
of operation with ACL data. A remote attacker with access to an NFSv4 mount
could exploit this to crash the system, leading to a denial of service.
(CVE-2011-1090)

Timo Warns discovered that OSF partition parsing routines did not correctly
clear memory. A local attacker with physical access could plug in a
specially crafted block device to read kernel memory, leading to a loss of
privacy. (CVE-2011-1163)

Dan Rosenberg discovered that MPT devices did not correctly validate
certain values in ioctl calls. If these drivers were loaded, a local
attacker could exploit this to read arbitrary kernel memory, leading to a
loss of privacy. (CVE-2011-1494, CVE-2011-1495)

Tavis Ormandy discovered that the pidmap function did not correctly handle
large requests. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2011-1593)

Oliver Hartkopp and Dave Jones discovered that the CAN network driver did
not correctly validate certain socket structures. If this driver was
loaded, a local attacker could crash the system, leading to a denial of
service. (CVE-2011-1598, CVE-2011-1748)

Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl
values. A local attacker with access to the video subsystem could exploit
this to crash the system, leading to a denial of service, or possibly gain
root privileges. (CVE-2011-1745, CVE-2011-2022)

Vasiliy Kulikov discovered that the AGP driver did not check the size of
certain memory allocations. A local attacker with access to the video
subsystem could exploit this to run the system out of memory, leading to a
denial of service. (CVE-2011-1746, CVE-2011-1747)

Dan Rosenberg discovered that the DCCP stack did not correctly handle
certain packet structures. A remote attacker could exploit this to crash
the system, leading to a denial of service. (CVE-2011-1770)

Solution:
The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.32-33-386 2.6.32-33.70
linux-image-2.6.32-33-generic 2.6.32-33.70
linux-image-2.6.32-33-generic-pae 2.6.32-33.70
linux-image-2.6.32-33-ia64 2.6.32-33.70
linux-image-2.6.32-33-lpia 2.6.32-33.70
linux-image-2.6.32-33-powerpc 2.6.32-33.70
linux-image-2.6.32-33-powerpc-smp 2.6.32-33.70
linux-image-2.6.32-33-powerpc64-smp 2.6.32-33.70
linux-image-2.6.32-33-preempt 2.6.32-33.70
linux-image-2.6.32-33-server 2.6.32-33.70
linux-image-2.6.32-33-sparc64 2.6.32-33.70
linux-image-2.6.32-33-sparc64-smp 2.6.32-33.70
linux-image-2.6.32-33-versatile 2.6.32-33.70
linux-image-2.6.32-33-virtual 2.6.32-33.70

http://www.securityspace.com/smysecure/catid.html?in=USN-1168-1

CVSS Score:
7.8

CVSS Vector:
AV:L/AC:L/Au:NR/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-1017
BugTraq ID: 46512
http://www.securityfocus.com/bid/46512
Bugtraq: 20110223 [PRE-SA-2011-01] Multiple Linux kernel vulnerabilities in partition handling code of LDM and MAC partition tables (Google Search)
http://www.securityfocus.com/archive/1/516615/100/0/threaded
http://www.pre-cert.de/advisories/PRE-SA-2011-01.txt
http://openwall.com/lists/oss-security/2011/02/23/16
http://openwall.com/lists/oss-security/2011/02/24/4
http://openwall.com/lists/oss-security/2011/02/24/14
http://securitytracker.com/id?1025128
http://secunia.com/advisories/43716
http://secunia.com/advisories/43738
http://securityreason.com/securityalert/8115
http://www.ubuntu.com/usn/USN-1146-1
Common Vulnerability Exposure (CVE) ID: CVE-2011-1090
1025336
http://securitytracker.com/id?1025336
20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
http://www.securityfocus.com/archive/1/520102/100/0/threaded
46397
http://secunia.com/advisories/46397
SUSE-SU-2015:0812
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
[oss-security] 20110307 CVE request - kernel: nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab
http://openwall.com/lists/oss-security/2011/03/07/2
[oss-security] 20110307 Re: CVE request - kernel: nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab
http://openwall.com/lists/oss-security/2011/03/07/12
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e9e3d724e2145f5039b423c290ce2b2c3d8f94bc
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
https://bugzilla.redhat.com/show_bug.cgi?id=682641
Common Vulnerability Exposure (CVE) ID: CVE-2011-1163
1025225
http://securitytracker.com/id?1025225
20110317 [PRE-SA-2011-02] Information disclosure vulnerability in the OSF partition handling code of the Linux kernel
http://www.securityfocus.com/archive/1/517050
46878
http://www.securityfocus.com/bid/46878
8189
http://securityreason.com/securityalert/8189
RHSA-2011:0833
http://rhn.redhat.com/errata/RHSA-2011-0833.html
[mm-commits] 20110314 + fs-partitions-osfc-corrupted-osf-partition-table-can-cause-information-disclosure.patch added to -mm tree
http://www.spinics.net/lists/mm-commits/msg82737.html
[oss-security] 20110315 CVE Request: kernel: fs/partitions: Corrupted OSF partition table can cause information disclosure
http://openwall.com/lists/oss-security/2011/03/15/9
[oss-security] 20110315 Re: CVE Request: kernel: fs/partitions: Corrupted OSF partition table can cause information disclosure
http://openwall.com/lists/oss-security/2011/03/15/14
http://downloads.avaya.com/css/P8/documents/100145416
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1eafbfeb7bdf59cfe173304c76188f3fd5f1fd05
http://www.pre-cert.de/advisories/PRE-SA-2011-02.txt
https://bugzilla.redhat.com/show_bug.cgi?id=688021
Common Vulnerability Exposure (CVE) ID: CVE-2011-1494
47185
http://www.securityfocus.com/bid/47185
[linux-kernel] 20110405 [PATCH] drivers/scsi/mpt2sas: prevent heap overflows and unchecked reads
http://lkml.org/lkml/2011/4/5/327
[oss-security] 20110405 CVE request: kernel: two issues in mpt2sas
http://openwall.com/lists/oss-security/2011/04/05/32
[oss-security] 20110406 Re: CVE request: kernel: two issues in mpt2sas
http://openwall.com/lists/oss-security/2011/04/06/2
https://bugzilla.redhat.com/show_bug.cgi?id=694021
https://patchwork.kernel.org/patch/688021/
Common Vulnerability Exposure (CVE) ID: CVE-2011-1495
Common Vulnerability Exposure (CVE) ID: CVE-2011-1593
1025420
http://securitytracker.com/id?1025420
44164
http://secunia.com/advisories/44164
47497
http://www.securityfocus.com/bid/47497
RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
USN-1146-1
[linux-kernel] 20110418 Re: Kernel panic (NULL ptr deref?) in find_ge_pid()/next_pidmap() (via sys_getdents or sys_readdir)
http://groups.google.com/group/fa.linux.kernel/msg/4a28ecb7f755a88d?dmode=source
[oss-security] 20110419 CVE request -- kernel: proc: signedness issue in next_pidmap()
http://openwall.com/lists/oss-security/2011/04/19/1
[oss-security] 20110420 Re: CVE request -- kernel: proc: signedness issue in next_pidmap()
http://openwall.com/lists/oss-security/2011/04/20/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c78193e9c7bcbf25b8237ad0dec82f805c4ea69b
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d8bdc59f215e62098bc5b4256fd9928bf27053a1
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.4
https://bugzilla.redhat.com/show_bug.cgi?id=697822
kernel-nextpidmap-dos(66876)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66876
Common Vulnerability Exposure (CVE) ID: CVE-2011-1598
47503
http://www.securityfocus.com/bid/47503
[netdev] 20110420 Add missing socket check in can/bcm release.
http://permalink.gmane.org/gmane.linux.network/192898
[oss-security] 20110420 CVE request: kernel: missing socket check in can/bcm release
http://openwall.com/lists/oss-security/2011/04/20/2
[oss-security] 20110420 Re: CVE request: kernel: missing socket check in can/bcm release
http://openwall.com/lists/oss-security/2011/04/20/6
[oss-security] 20110421 Re: CVE request: kernel: missing socket check in can/bcm release
http://openwall.com/lists/oss-security/2011/04/20/7
http://openwall.com/lists/oss-security/2011/04/21/1
http://openwall.com/lists/oss-security/2011/04/21/2
http://openwall.com/lists/oss-security/2011/04/21/7
[oss-security] 20110422 Re: CVE request: kernel: missing socket check in can/bcm release
http://openwall.com/lists/oss-security/2011/04/22/2
[oss-security] 20110425 Re: CVE request: kernel: missing socket check in can/bcm release
http://openwall.com/lists/oss-security/2011/04/25/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c6914a6f261aca0c9f715f883a353ae7ff51fe83
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.39-rc6
https://bugzilla.redhat.com/show_bug.cgi?id=698057
Common Vulnerability Exposure (CVE) ID: CVE-2011-1748
47835
http://www.securityfocus.com/bid/47835
[netdev] 20110420 [PATCH v2] can: add missing socket check in can/raw release
http://permalink.gmane.org/gmane.linux.network/192974
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=10022a6c66e199d8f61d9044543f38785713cbbd
Common Vulnerability Exposure (CVE) ID: CVE-2011-1745
47534
http://www.securityfocus.com/bid/47534
[linux-kernel] 20110414 [PATCH] char: agp: fix arbitrary kernel memory writes
https://lkml.org/lkml/2011/4/14/293
[oss-security] 20110421 CVE request: kernel: buffer overflow and DoS issues in agp
http://openwall.com/lists/oss-security/2011/04/21/4
[oss-security] 20110422 Re: CVE request: kernel: buffer overflow and DoS issues in agp
http://openwall.com/lists/oss-security/2011/04/22/7
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=194b3da873fd334ef183806db751473512af29ce
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.5
https://bugzilla.redhat.com/show_bug.cgi?id=698996
Common Vulnerability Exposure (CVE) ID: CVE-2011-2022
BugTraq ID: 47843
http://www.securityfocus.com/bid/47843
RedHat Security Advisories: RHSA-2011:0927
Common Vulnerability Exposure (CVE) ID: CVE-2011-1746
47535
http://www.securityfocus.com/bid/47535
[linux-kernel] 20110414 [PATCH] char: agp: fix OOM and buffer overflow
https://lkml.org/lkml/2011/4/14/294
[linux-kernel] 20110419 Re: [PATCH] char: agp: fix OOM and buffer overflow
https://lkml.org/lkml/2011/4/19/400
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b522f02184b413955f3bc952e3776ce41edc6355
https://bugzilla.redhat.com/show_bug.cgi?id=698998
Common Vulnerability Exposure (CVE) ID: CVE-2011-1747
1025441
http://securitytracker.com/id?1025441
47832
http://www.securityfocus.com/bid/47832
http://openwall.com/lists/oss-security/2011/04/22/10
http://openwall.com/lists/oss-security/2011/04/22/11
http://openwall.com/lists/oss-security/2011/04/22/8
http://openwall.com/lists/oss-security/2011/04/22/9
https://bugzilla.redhat.com/show_bug.cgi?id=698999
Common Vulnerability Exposure (CVE) ID: CVE-2011-1770
1025592
http://www.securitytracker.com/id?1025592
44932
http://secunia.com/advisories/44932
47769
http://www.securityfocus.com/bid/47769
8286
http://securityreason.com/securityalert/8286
FEDORA-2011-7551
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061366.html
FEDORA-2011-7823
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html
[linux-kernel] 20110506 Re: [PATCH] dccp: handle invalid feature options length
http://marc.info/?l=linux-kernel&m=130469305815140&w=2
[linux-kernel] 20110506 [PATCH] dccp: handle invalid feature options length
http://marc.info/?l=linux-kernel&m=130468845209036&w=2
http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.33/ChangeLog-2.6.33.14
https://bugzilla.redhat.com/show_bug.cgi?id=703011
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.