English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.70911
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-1189-1 (linux-image-2.6.24-29-386)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to linux-image-2.6.24-29-386
announced via advisory USN-1189-1.

Details:

It was discovered that the /proc filesystem did not correctly handle
permission changes when programs executed. A local attacker could hold open
files to examine details about programs running with higher privileges,
potentially increasing the chances of exploiting additional
vulnerabilities. (CVE-2011-1020)

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear
memory. A local attacker could exploit this to read kernel stack memory,
leading to a loss of privacy. (CVE-2011-1078)

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly check
that device name strings were NULL terminated. A local attacker could
exploit this to crash the system, leading to a denial of service, or leak
contents of kernel stack memory, leading to a loss of privacy.
(CVE-2011-1079)

Vasiliy Kulikov discovered that bridge network filtering did not check that
name fields were NULL terminated. A local attacker could exploit this to
leak contents of kernel stack memory, leading to a loss of privacy.
(CVE-2011-1080)

Johan Hovold discovered that the DCCP network stack did not correctly
handle certain packet combinations. A remote attacker could send specially
crafted network traffic that would crash the system, leading to a denial of
service. (CVE-2011-1093)

Peter Huewe discovered that the TPM device did not correctly initialize
memory. A local attacker could exploit this to read kernel heap memory
contents, leading to a loss of privacy. (CVE-2011-1160)

Dan Rosenberg discovered that the IRDA subsystem did not correctly check
certain field sizes. If a system was using IRDA, a remote attacker could
send specially crafted traffic to crash the system or gain root privileges.
(CVE-2011-1180)

Dan Rosenberg discovered that the X.25 Rose network stack did not correctly
handle certain fields. If a system was running with Rose enabled, a remote
attacker could send specially crafted traffic to gain root privileges.
(CVE-2011-1493)

It was discovered that Bluetooth l2cap and rfcomm did not correctly
initialize structures. A local attacker could exploit this to read portions
of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)

Solution:
The problem can be corrected by updating your system to the following
package versions:

Ubuntu 8.04 LTS:
linux-image-2.6.24-29-386 2.6.24-29.93
linux-image-2.6.24-29-generic 2.6.24-29.93
linux-image-2.6.24-29-hppa32 2.6.24-29.93
linux-image-2.6.24-29-hppa64 2.6.24-29.93
linux-image-2.6.24-29-itanium 2.6.24-29.93
linux-image-2.6.24-29-lpia 2.6.24-29.93
linux-image-2.6.24-29-lpiacompat 2.6.24-29.93
linux-image-2.6.24-29-mckinley 2.6.24-29.93
linux-image-2.6.24-29-openvz 2.6.24-29.93
linux-image-2.6.24-29-powerpc 2.6.24-29.93
linux-image-2.6.24-29-powerpc-smp 2.6.24-29.93
linux-image-2.6.24-29-powerpc64-smp 2.6.24-29.93
linux-image-2.6.24-29-rt 2.6.24-29.93
linux-image-2.6.24-29-server 2.6.24-29.93
linux-image-2.6.24-29-sparc64 2.6.24-29.93
linux-image-2.6.24-29-sparc64-smp 2.6.24-29.93
linux-image-2.6.24-29-virtual 2.6.24-29.93
linux-image-2.6.24-29-xen 2.6.24-29.93

http://www.securityspace.com/smysecure/catid.html?in=USN-1189-1

CVSS Score:
7.8

CVSS Vector:
AV:L/AC:L/Au:NR/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-1020
20110122 Proc filesystem and SUID-Binaries
http://seclists.org/fulldisclosure/2011/Jan/421
43496
http://secunia.com/advisories/43496
46567
http://www.securityfocus.com/bid/46567
8107
http://securityreason.com/securityalert/8107
[linux-kernel] 20110207 Re: [SECURITY] /proc/$pid/ leaks contents across setuid exec
https://lkml.org/lkml/2011/2/7/414
https://lkml.org/lkml/2011/2/7/474
[linux-kernel] 20110207 [SECURITY] /proc/$pid/ leaks contents across setuid exec
https://lkml.org/lkml/2011/2/7/368
[linux-kernel] 20110208 Re: [SECURITY] /proc/$pid/ leaks contents across setuid exec
https://lkml.org/lkml/2011/2/7/404
https://lkml.org/lkml/2011/2/7/466
[linux-kernel] 20110209 Re: [SECURITY] /proc/$pid/ leaks contents across setuid exec
https://lkml.org/lkml/2011/2/10/21
https://lkml.org/lkml/2011/2/9/417
[oss-security] 20110224 CVE request: kernel: /proc/$pid/ leaks contents across setuid exec
http://openwall.com/lists/oss-security/2011/02/24/18
[oss-security] 20110225 Re: CVE request: kernel: /proc/$pid/ leaks contents across setuid exec
http://openwall.com/lists/oss-security/2011/02/25/2
http://www.halfdog.net/Security/2011/SuidBinariesAndProcInterface/
kernel-procpid-security-bypass(65693)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65693
Common Vulnerability Exposure (CVE) ID: CVE-2011-1078
RHSA-2011:0833
http://rhn.redhat.com/errata/RHSA-2011-0833.html
RHSA-2012:1156
http://rhn.redhat.com/errata/RHSA-2012-1156.html
[oss-security] 20110301 Re: CVE request: kernel: two bluetooth and one ebtables infoleaks/DoSes
http://www.openwall.com/lists/oss-security/2011/03/01/10
http://downloads.avaya.com/css/P8/documents/100145416
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c4c896e1471aec3b004a693c689f60be3b17ac86
https://bugzilla.redhat.com/show_bug.cgi?id=681259
https://github.com/torvalds/linux/commit/c4c896e1471aec3b004a693c689f60be3b17ac86
Common Vulnerability Exposure (CVE) ID: CVE-2011-1079
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=43629f8f5ea32a998d06d1bb41eefa0e821ff573
http://packetstormsecurity.com/files/153799/Kernel-Live-Patch-Security-Notice-LSN-0053-1.html
https://bugzilla.redhat.com/show_bug.cgi?id=681260
https://github.com/torvalds/linux/commit/43629f8f5ea32a998d06d1bb41eefa0e821ff573
Common Vulnerability Exposure (CVE) ID: CVE-2011-1080
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d846f71195d57b0bbb143382647c2c6638b04c5a
https://bugzilla.redhat.com/show_bug.cgi?id=681262
https://github.com/torvalds/linux/commit/d846f71195d57b0bbb143382647c2c6638b04c5a
Common Vulnerability Exposure (CVE) ID: CVE-2011-1093
46793
http://www.securityfocus.com/bid/46793
[oss-security] 20110308 CVE request: kernel: dccp: fix oops on Reset after close
http://openwall.com/lists/oss-security/2011/03/08/4
[oss-security] 20110308 Re: CVE request: kernel: dccp: fix oops on Reset after close
http://openwall.com/lists/oss-security/2011/03/08/19
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=720dc34bbbe9493c7bd48b2243058b4e447a929d
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38
https://bugzilla.redhat.com/show_bug.cgi?id=682954
Common Vulnerability Exposure (CVE) ID: CVE-2011-1160
[oss-security] 20110315 Re: CVE requests - kernel: tpm infoleaks
http://www.openwall.com/lists/oss-security/2011/03/15/13
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1309d7afbed112f0e8e90be9af975550caa0076b
https://bugzilla.redhat.com/show_bug.cgi?id=684671
https://github.com/torvalds/linux/commit/1309d7afbed112f0e8e90be9af975550caa0076b
Common Vulnerability Exposure (CVE) ID: CVE-2011-1180
http://www.openwall.com/lists/oss-security/2011/03/22/11
Common Vulnerability Exposure (CVE) ID: CVE-2011-1493
SUSE-SU-2015:0812
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
[oss-security] 20110405 Re: CVE request: kernel: multiple issues in ROSE
http://www.openwall.com/lists/oss-security/2011/04/05/19
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=be20250c13f88375345ad99950190685eda51eb8
https://bugzilla.redhat.com/show_bug.cgi?id=770777
https://github.com/torvalds/linux/commit/be20250c13f88375345ad99950190685eda51eb8
Common Vulnerability Exposure (CVE) ID: CVE-2011-2492
1025778
http://securitytracker.com/id?1025778
HPSBGN02970
http://marc.info/?l=bugtraq&m=139447903326211&w=2
RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
[linux-bluetooth] 20110508 Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
http://permalink.gmane.org/gmane.linux.bluez.kernel/12909
[oss-security] 20110624 CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace
http://www.openwall.com/lists/oss-security/2011/06/24/2
[oss-security] 20110624 Re: CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace
http://www.openwall.com/lists/oss-security/2011/06/24/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d03e971cf403305217b8e62db3a2e5ad2d6263f
http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc4
https://bugzilla.redhat.com/show_bug.cgi?id=703019
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.