English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.70926
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-1203-1 (linux-image-2.6.32-218-dove)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to linux-image-2.6.32-218-dove
announced via advisory USN-1203-1.

Details:

Dan Rosenberg discovered that multiple terminal ioctls did not correctly
initialize structure memory. A local attacker could exploit this to read
portions of kernel stack memory, leading to a loss of privacy.
(CVE-2010-4076, CVE-2010-4077)

Alex Shi and Eric Dumazet discovered that the network stack did not
correctly handle packet backlogs. A remote attacker could exploit this by
sending a large amount of network traffic to cause the system to run out of
memory, leading to a denial of service. (CVE-2010-4251, CVE-2010-4805)

It was discovered that the /proc filesystem did not correctly handle
permission changes when programs executed. A local attacker could hold open
files to examine details about programs running with higher privileges,
potentially increasing the chances of exploiting additional
vulnerabilities. (CVE-2011-1020)

Dan Rosenberg discovered that the X.25 Rose network stack did not correctly
handle certain fields. If a system was running with Rose enabled, a remote
attacker could send specially crafted traffic to gain root privileges.
(CVE-2011-1493)

Timo Warns discovered that the GUID partition parsing routines did not
correctly validate certain structures. A local attacker with physical
access could plug in a specially crafted block device to crash the system,
leading to a denial of service. (CVE-2011-1577)

Dan Rosenberg discovered that the IPv4 diagnostic routines did not
correctly validate certain requests. A local attacker could exploit this to
consume CPU resources, leading to a denial of service. (CVE-2011-2213)

Vasiliy Kulikov discovered that taskstats listeners were not correctly
handled. A local attacker could expoit this to exhaust memory and CPU
resources, leading to a denial of service. (CVE-2011-2484)

It was discovered that Bluetooth l2cap and rfcomm did not correctly
initialize structures. A local attacker could exploit this to read portions
of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)

Mauro Carvalho Chehab discovered that the si4713 radio driver did not
correctly check the length of memory copies. If this hardware was
available, a local attacker could exploit this to crash the system or gain
root privileges. (CVE-2011-2700)

Herbert Xu discovered that certain fields were incorrectly handled when
Generic Receive Offload (GRO) is enabled. If a system was running with GRO
enabled, a remote attacker could send specially crafted traffic to crash
the system, leading to a denial of service. (CVE-2011-2723)

The performance counter subsystem did not correctly handle certain
counters. A local attacker could exploit this to crash the system, leading
to a denial of service. (CVE-2011-2918)

Solution:
The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.32-218-dove 2.6.32-218.36

http://www.securityspace.com/smysecure/catid.html?in=USN-1203-1

CVSS Score:
6.1

CVSS Vector:
AV:L/AC:L/Au:NR/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-4076
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d281da7ff6f70efca0553c288bb883e8605b3862
http://lkml.org/lkml/2010/9/15/389
http://www.openwall.com/lists/oss-security/2010/09/25/2
http://www.openwall.com/lists/oss-security/2010/10/06/6
http://www.openwall.com/lists/oss-security/2010/10/07/1
http://www.openwall.com/lists/oss-security/2010/10/25/3
Common Vulnerability Exposure (CVE) ID: CVE-2010-4077
BugTraq ID: 45059
http://www.securityfocus.com/bid/45059
http://lkml.indiana.edu/hypermail//linux/kernel/1009.1/03387.html
http://www.redhat.com/support/errata/RHSA-2010-0958.html
http://www.redhat.com/support/errata/RHSA-2011-0007.html
http://secunia.com/advisories/42890
http://securityreason.com/securityalert/8129
Common Vulnerability Exposure (CVE) ID: CVE-2010-4251
20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
http://www.securityfocus.com/archive/1/520102/100/0/threaded
46397
http://secunia.com/advisories/46397
46637
http://www.securityfocus.com/bid/46637
[netdev] 20100302 [PATCH 1/8] net: add limit for socket backlog
http://kerneltrap.org/mailarchive/linux-netdev/2010/3/3/6271093/thread
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8eae939f1400326b06d0c9afe53d2a484a326871
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
https://bugzilla.redhat.com/show_bug.cgi?id=657303
Common Vulnerability Exposure (CVE) ID: CVE-2010-4805
BugTraq ID: 46637
Common Vulnerability Exposure (CVE) ID: CVE-2011-1020
20110122 Proc filesystem and SUID-Binaries
http://seclists.org/fulldisclosure/2011/Jan/421
43496
http://secunia.com/advisories/43496
46567
http://www.securityfocus.com/bid/46567
8107
http://securityreason.com/securityalert/8107
[linux-kernel] 20110207 Re: [SECURITY] /proc/$pid/ leaks contents across setuid exec
https://lkml.org/lkml/2011/2/7/414
https://lkml.org/lkml/2011/2/7/474
[linux-kernel] 20110207 [SECURITY] /proc/$pid/ leaks contents across setuid exec
https://lkml.org/lkml/2011/2/7/368
[linux-kernel] 20110208 Re: [SECURITY] /proc/$pid/ leaks contents across setuid exec
https://lkml.org/lkml/2011/2/7/404
https://lkml.org/lkml/2011/2/7/466
[linux-kernel] 20110209 Re: [SECURITY] /proc/$pid/ leaks contents across setuid exec
https://lkml.org/lkml/2011/2/10/21
https://lkml.org/lkml/2011/2/9/417
[oss-security] 20110224 CVE request: kernel: /proc/$pid/ leaks contents across setuid exec
http://openwall.com/lists/oss-security/2011/02/24/18
[oss-security] 20110225 Re: CVE request: kernel: /proc/$pid/ leaks contents across setuid exec
http://openwall.com/lists/oss-security/2011/02/25/2
http://www.halfdog.net/Security/2011/SuidBinariesAndProcInterface/
kernel-procpid-security-bypass(65693)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65693
Common Vulnerability Exposure (CVE) ID: CVE-2011-1493
SUSE-SU-2015:0812
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
[oss-security] 20110405 Re: CVE request: kernel: multiple issues in ROSE
http://www.openwall.com/lists/oss-security/2011/04/05/19
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=be20250c13f88375345ad99950190685eda51eb8
https://bugzilla.redhat.com/show_bug.cgi?id=770777
https://github.com/torvalds/linux/commit/be20250c13f88375345ad99950190685eda51eb8
Common Vulnerability Exposure (CVE) ID: CVE-2011-1577
1025355
http://securitytracker.com/id?1025355
20110413 [PRE-SA-2011-03] Denial-of-service vulnerability in EFI partition handling code of the Linux kernel
http://www.securityfocus.com/archive/1/517477/100/0/threaded
47343
http://www.securityfocus.com/bid/47343
8238
http://securityreason.com/securityalert/8238
FEDORA-2011-7823
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html
RHSA-2011:0833
http://rhn.redhat.com/errata/RHSA-2011-0833.html
[mm-commits] 20110412 + fs-partitions-efic-corrupted-guid-partition-tables-can-cause-kernel-oops.patch added to -mm tree
http://www.spinics.net/lists/mm-commits/msg83274.html
[oss-security] 20110412 CVE Request: kernel: fs/partitions: Corrupted GUID partition tables can cause kernel oops
http://openwall.com/lists/oss-security/2011/04/12/17
[oss-security] 20110413 Re: CVE Request: kernel: fs/partitions: Corrupted GUID partition tables can cause kernel oops
http://openwall.com/lists/oss-security/2011/04/13/1
http://downloads.avaya.com/css/P8/documents/100145416
https://bugzilla.redhat.com/show_bug.cgi?id=695976
kernel-guid-dos(66773)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66773
Common Vulnerability Exposure (CVE) ID: CVE-2011-2213
HPSBGN02970
http://marc.info/?l=bugtraq&m=139447903326211&w=2
RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
[netdev] 20110601 Re: inet_diag insufficient validation?
http://article.gmane.org/gmane.linux.network/197208
[netdev] 20110601 inet_diag insufficient validation?
http://article.gmane.org/gmane.linux.network/197206
[netdev] 20110603 Re: inet_diag insufficient validation?
http://article.gmane.org/gmane.linux.network/197386
[netdev] 20110617 [PATCH] inet_diag: fix inet_diag_bc_audit()
http://article.gmane.org/gmane.linux.network/198809
[oss-security] 20110620 CVE request: kernel: inet_diag: fix inet_diag_bc_audit()
http://www.openwall.com/lists/oss-security/2011/06/20/1
[oss-security] 20110620 Re: CVE request: kernel: inet_diag: fix inet_diag_bc_audit()
http://www.openwall.com/lists/oss-security/2011/06/20/13
http://www.openwall.com/lists/oss-security/2011/06/20/16
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=eeb1497277d6b1a0a34ed36b97e18f2bd7d6de0d
http://patchwork.ozlabs.org/patch/100857/
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3
https://bugzilla.redhat.com/show_bug.cgi?id=714536
Common Vulnerability Exposure (CVE) ID: CVE-2011-2484
48383
http://www.securityfocus.com/bid/48383
[linux-kernel] 20110616 [PATCH] taskstats: don't allow duplicate entries in listener mode
http://lists.openwall.net/linux-kernel/2011/06/16/605
[oss-security] 20110622 CVE request: kernel: taskstats local DoS
http://openwall.com/lists/oss-security/2011/06/22/1
[oss-security] 20110622 Re: CVE request: kernel: taskstats local DoS
http://openwall.com/lists/oss-security/2011/06/22/2
https://bugzilla.redhat.com/show_bug.cgi?id=715436
kernel-taskstats-dos(68150)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68150
Common Vulnerability Exposure (CVE) ID: CVE-2011-2492
1025778
http://securitytracker.com/id?1025778
[linux-bluetooth] 20110508 Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
http://permalink.gmane.org/gmane.linux.bluez.kernel/12909
[oss-security] 20110624 CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace
http://www.openwall.com/lists/oss-security/2011/06/24/2
[oss-security] 20110624 Re: CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace
http://www.openwall.com/lists/oss-security/2011/06/24/3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d03e971cf403305217b8e62db3a2e5ad2d6263f
http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc4
https://bugzilla.redhat.com/show_bug.cgi?id=703019
Common Vulnerability Exposure (CVE) ID: CVE-2011-2700
48804
http://www.securityfocus.com/bid/48804
[oss-security] 20110720 CVE request: kernel: si4713-i2c: avoid potential buffer overflow on si4713
http://openwall.com/lists/oss-security/2011/07/20/4
[oss-security] 20110720 Re: CVE request: kernel: si4713-i2c: avoid potential buffer overflow on si4713
http://openwall.com/lists/oss-security/2011/07/20/6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dc6b845044ccb7e9e6f3b7e71bd179b3cf0223b6
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4
http://xorl.wordpress.com/2011/07/24/cve-2011-2700-linux-kernel-si4713-i2c-buffer-overflow/
Common Vulnerability Exposure (CVE) ID: CVE-2011-2723
1025876
http://securitytracker.com/id?1025876
48929
http://www.securityfocus.com/bid/48929
RHSA-2011:1321
http://www.redhat.com/support/errata/RHSA-2011-1321.html
[oss-security] 20110728 CVE request: kernel: gro: Only reset frag0 when skb can be pulled
http://openwall.com/lists/oss-security/2011/07/28/13
[oss-security] 20110729 Re: CVE request: kernel: gro: Only reset frag0 when skb can be pulled
http://openwall.com/lists/oss-security/2011/07/29/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=17dd759c67f21e34f2156abcf415e1f60605a188
https://bugzilla.redhat.com/show_bug.cgi?id=726552
Common Vulnerability Exposure (CVE) ID: CVE-2011-2918
[oss-security] 20110816 Re: CVE request -- kernel: perf: fix software event overflow
http://www.openwall.com/lists/oss-security/2011/08/16/1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8b0ca17b80e92faab46ee7179ba9e99ccb61233
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1
https://bugzilla.redhat.com/show_bug.cgi?id=730706
https://github.com/torvalds/linux/commit/a8b0ca17b80e92faab46ee7179ba9e99ccb61233
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.