Test ID:	1.3.6.1.4.1.25623.1.0.70965
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-1236-1 (linux-image-2.6.24-29-386)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to linux-image-2.6.24-29-386 announced via advisory USN-1236-1. Details: It was discovered that the Auerswald usb driver incorrectly handled lengths of the USB string descriptors. A local attacker with physical access could insert a specially crafted USB device and gain root privileges. (CVE-2009-4067) It was discovered that the Stream Control Transmission Protocol (SCTP) implementation incorrectly calculated lengths. If the net.sctp.addip_enable variable was turned on, a remote attacker could send specially crafted traffic to crash the system. (CVE-2011-1573) Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. (CVE-2011-2494) Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. (CVE-2011-2495) Dan Kaminsky discovered that the kernel incorrectly handled random sequence number generation. An attacker could use this flaw to possibly predict sequence numbers and inject packets. (CVE-2011-3188) Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 8.04 LTS: linux-image-2.6.24-29-386 2.6.24-29.95 linux-image-2.6.24-29-generic 2.6.24-29.95 linux-image-2.6.24-29-hppa32 2.6.24-29.95 linux-image-2.6.24-29-hppa64 2.6.24-29.95 linux-image-2.6.24-29-itanium 2.6.24-29.95 linux-image-2.6.24-29-lpia 2.6.24-29.95 linux-image-2.6.24-29-lpiacompat 2.6.24-29.95 linux-image-2.6.24-29-mckinley 2.6.24-29.95 linux-image-2.6.24-29-openvz 2.6.24-29.95 linux-image-2.6.24-29-powerpc 2.6.24-29.95 linux-image-2.6.24-29-powerpc-smp 2.6.24-29.95 linux-image-2.6.24-29-powerpc64-smp 2.6.24-29.95 linux-image-2.6.24-29-rt 2.6.24-29.95 linux-image-2.6.24-29-server 2.6.24-29.95 linux-image-2.6.24-29-sparc64 2.6.24-29.95 linux-image-2.6.24-29-sparc64-smp 2.6.24-29.95 linux-image-2.6.24-29-virtual 2.6.24-29.95 linux-image-2.6.24-29-xen 2.6.24-29.95 http://www.securityspace.com/smysecure/catid.html?in=USN-1236-1 CVSS Score: 5.0 CVSS Vector: AV:L/AC:L/Au:NR/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4067 http://labs.mwrinfosecurity.com/files/Advisories/mwri_linux-usb-buffer-overflow_2009-10-29.pdf https://bugzilla.redhat.com/show_bug.cgi?id=722393 Common Vulnerability Exposure (CVE) ID: CVE-2011-1573 RHSA-2011:0927 http://rhn.redhat.com/errata/RHSA-2011-0927.html [oss-security] 20110411 CVE request - kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set http://openwall.com/lists/oss-security/2011/04/11/4 [oss-security] 20110411 Re: CVE request - kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set http://openwall.com/lists/oss-security/2011/04/11/12 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8170c35e738d62e9919ce5b109cf4ed66e95bde http://mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.34 https://bugzilla.redhat.com/show_bug.cgi?id=695383 Common Vulnerability Exposure (CVE) ID: CVE-2011-2494 48898 http://secunia.com/advisories/48898 SUSE-SU-2012:0554 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html [oss-security] 20110627 Re: CVE request: kernel: taskstats/procfs io infoleak http://www.openwall.com/lists/oss-security/2011/06/27/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1a51410abe7d0ee4b1d112780f46df87d3621043 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 https://bugzilla.redhat.com/show_bug.cgi?id=716842 https://github.com/torvalds/linux/commit/1a51410abe7d0ee4b1d112780f46df87d3621043 Common Vulnerability Exposure (CVE) ID: CVE-2011-2495 RHSA-2011:1212 http://rhn.redhat.com/errata/RHSA-2011-1212.html http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1d1221f375c94ef961ba8574ac4f85c8870ddd51 https://bugzilla.redhat.com/show_bug.cgi?id=716825 https://github.com/torvalds/linux/commit/1d1221f375c94ef961ba8574ac4f85c8870ddd51 Common Vulnerability Exposure (CVE) ID: CVE-2011-3188 HPSBGN02970 http://marc.info/?l=bugtraq&m=139447903326211&w=2 [oss-security] 20110823 Re: CVE request: kernel: change in how tcp seq numbers are generated http://www.openwall.com/lists/oss-security/2011/08/23/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc0b96b54a21246e377122d54569eef71cec535f https://bugzilla.redhat.com/show_bug.cgi?id=732658 https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f https://support.f5.com/csp/article/K15301?utm_source=f5support&amp%3Butm_medium=RSS
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.