Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.840802
Category:Ubuntu Local Security Checks
Title:Ubuntu Update for linux-lts-backport-natty USN-1256-1
Summary:Ubuntu Update for Linux kernel vulnerabilities USN-1256-1
Description:Summary:
Ubuntu Update for Linux kernel vulnerabilities USN-1256-1

Vulnerability Insight:
It was discovered that the /proc filesystem did not correctly handle
permission changes when programs executed. A local attacker could hold open
files to examine details about programs running with higher privileges,
potentially increasing the chances of exploiting additional
vulnerabilities. (CVE-2011-1020)

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear
memory. A local attacker could exploit this to read kernel stack memory,
leading to a loss of privacy. (CVE-2011-1078)

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly check
that device name strings were NULL terminated. A local attacker could
exploit this to crash the system, leading to a denial of service, or leak
contents of kernel stack memory, leading to a loss of privacy.
(CVE-2011-1079)

Vasiliy Kulikov discovered that bridge network filtering did not check that
name fields were NULL terminated. A local attacker could exploit this to
leak contents of kernel stack memory, leading to a loss of privacy.
(CVE-2011-1080)

Johan Hovold discovered that the DCCP network stack did not correctly
handle certain packet combinations. A remote attacker could send specially
crafted network traffic that would crash the system, leading to a denial of
service. (CVE-2011-1093)

Peter Huewe discovered that the TPM device did not correctly initialize
memory. A local attacker could exploit this to read kernel heap memory
contents, leading to a loss of privacy. (CVE-2011-1160)

Dan Rosenberg discovered that the IRDA subsystem did not correctly check
certain field sizes. If a system was using IRDA, a remote attacker could
send specially crafted traffic to crash the system or gain root privileges.
(CVE-2011-1180)

Ryan Sweat discovered that the GRO code did not correctly validate memory.
In some configurations on systems using VLANs, a remote attacker could send
specially crafted traffic to crash the system, leading to a denial of
service. (CVE-2011-1478)

It was discovered that the security fix for CVE-2010-4250 introduced a
regression. A remote attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2011-1479)

Dan Rosenberg discovered that the X.25 Rose network stack did not correctly
handle certain fields. If a system was running with Rose enabled, a remote
attacker could send specially crafted traffic to gain root privileges.
(CVE-2011-1493)

It was discovered that the Stream Control Transmission Protocol (SCTP)
implementation incorrectly calculated length ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
linux-lts-backport-natty on Ubuntu 10.04 LTS

Solution:
Please Install the Updated Packages.

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-1020
BugTraq ID: 46567
http://www.securityfocus.com/bid/46567
http://seclists.org/fulldisclosure/2011/Jan/421
http://www.halfdog.net/Security/2011/SuidBinariesAndProcInterface/
https://lkml.org/lkml/2011/2/7/414
https://lkml.org/lkml/2011/2/7/474
https://lkml.org/lkml/2011/2/7/368
https://lkml.org/lkml/2011/2/7/404
https://lkml.org/lkml/2011/2/7/466
https://lkml.org/lkml/2011/2/10/21
https://lkml.org/lkml/2011/2/9/417
http://openwall.com/lists/oss-security/2011/02/24/18
http://openwall.com/lists/oss-security/2011/02/25/2
http://secunia.com/advisories/43496
http://securityreason.com/securityalert/8107
XForce ISS Database: kernel-procpid-security-bypass(65693)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65693
Common Vulnerability Exposure (CVE) ID: CVE-2011-1078
http://www.openwall.com/lists/oss-security/2011/03/01/10
RedHat Security Advisories: RHSA-2011:0833
http://rhn.redhat.com/errata/RHSA-2011-0833.html
RedHat Security Advisories: RHSA-2012:1156
http://rhn.redhat.com/errata/RHSA-2012-1156.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-1079
http://packetstormsecurity.com/files/153799/Kernel-Live-Patch-Security-Notice-LSN-0053-1.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-1080
Common Vulnerability Exposure (CVE) ID: CVE-2011-1093
BugTraq ID: 46793
http://www.securityfocus.com/bid/46793
http://openwall.com/lists/oss-security/2011/03/08/4
http://openwall.com/lists/oss-security/2011/03/08/19
Common Vulnerability Exposure (CVE) ID: CVE-2011-1160
http://www.openwall.com/lists/oss-security/2011/03/15/13
Common Vulnerability Exposure (CVE) ID: CVE-2011-1180
http://www.openwall.com/lists/oss-security/2011/03/22/11
Common Vulnerability Exposure (CVE) ID: CVE-2011-1478
Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://openwall.com/lists/oss-security/2011/03/28/1
http://secunia.com/advisories/46397
http://securityreason.com/securityalert/8480
Common Vulnerability Exposure (CVE) ID: CVE-2010-4250
http://www.openwall.com/lists/oss-security/2010/11/24/11
Common Vulnerability Exposure (CVE) ID: CVE-2011-1479
http://www.openwall.com/lists/oss-security/2011/04/11/1
Common Vulnerability Exposure (CVE) ID: CVE-2011-1493
http://www.openwall.com/lists/oss-security/2011/04/05/19
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-1573
http://openwall.com/lists/oss-security/2011/04/11/4
http://openwall.com/lists/oss-security/2011/04/11/12
RedHat Security Advisories: RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-1576
BugTraq ID: 48907
http://www.securityfocus.com/bid/48907
http://www.redhat.com/support/errata/RHSA-2011-1090.html
http://www.redhat.com/support/errata/RHSA-2011-1106.html
http://www.securitytracker.com/id?1025853
Common Vulnerability Exposure (CVE) ID: CVE-2011-1577
BugTraq ID: 47343
http://www.securityfocus.com/bid/47343
Bugtraq: 20110413 [PRE-SA-2011-03] Denial-of-service vulnerability in EFI partition handling code of the Linux kernel (Google Search)
http://www.securityfocus.com/archive/1/517477/100/0/threaded
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html
http://www.spinics.net/lists/mm-commits/msg83274.html
http://openwall.com/lists/oss-security/2011/04/12/17
http://openwall.com/lists/oss-security/2011/04/13/1
http://securitytracker.com/id?1025355
http://securityreason.com/securityalert/8238
XForce ISS Database: kernel-guid-dos(66773)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66773
Common Vulnerability Exposure (CVE) ID: CVE-2011-1581
http://openwall.com/lists/oss-security/2011/04/13/4
http://openwall.com/lists/oss-security/2011/04/13/16
http://securitytracker.com/id?1025558
Common Vulnerability Exposure (CVE) ID: CVE-2011-1585
http://www.openwall.com/lists/oss-security/2011/04/15/8
Common Vulnerability Exposure (CVE) ID: CVE-2011-1767
http://www.openwall.com/lists/oss-security/2011/05/05/6
Common Vulnerability Exposure (CVE) ID: CVE-2011-1768
Common Vulnerability Exposure (CVE) ID: CVE-2011-1771
http://marc.info/?l=linux-cifs&m=130204730006155&w=2
http://marc.info/?l=linux-cifs&m=130204357001849&w=2
http://www.openwall.com/lists/oss-security/2011/05/09/2
http://securityreason.com/securityalert/8367
Common Vulnerability Exposure (CVE) ID: CVE-2011-1776
BugTraq ID: 47796
http://www.securityfocus.com/bid/47796
http://www.pre-cert.de/advisories/PRE-SA-2011-04.txt
http://openwall.com/lists/oss-security/2011/05/10/4
http://securityreason.com/securityalert/8369
Common Vulnerability Exposure (CVE) ID: CVE-2011-1833
SuSE Security Announcement: SUSE-SU-2011:0898 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html
http://www.ubuntu.com/usn/USN-1188-1
Common Vulnerability Exposure (CVE) ID: CVE-2011-2183
http://www.openwall.com/lists/oss-security/2011/06/06/1
Common Vulnerability Exposure (CVE) ID: CVE-2011-2213
HPdes Security Advisory: HPSBGN02970
http://marc.info/?l=bugtraq&m=139447903326211&w=2
http://article.gmane.org/gmane.linux.network/197208
http://article.gmane.org/gmane.linux.network/197206
http://article.gmane.org/gmane.linux.network/197386
http://article.gmane.org/gmane.linux.network/198809
http://www.openwall.com/lists/oss-security/2011/06/20/1
http://www.openwall.com/lists/oss-security/2011/06/20/13
http://www.openwall.com/lists/oss-security/2011/06/20/16
Common Vulnerability Exposure (CVE) ID: CVE-2011-2479
http://www.openwall.com/lists/oss-security/2011/06/20/14
Common Vulnerability Exposure (CVE) ID: CVE-2011-2484
BugTraq ID: 48383
http://www.securityfocus.com/bid/48383
https://bugzilla.redhat.com/show_bug.cgi?id=715436
http://lists.openwall.net/linux-kernel/2011/06/16/605
http://openwall.com/lists/oss-security/2011/06/22/1
http://openwall.com/lists/oss-security/2011/06/22/2
XForce ISS Database: kernel-taskstats-dos(68150)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68150
Common Vulnerability Exposure (CVE) ID: CVE-2011-2491
http://www.openwall.com/lists/oss-security/2011/06/23/6
RedHat Security Advisories: RHSA-2011:1212
http://rhn.redhat.com/errata/RHSA-2011-1212.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-2492
http://permalink.gmane.org/gmane.linux.bluez.kernel/12909
http://www.openwall.com/lists/oss-security/2011/06/24/2
http://www.openwall.com/lists/oss-security/2011/06/24/3
http://securitytracker.com/id?1025778
Common Vulnerability Exposure (CVE) ID: CVE-2011-2493
http://www.openwall.com/lists/oss-security/2011/06/24/4
Common Vulnerability Exposure (CVE) ID: CVE-2011-2494
http://www.openwall.com/lists/oss-security/2011/06/27/1
http://secunia.com/advisories/48898
SuSE Security Announcement: SUSE-SU-2012:0554 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-2495
Common Vulnerability Exposure (CVE) ID: CVE-2011-2496
http://www.openwall.com/lists/oss-security/2011/06/27/2
Common Vulnerability Exposure (CVE) ID: CVE-2011-2497
BugTraq ID: 48472
http://www.securityfocus.com/bid/48472
http://marc.info/?l=linux-kernel&m=130891911909436&w=2
http://www.openwall.com/lists/oss-security/2011/06/24/9
http://www.openwall.com/lists/oss-security/2011/06/27/3
http://www.osvdb.org/74679
http://securityreason.com/securityalert/8359
Common Vulnerability Exposure (CVE) ID: CVE-2011-2517
http://www.openwall.com/lists/oss-security/2011/07/01/4
Common Vulnerability Exposure (CVE) ID: CVE-2011-2525
http://kerneltrap.org/mailarchive/linux-netdev/2010/5/21/6277805
http://openwall.com/lists/oss-security/2011/07/12/1
RedHat Security Advisories: RHSA-2011:1065
http://rhn.redhat.com/errata/RHSA-2011-1065.html
RedHat Security Advisories: RHSA-2011:1163
http://rhn.redhat.com/errata/RHSA-2011-1163.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-2689
BugTraq ID: 48677
http://www.securityfocus.com/bid/48677
http://www.openwall.com/lists/oss-security/2011/07/13/1
http://securitytracker.com/id?1025776
http://secunia.com/advisories/45193
XForce ISS Database: linux-kernel-gfs2-dos(68557)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68557
Common Vulnerability Exposure (CVE) ID: CVE-2011-2695
http://www.spinics.net/lists/linux-ext4/msg25697.html
http://www.openwall.com/lists/oss-security/2011/07/15/7
http://www.openwall.com/lists/oss-security/2011/07/15/8
Common Vulnerability Exposure (CVE) ID: CVE-2011-2699
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.openwall.com/lists/oss-security/2011/07/20/5
http://www.securitytracker.com/id?1027274
Common Vulnerability Exposure (CVE) ID: CVE-2011-2700
BugTraq ID: 48804
http://www.securityfocus.com/bid/48804
http://xorl.wordpress.com/2011/07/24/cve-2011-2700-linux-kernel-si4713-i2c-buffer-overflow/
http://openwall.com/lists/oss-security/2011/07/20/4
http://openwall.com/lists/oss-security/2011/07/20/6
Common Vulnerability Exposure (CVE) ID: CVE-2011-2723
BugTraq ID: 48929
http://www.securityfocus.com/bid/48929
http://openwall.com/lists/oss-security/2011/07/28/13
http://openwall.com/lists/oss-security/2011/07/29/1
http://www.redhat.com/support/errata/RHSA-2011-1321.html
http://securitytracker.com/id?1025876
Common Vulnerability Exposure (CVE) ID: CVE-2011-2905
http://www.openwall.com/lists/oss-security/2011/08/09/6
Common Vulnerability Exposure (CVE) ID: CVE-2011-2909
http://www.openwall.com/lists/oss-security/2011/08/12/1
Common Vulnerability Exposure (CVE) ID: CVE-2011-2918
http://www.openwall.com/lists/oss-security/2011/08/16/1
Common Vulnerability Exposure (CVE) ID: CVE-2011-2928
BugTraq ID: 49256
http://www.securityfocus.com/bid/49256
Bugtraq: 20110819 [PRE-SA-2011-06] Linux kernel: ZERO_SIZE_PTR dereference for long symlinks in Be FS (Google Search)
http://www.securityfocus.com/archive/1/519387/100/0/threaded
http://www.pre-cert.de/advisories/PRE-SA-2011-06.txt
http://www.openwall.com/lists/oss-security/2011/08/19/1
http://www.openwall.com/lists/oss-security/2011/08/19/5
http://securityreason.com/securityalert/8360
XForce ISS Database: linux-kernel-be-dos(69343)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69343
Common Vulnerability Exposure (CVE) ID: CVE-2011-2942
http://www.openwall.com/lists/oss-security/2011/10/24/3
Common Vulnerability Exposure (CVE) ID: CVE-2011-3188
http://www.openwall.com/lists/oss-security/2011/08/23/2
Common Vulnerability Exposure (CVE) ID: CVE-2011-3191
http://www.openwall.com/lists/oss-security/2011/08/24/2
Common Vulnerability Exposure (CVE) ID: CVE-2011-3209
Common Vulnerability Exposure (CVE) ID: CVE-2011-3363
http://www.openwall.com/lists/oss-security/2011/09/14/12
CopyrightCopyright (C) 2011 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.