Test Kennung:	1.3.6.1.4.1.25623.1.0.122313
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2010-2008)
Zusammenfassung:	The remote host is missing an update for the '' package(s) announced via the ELSA-2010-2008 advisory.
Beschreibung:	Summary: The remote host is missing an update for the '' package(s) announced via the ELSA-2010-2008 advisory. Vulnerability Insight: [2.6.32-100.20.1.el5] - [fs] xfs: return inode fork offset in bulkstat for fsr (Dave Chinner) - [fs] xfs: always use iget in bulkstat (Dave Chinner) {CVE-2010-2943} - [fs] xfs: validate untrusted inode numbers during lookup (Dave Chinner) {CVE-2 010-2943} - [fs] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED (Dave Chinner) {CVE-2 010-2943} - [net] net sched: fix some kernel memory leaks (Eric Dumazet) {CVE-2010-2942} - [fs] ocfs2: Don't walk off the end of fast symlinks (Joel Becker) Affected Software/OS: '' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2942 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console http://www.securityfocus.com/archive/1/520102/100/0/threaded 41512 http://secunia.com/advisories/41512 42529 http://www.securityfocus.com/bid/42529 46397 http://secunia.com/advisories/46397 ADV-2010-2430 http://www.vupen.com/english/advisories/2010/2430 ADV-2011-0298 http://www.vupen.com/english/advisories/2011/0298 RHSA-2010:0723 http://www.redhat.com/support/errata/RHSA-2010-0723.html RHSA-2010:0771 http://www.redhat.com/support/errata/RHSA-2010-0771.html RHSA-2010:0779 http://www.redhat.com/support/errata/RHSA-2010-0779.html SUSE-SA:2010:040 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html SUSE-SA:2010:041 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html SUSE-SA:2010:054 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html SUSE-SA:2010:060 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html SUSE-SA:2011:007 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html USN-1000-1 http://www.ubuntu.com/usn/USN-1000-1 [oss-security] 20100818 CVE request - kernel: net sched memleak http://www.openwall.com/lists/oss-security/2010/08/18/1 [oss-security] 20100819 Re: CVE request - kernel: net sched memleak http://www.openwall.com/lists/oss-security/2010/08/19/4 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=1c40be12f7d8ca1d387510d39787b12e512a7ce8 http://patchwork.ozlabs.org/patch/61857/ http://support.avaya.com/css/P8/documents/100113326 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc2 http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/show_bug.cgi?id=624903 Common Vulnerability Exposure (CVE) ID: CVE-2010-2943 42527 http://www.securityfocus.com/bid/42527 42758 http://secunia.com/advisories/42758 43161 http://secunia.com/advisories/43161 ADV-2011-0070 http://www.vupen.com/english/advisories/2011/0070 ADV-2011-0280 http://www.vupen.com/english/advisories/2011/0280 USN-1041-1 http://www.ubuntu.com/usn/USN-1041-1 USN-1057-1 http://www.ubuntu.com/usn/USN-1057-1 [linux-xfs] 20100620 [PATCH 0/4, V2] xfs: validate inode numbers in file handles correctly http://article.gmane.org/gmane.comp.file-systems.xfs.general/33767 [linux-xfs] 20100620 [PATCH 2/4] xfs: validate untrusted inode numbers during lookup http://article.gmane.org/gmane.comp.file-systems.xfs.general/33771 [linux-xfs] 20100620 [PATCH 3/4] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED http://article.gmane.org/gmane.comp.file-systems.xfs.general/33768 [linux-xfs] 20100620 [PATCH 4/4] xfs: remove block number from inode lookup code http://article.gmane.org/gmane.comp.file-systems.xfs.general/33769 [oss-security] 20100818 CVE request - kernel: xfs: stale data exposure http://www.openwall.com/lists/oss-security/2010/08/18/2 [oss-security] 20100819 Re: CVE request - kernel: xfs: stale data exposure http://www.openwall.com/lists/oss-security/2010/08/19/5 [xfs] 20100617 [PATCH] xfsqa: test open_by_handle() on unlinked and freed inode clusters V2 http://oss.sgi.com/archives/xfs/2010-06/msg00191.html [xfs] 20100618 Re: [PATCH] xfsqa: test open_by_handle() on unlinked and freed inode clusters V2 http://oss.sgi.com/archives/xfs/2010-06/msg00198.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1920779e67cbf5ea8afef317777c5bf2b8096188 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7124fe0a5b619d65b739477b3b55a20bf805b06d http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7b6259e7a83647948fa33a736cc832310c8d85aa http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35 https://bugzilla.redhat.com/show_bug.cgi?id=624923
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.