Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.63522
Kategorie:Mandrake Local Security Checks
Titel:Mandrake Security Advisory MDVSA-2009:071 (kernel)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing an update to kernel
announced via advisory MDVSA-2009:071.

Some vulnerabilities were discovered and corrected in the Linux
2.6 kernel:

The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux
kernel before 2.6.28.6 permits SKFP_CLR_STATS requests only when the
CAP_NET_ADMIN capability is absent, instead of when this capability
is present, which allows local users to reset the driver statistics,
related to an inverted logic issue. (CVE-2009-0675)

The sock_getsockopt function in net/core/sock.c in the Linux kernel
before 2.6.28.6 does not initialize a certain structure member, which
allows local users to obtain potentially sensitive information from
kernel memory via an SO_BSDCOMPAT getsockopt request. (CVE-2009-0676)

Additionaly, this update provides stable 1.0.18 ALSA updates/fixes,
STAC92HD71Bx/STAC92HD75Bx hda-intel support changes/fixes
(affects sound chip codecs used on several HP dv laptop series),
fixes/enhancements for HP Educ.ar machine HDA sound support, minor
alsa hda-intel code cleanup for ALC888 6stack-dell model, to stop
printing uneeded output to kernel log, and a few more things. Check
the package changelog for details.

To update your kernel, please follow the directions located at:

http://www.mandriva.com/en/security/kernelupdate

Affected: 2009.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:071

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2009-0675
Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search)
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Debian Security Information: DSA-1749 (Google Search)
http://www.debian.org/security/2009/dsa-1749
Debian Security Information: DSA-1787 (Google Search)
http://www.debian.org/security/2009/dsa-1787
Debian Security Information: DSA-1794 (Google Search)
http://www.debian.org/security/2009/dsa-1794
http://www.mandriva.com/security/advisories?name=MDVSA-2009:071
http://lists.openwall.net/netdev/2009/01/28/90
http://openwall.com/lists/oss-security/2009/02/20/2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11529
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8685
http://www.redhat.com/support/errata/RHSA-2009-0326.html
http://www.redhat.com/support/errata/RHSA-2009-0360.html
http://secunia.com/advisories/33758
http://secunia.com/advisories/33938
http://secunia.com/advisories/34394
http://secunia.com/advisories/34502
http://secunia.com/advisories/34680
http://secunia.com/advisories/34981
http://secunia.com/advisories/35011
http://secunia.com/advisories/35394
http://secunia.com/advisories/37471
SuSE Security Announcement: SUSE-SA:2009:031 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html
http://www.ubuntu.com/usn/usn-751-1
http://www.vupen.com/english/advisories/2009/3316
Common Vulnerability Exposure (CVE) ID: CVE-2009-0676
BugTraq ID: 33846
http://www.securityfocus.com/bid/33846
http://lkml.org/lkml/2009/2/12/123
http://marc.info/?l=linux-kernel&m=123540732700371&w=2
http://openwall.com/lists/oss-security/2009/02/20/1
http://www.openwall.com/lists/oss-security/2009/02/24/1
http://www.openwall.com/lists/oss-security/2009/03/02/6
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11653
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8618
RedHat Security Advisories: RHSA-2009:0459
http://rhn.redhat.com/errata/RHSA-2009-0459.html
http://secunia.com/advisories/34786
http://secunia.com/advisories/34962
http://secunia.com/advisories/35390
SuSE Security Announcement: SUSE-SA:2009:021 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00007.html
SuSE Security Announcement: SUSE-SA:2009:030 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html
XForce ISS Database: kernel-sock-information-disclosure(48847)
https://exchange.xforce.ibmcloud.com/vulnerabilities/48847
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.