Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.870709 |
Kategorie: | Red Hat Local Security Checks |
Titel: | RedHat Update for kernel RHSA-2011:0836-01 |
Zusammenfassung: | The remote host is missing an update for the 'kernel'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'kernel' package(s) announced via the referenced advisory. Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * An integer underflow flaw, leading to a buffer overflow, was found in the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation. This could allow a remote attacker to cause a denial of service. (CVE-2011-1770, Important) * Missing sanity checks were found in setup_arg_pages() in the Linux kernel. When making the size of the argument and environment area on the stack very large, it could trigger a BUG_ON(), resulting in a local denial of service. (CVE-2010-3858, Moderate) * A missing validation check was found in the bcm_release() and raw_release() functions in the Linux kernel's Controller Area Network (CAN) implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2011-1598, CVE-2011-1748, Moderate) * The fix for Red Hat Bugzilla bug 656461, as provided in RHSA-2011:0542, introduced a regression in the cifs_close() function in the Linux kernel's Common Internet File System (CIFS) implementation. A local, unprivileged user with write access to a CIFS file system could use this flaw to cause a denial of service. (CVE-2011-1771, Moderate) Red Hat would like to thank Dan Rosenberg for reporting CVE-2011-1770, Brad Spengler for reporting CVE-2010-3858, and Oliver Hartkopp for reporting CVE-2011-1748. This update also fixes various bugs. Documentation for these bug fixes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to resolve these issues, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect. Affected Software/OS: kernel on Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6) Solution: Please Install the Updated Packages. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-3858 BugTraq ID: 44301 http://www.securityfocus.com/bid/44301 Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search) http://www.securityfocus.com/archive/1/520102/100/0/threaded Debian Security Information: DSA-2126 (Google Search) http://www.debian.org/security/2010/dsa-2126 http://www.exploit-db.com/exploits/15619 http://www.mandriva.com/security/advisories?name=MDVSA-2010:257 http://grsecurity.net/~spender/64bit_dos.c http://www.openwall.com/lists/oss-security/2010/10/21/1 http://www.openwall.com/lists/oss-security/2010/10/22/4 http://www.redhat.com/support/errata/RHSA-2010-0958.html http://www.redhat.com/support/errata/RHSA-2011-0004.html http://secunia.com/advisories/42758 http://secunia.com/advisories/42789 http://secunia.com/advisories/46397 http://www.ubuntu.com/usn/USN-1041-1 http://www.vupen.com/english/advisories/2011/0024 http://www.vupen.com/english/advisories/2011/0070 Common Vulnerability Exposure (CVE) ID: CVE-2011-1598 BugTraq ID: 47503 http://www.securityfocus.com/bid/47503 http://permalink.gmane.org/gmane.linux.network/192898 http://openwall.com/lists/oss-security/2011/04/20/2 http://openwall.com/lists/oss-security/2011/04/20/6 http://openwall.com/lists/oss-security/2011/04/20/7 http://openwall.com/lists/oss-security/2011/04/21/1 http://openwall.com/lists/oss-security/2011/04/21/2 http://openwall.com/lists/oss-security/2011/04/21/7 http://openwall.com/lists/oss-security/2011/04/22/2 http://openwall.com/lists/oss-security/2011/04/25/4 Common Vulnerability Exposure (CVE) ID: CVE-2011-1748 BugTraq ID: 47835 http://www.securityfocus.com/bid/47835 http://permalink.gmane.org/gmane.linux.network/192974 Common Vulnerability Exposure (CVE) ID: CVE-2011-1770 BugTraq ID: 47769 http://www.securityfocus.com/bid/47769 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061366.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html http://marc.info/?l=linux-kernel&m=130469305815140&w=2 http://marc.info/?l=linux-kernel&m=130468845209036&w=2 http://www.securitytracker.com/id?1025592 http://secunia.com/advisories/44932 http://securityreason.com/securityalert/8286 Common Vulnerability Exposure (CVE) ID: CVE-2011-1771 http://marc.info/?l=linux-cifs&m=130204730006155&w=2 http://marc.info/?l=linux-cifs&m=130204357001849&w=2 http://www.openwall.com/lists/oss-security/2011/05/09/2 http://securityreason.com/securityalert/8367 |
Copyright | Copyright (C) 2012 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |