ID de Prueba:	1.3.6.1.4.1.25623.1.0.122454
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2009-1222)
Resumen:	The remote host is missing an update for the 'kernel, ocfs2-2.6.18-128.7.1.0.1.el5, oracleasm-2.6.18-128.7.1.0.1.el5' package(s) announced via the ELSA-2009-1222 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel, ocfs2-2.6.18-128.7.1.0.1.el5, oracleasm-2.6.18-128.7.1.0.1.el5' package(s) announced via the ELSA-2009-1222 advisory. Vulnerability Insight: [2.6.18-128.7.1.0.1.el5] - [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru Anbalagane) [orabug 6045759] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [MM] balloon code needs to adjust totalhigh_pages (Chuck Anderson) [orabug 8300888] - [NET] Add entropy support to igb ( John Sobecki) [orabug 7607479] - [XEN] use hypercall to fixmap pte updates (Mukesh Rathor) [orabug 8433329] - [XEN] Extend physical mask to 40bit for machine above 64G [orabug 8312526] [2.6.18-128.7.1.el5] - [net] prevent null pointer dereference in udp_sendmsg (Vitaly Mayatskikh) [518047 518043] {CVE-2009-2698} [2.6.18-128.6.1.el5] - [net] make sock_sendpage use kernel_sendpage (Jiri Pirko ) [517445 516955] {CVE-2009-2692} [2.6.18-128.5.1.el5] - [dlm] free socket in error exit path (David Teigland ) [515432 508829] Affected Software/OS: 'kernel, ocfs2-2.6.18-128.7.1.0.1.el5, oracleasm-2.6.18-128.7.1.0.1.el5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2692 BugTraq ID: 36038 http://www.securityfocus.com/bid/36038 Bugtraq: 20090813 Linux NULL pointer dereference due to incorrect proto_ops initializations (Google Search) http://www.securityfocus.com/archive/1/505751/100/0/threaded Bugtraq: 20090818 rPSA-2009-0121-1 kernel open-vm-tools (Google Search) http://www.securityfocus.com/archive/1/505912/100/0/threaded Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search) http://www.securityfocus.com/archive/1/507985/100/0/threaded Bugtraq: 20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel (Google Search) http://www.securityfocus.com/archive/1/512019/100/0/threaded Debian Security Information: DSA-1865 (Google Search) http://www.debian.org/security/2009/dsa-1865 http://www.exploit-db.com/exploits/19933 http://www.exploit-db.com/exploits/9477 http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0174.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:233 http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html http://grsecurity.net/~spender/wunderbar_emporium.tgz http://zenthought.org/content/file/android-root-2009-08-16-source http://www.openwall.com/lists/oss-security/2009/08/14/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11526 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11591 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8657 RedHat Security Advisories: RHSA-2009:1222 http://rhn.redhat.com/errata/RHSA-2009-1222.html RedHat Security Advisories: RHSA-2009:1223 http://rhn.redhat.com/errata/RHSA-2009-1223.html http://www.redhat.com/support/errata/RHSA-2009-1233.html http://secunia.com/advisories/36278 http://secunia.com/advisories/36289 http://secunia.com/advisories/36327 http://secunia.com/advisories/36430 http://secunia.com/advisories/37298 http://secunia.com/advisories/37471 SuSE Security Announcement: SUSE-SR:2009:015 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html http://www.vupen.com/english/advisories/2009/2272 http://www.vupen.com/english/advisories/2009/3316 Common Vulnerability Exposure (CVE) ID: CVE-2009-2698 BugTraq ID: 36108 http://www.securityfocus.com/bid/36108 http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 http://www.openwall.com/lists/oss-security/2009/08/25/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11514 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8557 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9142 http://www.securitytracker.com/id?1022761 http://secunia.com/advisories/23073 http://secunia.com/advisories/36510 http://secunia.com/advisories/37105 SuSE Security Announcement: SUSE-SA:2009:046 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00008.html http://www.ubuntu.com/usn/USN-852-1
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.