ID de Prueba:	1.3.6.1.4.1.25623.1.0.123333
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2014-3067)
Resumen:	The remote host is missing an update for the 'dtrace-modules-3.8.13-35.3.5.el6uek, dtrace-modules-3.8.13-35.3.5.el7uek, kernel-uek' package(s) announced via the ELSA-2014-3067 advisory.
Descripción:	Summary: The remote host is missing an update for the 'dtrace-modules-3.8.13-35.3.5.el6uek, dtrace-modules-3.8.13-35.3.5.el7uek, kernel-uek' package(s) announced via the ELSA-2014-3067 advisory. Vulnerability Insight: kernel-uek [3.8.13-35.3.5.el7uek] - net: Use netlink_ns_capable to verify the permissions of netlink messages (Eric W. Biederman) [Orabug: 19404231] {CVE-2014-0181} - net: Add variants of capable for use on netlink messages (Eric W. Biederman) [Orabug: 19404231] - net: Add variants of capable for use on on sockets (Eric W. Biederman) [Orabug: 19404231] - netlink: Rename netlink_capable netlink_allowed (Eric W. Biederman) [Orabug: 19404231] - sctp: Fix sk_ack_backlog wrap-around problem (Xufeng Zhang) [Orabug: 19404244] {CVE-2014-4667} Affected Software/OS: 'dtrace-modules-3.8.13-35.3.5.el6uek, dtrace-modules-3.8.13-35.3.5.el7uek, kernel-uek' package(s) on Oracle Linux 6, Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0181 RHSA-2014:1959 http://rhn.redhat.com/errata/RHSA-2014-1959.html SUSE-SU-2015:0481 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SUSE-SU-2015:0652 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SUSE-SU-2015:0736 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html SUSE-SU-2015:0812 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html [netdev] 20140423 [PATCH 0/5]: Preventing abuse when passing file descriptors http://marc.info/?l=linux-netdev&m=139828832919748&w=2 [oss-security] 20140423 Re: CVE-2014-0181: Linux network reconfiguration due to incorrect netlink checks http://www.openwall.com/lists/oss-security/2014/04/23/6 https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=90f62cf30a78721641e08737bda787552428061e https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.45 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.9 openSUSE-SU-2015:0566 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://www.openwall.com/lists/oss-security/2023/04/16/3 Common Vulnerability Exposure (CVE) ID: CVE-2014-4667 BugTraq ID: 68224 http://www.securityfocus.com/bid/68224 Debian Security Information: DSA-2992 (Google Search) http://www.debian.org/security/2014/dsa-2992 http://www.openwall.com/lists/oss-security/2014/06/27/11 http://secunia.com/advisories/59777 http://secunia.com/advisories/59790 http://secunia.com/advisories/60564 http://secunia.com/advisories/60596 SuSE Security Announcement: SUSE-SU-2014:1316 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html SuSE Security Announcement: SUSE-SU-2014:1319 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search) http://www.ubuntu.com/usn/USN-2334-1 http://www.ubuntu.com/usn/USN-2335-1
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.