Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2006:182 (kernel)

Vulnerability Search		Search 219043 CVE descriptions and 99761 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.57505
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2006:182 (kernel)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to kernel announced via advisory MDKSA-2006:182. A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Stephane Eranian discovered an issue with permon2.0 where, under certain circumstances, the perfmonctl() system call may not correctly manage the file descriptor reference count, resulting in the system possibly running out of file structure (CVE-2006-3741). Prior to and including 2.6.17, the Universal Disk Format (UDF) filesystem driver allowed local users to cause a DoS (hang and crash) via certain operations involving truncated files (CVE-2006-4145). Various versions of the Linux kernel allowed local users to cause a DoS (crash) via an SCTP socket with a certain SO_LINGER value, which is possibly related to the patch used to correct CVE-2006-3745 (CVE-2006-4535). The Unidirectional Lightweight Encapsulation (ULE) decapsulation component in the dvb driver allows remote attackers to cause a DoS (crash) via an SNDU length of 0 in a ULE packet (CVE-2006-4623). The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels immediately and reboot to effect the fixes. In addition to these security fixes, other fixes have been included such as: - added support for new devices: o NetXtreme BCM5715 gigabit ethernet o NetXtreme II BCM5708 gigabit ethernet - enabled the CISS driver for Xen kernels - updated ich8 support in ata_piix - enabled support for 1078 type controller in megaraid_sas - multiple fixes for RSBAC support To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate Affected: 2006.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:182 Risk factor : High CVSS Score: 7.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3741 BugTraq ID: 20361 http://www.securityfocus.com/bid/20361 Debian Security Information: DSA-1233 (Google Search) http://www.us.debian.org/security/2006/dsa-1233 http://www.mandriva.com/security/advisories?name=MDKSA-2006:182 http://www.mandriva.com/security/advisories?name=MDKSA-2007:025 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11250 http://www.redhat.com/support/errata/RHSA-2006-0689.html http://secunia.com/advisories/22279 http://secunia.com/advisories/22292 http://secunia.com/advisories/22382 http://secunia.com/advisories/22945 http://secunia.com/advisories/23370 http://secunia.com/advisories/23474 SuSE Security Announcement: SUSE-SA:2006:079 (Google Search) http://www.novell.com/linux/security/advisories/2006_79_kernel.html http://www.vupen.com/english/advisories/2006/3937 XForce ISS Database: kernel-sysperfmon-dos(29384) https://exchange.xforce.ibmcloud.com/vulnerabilities/29384 Common Vulnerability Exposure (CVE) ID: CVE-2006-4145 BugTraq ID: 19562 http://www.securityfocus.com/bid/19562 Bugtraq: 20060831 rPSA-2006-0162-1 kernel (Google Search) http://www.securityfocus.com/archive/1/444887/100/0/threaded Debian Security Information: DSA-1184 (Google Search) http://www.debian.org/security/2006/dsa-1184 http://lkml.org/lkml/2006/6/16/6 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10796 http://www.redhat.com/support/errata/RHSA-2008-0665.html http://secunia.com/advisories/21515 http://secunia.com/advisories/21695 http://secunia.com/advisories/21711 http://secunia.com/advisories/21934 http://secunia.com/advisories/22093 http://secunia.com/advisories/27227 http://secunia.com/advisories/31229 http://secunia.com/advisories/31685 SuSE Security Announcement: SUSE-SA:2007:053 (Google Search) http://www.novell.com/linux/security/advisories/2007_53_kernel.html http://www.ubuntu.com/usn/usn-346-1 http://www.vupen.com/english/advisories/2006/3308 Common Vulnerability Exposure (CVE) ID: CVE-2006-3745 BugTraq ID: 19666 http://www.securityfocus.com/bid/19666 Bugtraq: 20060822 Linux Kernel SCTP Privilege Elevation Vulnerability (Google Search) http://www.securityfocus.com/archive/1/444066/100/0/threaded Debian Security Information: DSA-1183 (Google Search) http://www.debian.org/security/2006/dsa-1183 http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0600.html http://www.mandriva.com/security/advisories?name=MDKSA-2006:150 http://www.mandriva.com/security/advisories?name=MDKSA-2006:151 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10706 http://www.redhat.com/support/errata/RHSA-2006-0617.html http://secunia.com/advisories/21576 http://secunia.com/advisories/21605 http://secunia.com/advisories/21614 http://secunia.com/advisories/21847 http://secunia.com/advisories/22082 http://secunia.com/advisories/22148 http://secunia.com/advisories/22174 SuSE Security Announcement: SUSE-SA:2006:057 (Google Search) http://www.novell.com/linux/security/advisories/2006_57_kernel.html SuSE Security Announcement: SUSE-SR:2006:021 (Google Search) http://www.novell.com/linux/security/advisories/2006_21_sr.html SuSE Security Announcement: SUSE-SR:2006:022 (Google Search) http://www.novell.com/linux/security/advisories/2006_22_sr.html http://www.vupen.com/english/advisories/2006/3358 XForce ISS Database: kernel-sctp-privilege-escalation(28530) https://exchange.xforce.ibmcloud.com/vulnerabilities/28530 Common Vulnerability Exposure (CVE) ID: CVE-2006-4535 BugTraq ID: 20087 http://www.securityfocus.com/bid/20087 http://www.mail-archive.com/kernel-svn-changes@lists.alioth.debian.org/msg02314.html https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204460 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10530 http://securitytracker.com/id?1016992 http://secunia.com/advisories/21945 http://secunia.com/advisories/21967 http://www.ubuntu.com/usn/usn-347-1 XForce ISS Database: kernel-sctp-dos(29011) https://exchange.xforce.ibmcloud.com/vulnerabilities/29011 Common Vulnerability Exposure (CVE) ID: CVE-2006-4623 BugTraq ID: 19939 http://www.securityfocus.com/bid/19939 Bugtraq: 20061017 rPSA-2006-0194-1 kernel (Google Search) http://www.securityfocus.com/archive/1/448998/100/0/threaded Bugtraq: 20070615 rPSA-2007-0124-1 kernel xen (Google Search) http://www.securityfocus.com/archive/1/471457 Debian Security Information: DSA-1304 (Google Search) http://www.debian.org/security/2007/dsa-1304 http://lkml.org/lkml/2006/8/20/278 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9775 http://secunia.com/advisories/21820 http://secunia.com/advisories/22441 http://secunia.com/advisories/25691 http://secunia.com/advisories/25714 http://secunia.com/advisories/26139 http://www.ubuntu.com/usn/usn-489-1 http://www.vupen.com/english/advisories/2006/3551
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com