Executive Summary
Summary | |
---|---|
Title | kernel security and bug fix update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0973 | First vendor Publication | 2008-12-16 |
Vendor | RedHat | Last vendor Modification | 2008-12-16 |
Severity (Vendor) | Important | Revision | 03 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update addresses the following security issues: * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local, unprivileged user to prepare and run a specially-crafted binary which would use this deficiency to leak uninitialized and potentially sensitive data. (CVE-2008-0598, Important) * a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important) * missing capability checks were found in the SBNI WAN driver which could allow a local user to bypass intended capability restrictions. (CVE-2008-3525, Important) * the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local, unprivileged user to obtain access to privileged information. (CVE-2008-4210, Important) * a buffer overflow flaw was found in Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2007-6063, Moderate) * multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate) * a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate) This update also fixes the following bugs: * the incorrect kunmap function was used in nfs_xdr_readlinkres. kunmap() was used where kunmap_atomic() should have been. As a consequence, if an NFSv2 or NFSv3 server exported a volume containing a symlink which included a path equal to or longer than the local system's PATH_MAX, accessing the link caused a kernel oops. This has been corrected in this update. * mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a pointer. This caused a kernel panic in mptctl_gettargetinfo in some circumstances. A check has been added which prevents this. * lost tick compensation code in the timer interrupt routine triggered without apparent cause. When running as a fully-virtualized client, this spurious triggering caused the 64-bit version of Red Hat Enterprise Linux 3 to present highly inaccurate times. With this update the lost tick compensation code is turned off when the operating system is running as a fully-virtualized client under Xen or VMWare®. All Red Hat Enterprise Linux 3 users should install this updated kernel which addresses these vulnerabilities and fixes these bugs. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 392101 - CVE-2007-6063 Linux Kernel isdn_net_setcfg buffer overflow 433938 - CVE-2008-0598 kernel: linux x86_64 ia32 emulation leaks uninitialized data 438758 - wrong kunmap call in nfs_xdr_readlinkres 446031 - CVE-2008-2136 kernel: sit memory leak 453419 - CVE-2008-2812 kernel: NULL ptr dereference in multiple network drivers due to missing checks in tty code 457858 - CVE-2008-3275 Linux kernel local filesystem DoS 460401 - CVE-2008-3525 kernel: missing capability checks in sbni_ioctl() 463661 - CVE-2008-4210 kernel: open() call allows setgid bit when user is not in new file's group |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0973.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
29 % | CWE-264 | Permissions, Privileges, and Access Controls |
14 % | CWE-476 | NULL Pointer Dereference |
14 % | CWE-399 | Resource Management Errors |
14 % | CWE-200 | Information Exposure |
14 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
14 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:18465 | |||
Oval ID: | oval:org.mitre.oval:def:18465 | ||
Title: | DSA-1630-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1630-1 CVE-2007-6282 CVE-2008-0598 CVE-2008-2729 CVE-2008-2812 CVE-2008-2826 CVE-2008-2931 CVE-2008-3272 CVE-2008-3275 | Version: | 9 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | fai-kernels user-mode-linux linux-2.6 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28983 | |||
Oval ID: | oval:org.mitre.oval:def:28983 | ||
Title: | RHSA-2008:0612 -- kernel security and bug fix update (Important) | ||
Description: | Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0612 CESA-2008:0612-CentOS 5 CVE-2008-1294 CVE-2008-2136 CVE-2008-2812 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29129 | |||
Oval ID: | oval:org.mitre.oval:def:29129 | ||
Title: | RHSA-2008:0885 -- kernel security and bug fix update (Important) | ||
Description: | Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0885 CESA-2008:0885-CentOS 5 CVE-2007-6417 CVE-2007-6716 CVE-2008-2931 CVE-2008-3272 CVE-2008-3275 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5671 | |||
Oval ID: | oval:org.mitre.oval:def:5671 | ||
Title: | Linux Kernel SBNI WAN Driver Privilege Check Bugs May Let Local Users Gain Elevated Privileges | ||
Description: | The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3525 | Version: | 1 |
Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6201 | |||
Oval ID: | oval:org.mitre.oval:def:6201 | ||
Title: | Linux Kernel copy_user() IA32 Emulation Bug Discloses Information to Local Users | ||
Description: | Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involving a crafted binary. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-0598 | Version: | 1 |
Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6386 | |||
Oval ID: | oval:org.mitre.oval:def:6386 | ||
Title: | Linux Kernel 'truncate()' Local Privilege Escalation Vulnerability | ||
Description: | fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4210 | Version: | 1 |
Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6503 | |||
Oval ID: | oval:org.mitre.oval:def:6503 | ||
Title: | Linux Kernel Memory Leak in SIT Code ipip6_rcv() Lets Remote Users Deny Service | ||
Description: | Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-2136 | Version: | 1 |
Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6514 | |||
Oval ID: | oval:org.mitre.oval:def:6514 | ||
Title: | Linux Kernel ISDN_Net.C Local Buffer Overflow Vulnerability | ||
Description: | Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6063 | Version: | 1 |
Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6551 | |||
Oval ID: | oval:org.mitre.oval:def:6551 | ||
Title: | Linux Kernel UBIFS Orphan Inode Local Denial of Service Vulnerability | ||
Description: | The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3275 | Version: | 1 |
Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6633 | |||
Oval ID: | oval:org.mitre.oval:def:6633 | ||
Title: | Linux Kernel TTY Operations NULL Pointer Dereference Denial of Service Vulnerabilities | ||
Description: | The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-2812 | Version: | 1 |
Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9364 | |||
Oval ID: | oval:org.mitre.oval:def:9364 | ||
Title: | The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions. | ||
Description: | The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3525 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for kernel CESA-2009:0014 centos4 i386 File : nvt/gb_CESA-2009_0014_kernel_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:0001-01 centos2 i386 File : nvt/gb_CESA-2009_0001-01_kernel_centos2_i386.nasl |
2010-09-10 | Name : SuSE Update for kernel SUSE-SA:2010:036 File : nvt/gb_suse_2010_036.nasl |
2009-10-13 | Name : SLES10: Security update for Linux Kernel (x86) File : nvt/sles10_kernel7.nasl |
2009-10-13 | Name : SLES10: Security update for Linux kernel File : nvt/sles10_kernel6.nasl |
2009-10-13 | Name : SLES10: Security update for Linux kernel File : nvt/sles10_kernel3.nasl |
2009-10-13 | Name : SLES10: Security update for Linux kernel File : nvt/sles10_kernel0.nasl |
2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5039274.nasl |
2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5036146.nasl |
2009-06-30 | Name : Fedora Core 9 FEDORA-2009-6846 (kernel) File : nvt/fcore_2009_6846.nasl |
2009-06-05 | Name : Fedora Core 9 FEDORA-2009-5383 (kernel) File : nvt/fcore_2009_5383.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:223 (kernel) File : nvt/gb_mandriva_MDVSA_2008_223.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:112 (kernel) File : nvt/gb_mandriva_MDVSA_2008_112.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:167 (kernel) File : nvt/gb_mandriva_MDVSA_2008_167.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.17/20/22 vulnerabilities USN-574-1 File : nvt/gb_ubuntu_USN_574_1.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-578-1 File : nvt/gb_ubuntu_USN_578_1.nasl |
2009-03-23 | Name : Ubuntu Update for linux, linux-source-2.6.15/20/22 vulnerabilities USN-625-1 File : nvt/gb_ubuntu_USN_625_1.nasl |
2009-03-23 | Name : Ubuntu Update for linux, linux-source-2.6.15/20/22 vulnerabilities USN-637-1 File : nvt/gb_ubuntu_USN_637_1.nasl |
2009-03-23 | Name : Ubuntu Update for linux, linux-source-2.6.15/22 vulnerabilities USN-659-1 File : nvt/gb_ubuntu_USN_659_1.nasl |
2009-03-23 | Name : Ubuntu Update for linux, linux-source-2.6.15/22 vulnerabilities USN-679-1 File : nvt/gb_ubuntu_USN_679_1.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0972-01 File : nvt/gb_RHSA-2008_0972-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0973-03 File : nvt/gb_RHSA-2008_0973-03_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0957-02 File : nvt/gb_RHSA-2008_0957-02_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0885-01 File : nvt/gb_RHSA-2008_0885-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0612-01 File : nvt/gb_RHSA-2008_0612-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0607-01 File : nvt/gb_RHSA-2008_0607-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0519-01 File : nvt/gb_RHSA-2008_0519-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0508-01 File : nvt/gb_RHSA-2008_0508-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0055-01 File : nvt/gb_RHSA-2008_0055-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0154-01 File : nvt/gb_RHSA-2008_0154-01_kernel.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0973 centos3 x86_64 File : nvt/gb_CESA-2008_0973_kernel_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0973 centos3 i386 File : nvt/gb_CESA-2008_0973_kernel_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0972 centos4 x86_64 File : nvt/gb_CESA-2008_0972_kernel_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0972 centos4 i386 File : nvt/gb_CESA-2008_0972_kernel_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0508 centos4 x86_64 File : nvt/gb_CESA-2008_0508_kernel_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0508 centos4 i386 File : nvt/gb_CESA-2008_0508_kernel_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0055 centos4 i386 File : nvt/gb_CESA-2008_0055_kernel_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0055 centos4 x86_64 File : nvt/gb_CESA-2008_0055_kernel_centos4_x86_64.nasl |
2009-02-17 | Name : Fedora Update for kernel FEDORA-2008-8929 File : nvt/gb_fedora_2008_8929_kernel_fc9.nasl |
2009-02-17 | Name : Fedora Update for kernel FEDORA-2008-8980 File : nvt/gb_fedora_2008_8980_kernel_fc8.nasl |
2009-02-17 | Name : Fedora Update for kernel FEDORA-2008-3949 File : nvt/gb_fedora_2008_3949_kernel_fc9.nasl |
2009-02-13 | Name : Fedora Update for kernel FEDORA-2008-11618 File : nvt/gb_fedora_2008_11618_kernel_fc9.nasl |
2009-02-10 | Name : CentOS Security Advisory CESA-2009:0001-01 (kernel) File : nvt/ovcesa2009_0001_01.nasl |
2009-02-02 | Name : Fedora Core 9 FEDORA-2009-0816 (kernel) File : nvt/fcore_2009_0816.nasl |
2009-01-28 | Name : SuSE Update for kernel SUSE-SA:2007:064 File : nvt/gb_suse_2007_064.nasl |
2009-01-26 | Name : RedHat Security Advisory RHSA-2009:0009 File : nvt/RHSA_2009_0009.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:047 File : nvt/gb_suse_2008_047.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:056 File : nvt/gb_suse_2008_056.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:053 File : nvt/gb_suse_2008_053.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:052 File : nvt/gb_suse_2008_052.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:051 File : nvt/gb_suse_2008_051.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:044 File : nvt/gb_suse_2008_044.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:037 File : nvt/gb_suse_2008_037.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:032 File : nvt/gb_suse_2008_032.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:048 File : nvt/gb_suse_2008_048.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:030 File : nvt/gb_suse_2008_030.nasl |
2009-01-20 | Name : RedHat Security Advisory RHSA-2009:0014 File : nvt/RHSA_2009_0014.nasl |
2009-01-20 | Name : CentOS Security Advisory CESA-2009:0014 (kernel) File : nvt/ovcesa2009_0014.nasl |
2009-01-13 | Name : RedHat Security Advisory RHSA-2009:0001 File : nvt/RHSA_2009_0001.nasl |
2009-01-07 | Name : RedHat Security Advisory RHSA-2008:0787 File : nvt/RHSA_2008_0787.nasl |
2008-11-01 | Name : Debian Security Advisory DSA 1653-1 (linux-2.6) File : nvt/deb_1653_1.nasl |
2008-11-01 | Name : Debian Security Advisory DSA 1655-1 (linux-2.6.24) File : nvt/deb_1655_1.nasl |
2008-09-17 | Name : Debian Security Advisory DSA 1636-1 (linux-2.6.24) File : nvt/deb_1636_1.nasl |
2008-09-04 | Name : Debian Security Advisory DSA 1630-1 (linux-2.6) File : nvt/deb_1630_1.nasl |
2008-06-11 | Name : Debian Security Advisory DSA 1588-2 (linux-2.6) File : nvt/deb_1588_2.nasl |
2008-06-11 | Name : Debian Security Advisory DSA 1588-1 (linux-2.6) File : nvt/deb_1588_1.nasl |
2008-03-11 | Name : Debian Security Advisory DSA 1503-2 (kernel-source-2.4.27 (2.4.27-10sarge7)) File : nvt/deb_1503_2.nasl |
2008-02-28 | Name : Debian Security Advisory DSA 1504-1 (kernel-source-2.6.8 (2.6.8-17sarge1)) File : nvt/deb_1504_1.nasl |
2008-02-28 | Name : Debian Security Advisory DSA 1503-1 (kernel-source-2.4.27 (2.4.27-10sarge6)) File : nvt/deb_1503_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1436-1 (linux-2.6) File : nvt/deb_1436_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
49081 | Linux Kernel fs/open.c (f)truncate Function Local Privilege Escalation |
48781 | Linux Kernel Bit Emulation Crafted Binary Unspecified Local Memory Disclosure |
48432 | Linux Kernel wan Subsystem drivers/net/wan/sbni.c sbni_ioctl Function Local C... |
47788 | Linux Kernel VFS fs/namei.c Multiple Function Local DoS |
46926 | Linux Kernel drivers/net/wireless/strip.c TTY Operations Function Pointers NU... |
46925 | Linux Kernel drivers/net/wan/x25_asy.c TTY Operations Function Pointers NULL ... |
46924 | Linux Kernel drivers/net/slip.c TTY Operations Function Pointers NULL Derefer... |
46923 | Linux Kernel drivers/net/ppp_synctty.c TTY Operations Function Pointers NULL ... |
46922 | Linux Kernel drivers/net/ppp_async.c TTY Operations Function Pointers NULL De... |
46921 | Linux Kernel drivers/net/irda/irtty-sir.c TTY Operations Function Pointers NU... |
46920 | Linux Kernel drivers/net/hamradio/mkiss.c TTY Operations Function Pointers NU... |
46918 | Linux Kernel drivers/net/hamradio/6pack.c TTY Operations Function Pointers NU... |
45421 | Linux Kernel net/ipv6/sit.c ipip6_rcv function Simple Internet Transition Tun... |
39240 | Linux Kernel isdn_net.c isdn_net_setcfg() Function Local Overflow |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-10-22 | IAVM : 2009-A-0105 - Multiple Vulnerabilities in VMware Products Severity : Category I - VMSKEY : V0021867 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | IPv6 packets encapsulated in IPv4 RuleID : 8446 - Revision : 8 - Type : POLICY-OTHER |
2014-01-10 | (ipv6)IPV6tunneledoverIPv4,IPv6headertruncated,possibleLinuxkernelattack RuleID : 291 - Revision : 2 - Type : |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-03 | Name : The remote host is missing a security-related patch. File : vmware_VMSA-2009-0014_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2008-2006.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2008-2005.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0014.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0973.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0957.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0885.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0612.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0607.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0519.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0508.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0154.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0055.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081216_kernel_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090114_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080131_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080305_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080625_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080625_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080723_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080804_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080924_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081104_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081119_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4745.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5239.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5370.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5477.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5608.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5667.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5735.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7063.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7059.nasl - Type : ACT_GATHER_INFO |
2010-08-27 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12636.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0154.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0014.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0607.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0612.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0885.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0519.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0957.nasl - Type : ACT_GATHER_INFO |
2009-10-19 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2009-0014.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5473.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5235.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5668.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-081022.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-080822.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-080721.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-659-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-679-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-112.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-167.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-223.nasl - Type : ACT_GATHER_INFO |
2009-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0014.nasl - Type : ACT_GATHER_INFO |
2009-01-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0001.nasl - Type : ACT_GATHER_INFO |
2008-12-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0973.nasl - Type : ACT_GATHER_INFO |
2008-12-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0973.nasl - Type : ACT_GATHER_INFO |
2008-12-03 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5734.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
2008-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5751.nasl - Type : ACT_GATHER_INFO |
2008-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0957.nasl - Type : ACT_GATHER_INFO |
2008-10-24 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8929.nasl - Type : ACT_GATHER_INFO |
2008-10-24 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8980.nasl - Type : ACT_GATHER_INFO |
2008-10-21 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5700.nasl - Type : ACT_GATHER_INFO |
2008-10-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1655.nasl - Type : ACT_GATHER_INFO |
2008-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1653.nasl - Type : ACT_GATHER_INFO |
2008-10-02 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5566.nasl - Type : ACT_GATHER_INFO |
2008-09-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0885.nasl - Type : ACT_GATHER_INFO |
2008-09-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1636.nasl - Type : ACT_GATHER_INFO |
2008-08-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-637-1.nasl - Type : ACT_GATHER_INFO |
2008-08-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1630.nasl - Type : ACT_GATHER_INFO |
2008-08-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0612.nasl - Type : ACT_GATHER_INFO |
2008-07-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0665.nasl - Type : ACT_GATHER_INFO |
2008-07-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0607.nasl - Type : ACT_GATHER_INFO |
2008-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-625-1.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5375.nasl - Type : ACT_GATHER_INFO |
2008-07-02 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0508.nasl - Type : ACT_GATHER_INFO |
2008-07-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0519.nasl - Type : ACT_GATHER_INFO |
2008-07-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0508.nasl - Type : ACT_GATHER_INFO |
2008-06-24 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5336.nasl - Type : ACT_GATHER_INFO |
2008-06-24 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5339.nasl - Type : ACT_GATHER_INFO |
2008-05-28 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1588.nasl - Type : ACT_GATHER_INFO |
2008-05-16 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3949.nasl - Type : ACT_GATHER_INFO |
2008-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0154.nasl - Type : ACT_GATHER_INFO |
2008-02-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1504.nasl - Type : ACT_GATHER_INFO |
2008-02-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1503.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-578-1.nasl - Type : ACT_GATHER_INFO |
2008-02-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0055.nasl - Type : ACT_GATHER_INFO |
2008-02-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-574-1.nasl - Type : ACT_GATHER_INFO |
2008-02-01 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4929.nasl - Type : ACT_GATHER_INFO |
2008-02-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0055.nasl - Type : ACT_GATHER_INFO |
2008-01-08 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4752.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1436.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4741.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:52:02 |
|