Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | Linux kernel (Natty backport) vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | USN-1256-1 | First vendor Publication | 2011-11-09 |
| Vendor | Ubuntu | Last vendor Modification | 2011-11-09 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.04 LTS Summary: Several security issues were fixed in the kernel. Software Description: - linux-lts-backport-natty: Linux kernel backport from Natty Details: It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities. (CVE-2011-1020) Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2011-1078) Vasiliy Kulikov discovered that the Bluetooth stack did not correctly check that device name strings were NULL terminated. A local attacker could exploit this to crash the system, leading to a denial of service, or leak contents of kernel stack memory, leading to a loss of privacy. (CVE-2011-1079) Vasiliy Kulikov discovered that bridge network filtering did not check that name fields were NULL terminated. A local attacker could exploit this to leak contents of kernel stack memory, leading to a loss of privacy. (CVE-2011-1080) Johan Hovold discovered that the DCCP network stack did not correctly handle certain packet combinations. A remote attacker could send specially crafted network traffic that would crash the system, leading to a denial of service. (CVE-2011-1093) Peter Huewe discovered that the TPM device did not correctly initialize memory. A local attacker could exploit this to read kernel heap memory contents, leading to a loss of privacy. (CVE-2011-1160) Dan Rosenberg discovered that the IRDA subsystem did not correctly check certain field sizes. If a system was using IRDA, a remote attacker could send specially crafted traffic to crash the system or gain root privileges. (CVE-2011-1180) Ryan Sweat discovered that the GRO code did not correctly validate memory. In some configurations on systems using VLANs, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2011-1478) It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-1479) Dan Rosenberg discovered that the X.25 Rose network stack did not correctly handle certain fields. If a system was running with Rose enabled, a remote attacker could send specially crafted traffic to gain root privileges. (CVE-2011-1493) It was discovered that the Stream Control Transmission Protocol (SCTP) implementation incorrectly calculated lengths. If the net.sctp.addip_enable variable was turned on, a remote attacker could send specially crafted traffic to crash the system. (CVE-2011-1573) Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2011-1576) Timo Warns discovered that the GUID partition parsing routines did not correctly validate certain structures. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. (CVE-2011-1577) Phil Oester discovered that the network bonding system did not correctly handle large queues. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2011-1581) It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. (CVE-2011-1585) It was discovered that the GRE protocol incorrectly handled netns initialization. A remote attacker could send a packet while the ip_gre module was loading, and crash the system, leading to a denial of service. (CVE-2011-1767) It was discovered that the IP/IP protocol incorrectly handled netns initialization. A remote attacker could send a packet while the ipip module was loading, and crash the system, leading to a denial of service. (CVE-2011-1768) Ben Greear discovered that CIFS did not correctly handle direct I/O. A local attacker with access to a CIFS partition could exploit this to crash the system, leading to a denial of service. (CVE-2011-1771) Timo Warns discovered that the EFI GUID partition table was not correctly parsed. A physically local attacker that could insert mountable devices could exploit this to crash the system or possibly gain root privileges. (CVE-2011-1776) Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly check the origin of mount points. A local attacker could exploit this to trick the system into unmounting arbitrary mount points, leading to a denial of service. (CVE-2011-1833) Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2183) Dan Rosenberg discovered that the IPv4 diagnostic routines did not correctly validate certain requests. A local attacker could exploit this to consume CPU resources, leading to a denial of service. (CVE-2011-2213) It was discovered that an mmap() call with the MAP_PRIVATE flag on "/dev/zero" was incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2479) Vasiliy Kulikov discovered that taskstats listeners were not correctly handled. A local attacker could expoit this to exhaust memory and CPU resources, leading to a denial of service. (CVE-2011-2484) Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. (CVE-2011-2491) It was discovered that Bluetooth l2cap and rfcomm did not correctly initialize structures. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. (CVE-2011-2492) Sami Liedes discovered that ext4 did not correctly handle missing root inodes. A local attacker could trigger the mount of a specially crafted filesystem to cause the system to crash, leading to a denial of service. (CVE-2011-2493) Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. (CVE-2011-2494) Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. (CVE-2011-2495) Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2496) Dan Rosenberg discovered that the Bluetooth stack incorrectly handled certain L2CAP requests. If a system was using Bluetooth, a remote attacker could send specially crafted traffic to crash the system or gain root privileges. (CVE-2011-2497) It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. (CVE-2011-2517) Ben Pfaff discovered that Classless Queuing Disciplines (qdiscs) were being incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2525) It was discovered that GFS2 did not correctly check block sizes. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2689) It was discovered that the EXT4 filesystem contained multiple off-by-one flaws. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2695) Fernando Gont discovered that the IPv6 stack used predictable fragment identification numbers. A remote attacker could exploit this to exhaust network resources, leading to a denial of service. (CVE-2011-2699) Mauro Carvalho Chehab discovered that the si4713 radio driver did not correctly check the length of memory copies. If this hardware was available, a local attacker could exploit this to crash the system or gain root privileges. (CVE-2011-2700) Herbert Xu discovered that certain fields were incorrectly handled when Generic Receive Offload (CVE-2011-2723) Christian Ohm discovered that the perf command looks for configuration files in the current directory. If a privileged user were tricked into running perf in a directory containing a malicious configuration file, an attacker could run arbitrary commands and possibly gain privileges. (CVE-2011-2905) Vasiliy Kulikov discovered that the Comedi driver did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2011-2909) The performance counter subsystem did not correctly handle certain counters. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2918) Time Warns discovered that long symlinks were incorrectly handled on Be filesystems. A local attacker could exploit this with a malformed Be filesystem and crash the system, leading to a denial of service. (CVE-2011-2928) Qianfeng Zhang discovered that the bridge networking interface incorrectly handled certain network packets. A remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2942) Dan Kaminsky discovered that the kernel incorrectly handled random sequence number generation. An attacker could use this flaw to possibly predict sequence numbers and inject packets. (CVE-2011-3188) Darren Lavender discovered that the CIFS client incorrectly handled certain large values. A remote attacker with a malicious server could exploit this to crash the system or possibly execute arbitrary code as the root user. (CVE-2011-3191) Yasuaki Ishimatsu discovered a flaw in the kernel's clock implementation. A local unprivileged attacker could exploit this causing a denial of service. (CVE-2011-3209) Yogesh Sharma discovered that CIFS did not correctly handle UNCs that had no prefixpaths. A local attacker with access to a CIFS partition could exploit this to crash the system, leading to a denial of service. (CVE-2011-3363) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.04 LTS: After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. References: Package Information: |
Original Source
| Url : http://www.ubuntu.com/usn/USN-1256-1 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 15 % | CWE-200 | Information Exposure |
| 12 % | CWE-476 | NULL Pointer Dereference |
| 12 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 12 % | CWE-20 | Improper Input Validation |
| 10 % | CWE-399 | Resource Management Errors |
| 7 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 7 % | CWE-362 | Race Condition |
| 7 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 5 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
| 2 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
| 2 % | CWE-682 | Incorrect Calculation |
| 2 % | CWE-193 | Off-by-one Error |
| 2 % | CWE-191 | Integer Underflow (Wrap or Wraparound) |
| 2 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:13433 | |||
| Oval ID: | oval:org.mitre.oval:def:13433 | ||
| Title: | USN-1093-1 -- linux-mvl-dove vulnerabilities | ||
| Description: | Joel Becker discovered that OCFS2 did not correctly validate on-disk symlink structures. If an attacker were able to trick a user or automated system into mounting a specially crafted filesystem, it could crash the system or exposde kernel memory, leading to a loss of privacy. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Tavis Ormandy discovered that the session keyring did not correctly check for its parent. On systems without a default session keyring, a local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Dan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service. It was discovered that multithreaded exec did not handle CPU timers correctly. A local attacker could exploit this to crash the system, leading to a denial of service. Krishna Gudipati discovered that the bfa adapter driver did not correctly initialize certain structures. A local attacker could read files in /sys to crash the system, leading to a denial of service. Tavis Ormandy discovered that the install_special_mapping function could bypass the mmap_min_addr restriction. A local attacker could exploit this to mmap 4096 bytes below the mmap_min_addr area, possibly improving the chances of performing NULL pointer dereference attacks. It was discovered that the ICMP stack did not correctly handle certain unreachable messages. If a remote attacker were able to acquire a socket lock, they could send specially crafted traffic that would crash the system, leading to a denial of service. Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. A local attacker could exploit this crash the system or gain root privileges. Dan Carpenter discovered that the Infiniband driver did not correctly handle certain requests. A local user could exploit this to crash the system or potentially gain root privileges | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1093-1 CVE-2010-3904 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-2478 CVE-2010-3084 CVE-2010-2942 CVE-2010-3477 CVE-2010-2943 CVE-2010-2954 CVE-2010-2955 CVE-2010-2960 CVE-2010-2962 CVE-2010-2963 CVE-2010-3067 CVE-2010-3078 CVE-2010-3079 CVE-2010-3080 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3448 CVE-2010-3698 CVE-2010-3705 CVE-2010-3858 CVE-2010-3859 CVE-2010-3861 CVE-2010-3865 CVE-2010-3873 CVE-2010-3874 CVE-2010-3875 CVE-2010-3876 CVE-2010-3877 CVE-2010-3880 CVE-2010-3881 CVE-2010-4072 CVE-2010-4073 CVE-2010-4075 CVE-2010-4079 CVE-2010-4080 CVE-2010-4081 CVE-2010-4082 CVE-2010-4083 CVE-2010-4157 CVE-2010-4158 CVE-2010-4160 CVE-2010-4162 CVE-2010-4163 CVE-2010-4668 CVE-2010-4164 CVE-2010-4165 CVE-2010-4169 CVE-2010-4175 CVE-2010-4242 CVE-2010-4248 CVE-2010-4249 CVE-2010-4258 CVE-2010-4343 CVE-2010-4346 CVE-2010-4526 CVE-2010-4527 CVE-2010-4648 CVE-2010-4649 CVE-2011-1044 CVE-2010-4650 CVE-2010-4655 CVE-2010-4656 CVE-2011-0006 CVE-2011-0521 CVE-2011-0712 CVE-2011-1010 CVE-2011-1012 CVE-2011-1082 CVE-2011-1093 | Version: | 5 |
| Platform(s): | Ubuntu 10.10 Ubuntu 10.04 | Product(s): | linux-mvl-dove |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:14087 | |||
| Oval ID: | oval:org.mitre.oval:def:14087 | ||
| Title: | USN-1161-1 -- linux-ec2 vulnerabilities | ||
| Description: | linux-ec2: Linux kernel for EC2 Multiple kernel flaws have been fixed. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1161-1 CVE-2010-3881 CVE-2011-1017 CVE-2011-1090 CVE-2011-1163 CVE-2011-1494 CVE-2011-1495 CVE-2011-1593 CVE-2011-1598 CVE-2011-1748 CVE-2011-1745 CVE-2011-2022 CVE-2011-1746 CVE-2011-1759 CVE-2011-1770 CVE-2011-1776 CVE-2011-3363 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-ec2 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:14248 | |||
| Oval ID: | oval:org.mitre.oval:def:14248 | ||
| Title: | DSA-2303-1 linux-2.6 -- privilege escalation/denial of service/information leak | ||
| Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-1020 Kees Cook discovered an issue in the /proc filesystem that allows local users to gain access to sensitive process information after execution of a setuid binary. CVE-2011-1576 Ryan Sweat discovered an issue in the VLAN implementation. Local users may be able to cause a kernel memory leak, resulting in a denial of service. CVE-2011-2484 Vasiliy Kulikov of Openwall discovered that the number of exit handlers that a process can register is not capped, resulting in local denial of service through resource exhaustion. CVE-2011-2491 Vasily Averin discovered an issue with the NFS locking implementation. A malicious NFS server can cause a client to hang indefinitely in an unlock call. CVE-2011-2492 Marek Kroemeke and Filip Palian discovered that uninitialised struct elements in the Bluetooth subsystem could lead to a leak of sensitive kernel memory through leaked stack memory. CVE-2011-2495 Vasiliy Kulikov of Openwall discovered that the io file of a process" proc directory was world-readable, resulting in local information disclosure of information such as password lengths. CVE-2011-2496 Robert Swiecki discovered that mremap could be abused for local denial of service by triggering a BUG_ON assert. CVE-2011-2497 Dan Rosenberg discovered an integer underflow in the Bluetooth subsystem, which could lead to denial of service or privilege escalation. CVE-2011-2517 It was discovered that the netlink-based wireless configuration interface performed insufficient length validation when parsing SSIDs, resulting in buffer overflows. Local users with the CAP_NET_ADMIN capability can cause a denial of service. CVE-2011-2525 Ben Pfaff reported an issue in the network scheduling code. A local user could cause a denial of service by sending a specially crafted netlink message. CVE-2011-2700 Mauro Carvalho Chehab of Red Hat reported a buffer overflow issue in the driver for the Si4713 FM Radio Transmitter driver used by N900 devices. Local users could exploit this issue to cause a denial of service or potentially gain elevated privileges. CVE-2011-2723 Brent Meshier reported an issue in the GRO implementation. This can be exploited by remote users to create a denial of service in certain network device configurations. CVE-2011-2905 Christian Ohm discovered that the "perf" analysis tool searches for its config files in the current working directory. This could lead to denial of service or potential privilege escalation if a user with elevated privileges is tricked into running "perf" in a directory under the control of the attacker. CVE-2011-2909 Vasiliy Kulikov of Openwall discovered that a programming error in the Comedi driver could lead to the information disclosure through leaked stack memory. CVE-2011-2918 Vince Weaver discovered that incorrect handling of software event overflows in the "perf" analysis tool could lead to local denial of service. CVE-2011-2928 Timo Warns discovered that insufficient validation of Be filesystem images could lead to local denial of service if a malformed filesystem image is mounted. CVE-2011-3188 Dan Kaminsky reported a weakness of the sequence number generation in the TCP protocol implementation. This can be used by remote attackers to inject packets into an active session. CVE-2011-3191 Darren Lavender reported an issue in the Common Internet File System. A malicious file server could cause memory corruption leading to a denial of service. This update also includes a fix for a regression introduced with the previous security fix for CVE-2011-1768 | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2303-1 CVE-2011-1020 CVE-2011-1576 CVE-2011-2484 CVE-2011-2491 CVE-2011-2492 CVE-2011-2495 CVE-2011-2496 CVE-2011-2497 CVE-2011-2517 CVE-2011-2525 CVE-2011-2700 CVE-2011-2723 CVE-2011-2905 CVE-2011-2909 CVE-2011-2918 CVE-2011-2928 CVE-2011-3188 CVE-2011-3191 CVE-2011-1768 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | linux-2.6 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:14257 | |||
| Oval ID: | oval:org.mitre.oval:def:14257 | ||
| Title: | DSA-2310-1 linux-2.6 -- privilege escalation/denial of service/information leak | ||
| Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4067 Rafael Dominguez Vega of MWR InfoSecurity reported an issue in the auerswald module, a driver for Auerswald PBX/System Telephone USB devices. Attackers with physical access to a system's USB ports could obtain elevated privileges using a specially crafted USB device. CVE-2011-0712 Rafael Dominguez Vega of MWR InfoSecurity reported an issue in the caiaq module, a USB driver for Native Instruments USB audio devices. Attackers with physical access to a system's USB ports could obtain elevated privileges using a specially crafted USB device. CVE-2011-1020 Kees Cook discovered an issue in the /proc filesystem that allows local users to gain access to sensitive process information after execution of a setuid binary. CVE-2011-2209 Dan Rosenberg discovered an issue in the osf_sysinfo system call on the alpha architecture. Local users could obtain access to sensitive kernel memory. CVE-2011-2211 Dan Rosenberg discovered an issue in the osf_wait4 system call on the alpha architecture permitting local users to gain elevated privileges. CVE-2011-2213 Dan Rosenberg discovered an issue in the INET socket monitoring interface. Local users could cause a denial of service by injecting code and causing the kernel to execute an infinite loop. CVE-2011-2484 Vasiliy Kulikov of Openwall discovered that the number of exit handlers that a process can register is not capped, resulting in local denial of service through resource exhaustion. CVE-2011-2491 Vasily Averin discovered an issue with the NFS locking implementation. A malicious NFS server can cause a client to hang indefinitely in an unlock call. CVE-2011-2492 Marek Kroemeke and Filip Palian discovered that uninitialised struct elements in the Bluetooth subsystem could lead to a leak of sensitive kernel memory through leaked stack memory. CVE-2011-2495 Vasiliy Kulikov of Openwall discovered that the io file of a process" proc directory was world-readable, resulting in local information disclosure of information such as password lengths. CVE-2011-2496 Robert Swiecki discovered that mremap could be abused for local denial of service by triggering a BUG_ON assert. CVE-2011-2497 Dan Rosenberg discovered an integer underflow in the Bluetooth subsystem, which could lead to denial of service or privilege escalation. CVE-2011-2525 Ben Pfaff reported an issue in the network scheduling code. A local user could cause a denial of service by sending a specially crafted netlink message. CVE-2011-2928 Timo Warns discovered that insufficient validation of Be filesystem images could lead to local denial of service if a malformed filesystem image is mounted. CVE-2011-3188 Dan Kaminsky reported a weakness of the sequence number generation in the TCP protocol implementation. This can be used by remote attackers to inject packets into an active session. CVE-2011-3191 Darren Lavender reported an issue in the Common Internet File System. A malicious file server could cause memory corruption leading to a denial of service. This update also includes a fix for a regression introduced with the previous security fix for CVE-2011-1768 | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2310-1 CVE-2009-4067 CVE-2011-0712 CVE-2011-1020 CVE-2011-2209 CVE-2011-2211 CVE-2011-2213 CVE-2011-2484 CVE-2011-2491 CVE-2011-2492 CVE-2011-2495 CVE-2011-2496 CVE-2011-2497 CVE-2011-2525 CVE-2011-2928 CVE-2011-3188 CVE-2011-3191 CVE-2011-1768 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | linux-2.6 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:14747 | |||
| Oval ID: | oval:org.mitre.oval:def:14747 | ||
| Title: | USN-1269-1 -- Linux kernel (EC2) vulnerabilities | ||
| Description: | linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1269-1 CVE-2011-2491 CVE-2011-2496 CVE-2011-2517 CVE-2011-2525 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:14846 | |||
| Oval ID: | oval:org.mitre.oval:def:14846 | ||
| Title: | USN-1271-1 -- Linux kernel (i.MX51) vulnerabilities | ||
| Description: | linux-fsl-imx51: Linux kernel for IMX51 Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1271-1 CVE-2011-1585 CVE-2011-1767 CVE-2011-1768 CVE-2011-2491 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:14888 | |||
| Oval ID: | oval:org.mitre.oval:def:14888 | ||
| Title: | DSA-2303-2 linux-2.6 -- privilege escalation/denial of service/information leak | ||
| Description: | The linux-2.6 and user-mode-linux upgrades from DSA-2303-1 has caused a regression that can result in an oops during invalid accesses to /proc/<pid>/maps files. The text of the original advisory is reproduced for reference: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-1020 Kees Cook discovered an issue in the /proc filesystem that allows local users to gain access to sensitive process information after execution of a setuid binary. CVE-2011-1576 Ryan Sweat discovered an issue in the VLAN implementation. Local users may be able to cause a kernel memory leak, resulting in a denial of service. CVE-2011-2484 Vasiliy Kulikov of Openwall discovered that the number of exit handlers that a process can register is not capped, resulting in local denial of service through resource exhaustion. CVE-2011-2491 Vasily Averin discovered an issue with the NFS locking implementation. A malicious NFS server can cause a client to hang indefinitely in an unlock call. CVE-2011-2492 Marek Kroemeke and Filip Palian discovered that uninitialised struct elements in the Bluetooth subsystem could lead to a leak of sensitive kernel memory through leaked stack memory. CVE-2011-2495 Vasiliy Kulikov of Openwall discovered that the io file of a process" proc directory was world-readable, resulting in local information disclosure of information such as password lengths. CVE-2011-2496 Robert Swiecki discovered that mremap could be abused for local denial of service by triggering a BUG_ON assert. CVE-2011-2497 Dan Rosenberg discovered an integer underflow in the Bluetooth subsystem, which could lead to denial of service or privilege escalation. CVE-2011-2517 It was discovered that the netlink-based wireless configuration interface performed insufficient length validation when parsing SSIDs, resulting in buffer overflows. Local users with the CAP_NET_ADMIN capability can cause a denial of service. CVE-2011-2525 Ben Pfaff reported an issue in the network scheduling code. A local user could cause a denial of service by sending a specially crafted netlink message. CVE-2011-2700 Mauro Carvalho Chehab of Red Hat reported a buffer overflow issue in the driver for the Si4713 FM Radio Transmitter driver used by N900 devices. Local users could exploit this issue to cause a denial of service or potentially gain elevated privileges. CVE-2011-2723 Brent Meshier reported an issue in the GRO implementation. This can be exploited by remote users to create a denial of service in certain network device configurations. CVE-2011-2905 Christian Ohm discovered that the "perf" analysis tool searches for its config files in the current working directory. This could lead to denial of service or potential privilege escalation if a user with elevated privileges is tricked into running "perf" in a directory under the control of the attacker. CVE-2011-2909 Vasiliy Kulikov of Openwall discovered that a programming error in the Comedi driver could lead to the information disclosure through leaked stack memory. CVE-2011-2918 Vince Weaver discovered that incorrect handling of software event overflows in the "perf" analysis tool could lead to local denial of service. CVE-2011-2928 Timo Warns discovered that insufficient validation of Be filesystem images could lead to local denial of service if a malformed filesystem image is mounted. CVE-2011-3188 Dan Kaminsky reported a weakness of the sequence number generation in the TCP protocol implementation. This can be used by remote attackers to inject packets into an active session. CVE-2011-3191 Darren Lavender reported an issue in the Common Internet File System. A malicious file server could cause memory corruption leading to a denial of service. This update also includes a fix for a regression introduced with the previous security fix for CVE-2011-1768 | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2303-2 CVE-2011-1020 CVE-2011-1576 CVE-2011-2484 CVE-2011-2491 CVE-2011-2492 CVE-2011-2495 CVE-2011-2496 CVE-2011-2497 CVE-2011-2517 CVE-2011-2525 CVE-2011-2700 CVE-2011-2723 CVE-2011-2905 CVE-2011-2909 CVE-2011-2918 CVE-2011-2928 CVE-2011-3188 CVE-2011-3191 CVE-2011-1768 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | linux-2.6 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:14986 | |||
| Oval ID: | oval:org.mitre.oval:def:14986 | ||
| Title: | USN-1274-1 -- Linux kernel (Marvell DOVE) vulnerabilities | ||
| Description: | linux-mvl-dove: Linux kernel for DOVE Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1274-1 CVE-2011-2491 CVE-2011-2496 CVE-2011-2517 CVE-2011-2525 | Version: | 5 |
| Platform(s): | Ubuntu 10.10 | Product(s): | Linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15037 | |||
| Oval ID: | oval:org.mitre.oval:def:15037 | ||
| Title: | USN-1281-1 -- Linux (OMAP4) vulnerabilities | ||
| Description: | linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1281-1 CVE-2011-2183 CVE-2011-2479 CVE-2011-2491 CVE-2011-2494 CVE-2011-2495 CVE-2011-2496 CVE-2011-2517 CVE-2011-2905 CVE-2011-2909 CVE-2011-3363 | Version: | 5 |
| Platform(s): | Ubuntu 11.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15043 | |||
| Oval ID: | oval:org.mitre.oval:def:15043 | ||
| Title: | USN-1280-1 -- Linux (OMAP4) vulnerabilities | ||
| Description: | linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1280-1 CVE-2011-1585 CVE-2011-2496 | Version: | 5 |
| Platform(s): | Ubuntu 10.10 | Product(s): | Linux |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:15056 | |||
| Oval ID: | oval:org.mitre.oval:def:15056 | ||
| Title: | USN-1278-1 -- Linux (Maverick backport) vulnerabilities | ||
| Description: | linux-lts-backport-maverick: Linux kernel backport from Maverick Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1278-1 CVE-2011-1585 CVE-2011-2183 CVE-2011-2491 CVE-2011-2496 CVE-2011-2517 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15251 | |||
| Oval ID: | oval:org.mitre.oval:def:15251 | ||
| Title: | USN-1279-1 -- Linux (Natty backport) vulnerabilities | ||
| Description: | linux-lts-backport-natty: Linux kernel backport from Natty Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1279-1 CVE-2011-2183 CVE-2011-2491 CVE-2011-2494 CVE-2011-2495 CVE-2011-2517 CVE-2011-2905 CVE-2011-2909 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:15448 | |||
| Oval ID: | oval:org.mitre.oval:def:15448 | ||
| Title: | USN-1205-1 -- Linux kernel (Maverick backport) vulnerabilities | ||
| Description: | linux-lts-backport-maverick: Linux kernel backport from Maverick Multiple kernel flaws have been fixed. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1205-1 CVE-2011-1020 CVE-2011-1493 CVE-2011-1770 CVE-2011-2484 CVE-2011-2492 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | Linux |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19309 | |||
| Oval ID: | oval:org.mitre.oval:def:19309 | ||
| Title: | CRITICAL PATCH UPDATE JULY 2012 | ||
| Description: | The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2699 | Version: | 3 |
| Platform(s): | Sun Solaris 10 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19627 | |||
| Oval ID: | oval:org.mitre.oval:def:19627 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1478 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19779 | |||
| Oval ID: | oval:org.mitre.oval:def:19779 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The add_del_listener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a crafted application. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2484 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20158 | |||
| Oval ID: | oval:org.mitre.oval:def:20158 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The div_long_long_rem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on the x86 platform allows local users to cause a denial of service (Divide Error Fault and panic) via a clock_gettime system call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-3209 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20192 | |||
| Oval ID: | oval:org.mitre.oval:def:20192 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2689 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20253 | |||
| Oval ID: | oval:org.mitre.oval:def:20253 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-3188 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20258 | |||
| Oval ID: | oval:org.mitre.oval:def:20258 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2495 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20305 | |||
| Oval ID: | oval:org.mitre.oval:def:20305 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attackers to cause a denial of service (OOPS) via crafted packet data. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1573 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20403 | |||
| Oval ID: | oval:org.mitre.oval:def:20403 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | The Network Lock Manager (NLM) protocol implementation in the NFS client functionality in the Linux kernel before 3.0 allows local users to cause a denial of service (system hang) via a LOCK_UN flock system call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2491 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20425 | |||
| Oval ID: | oval:org.mitre.oval:def:20425 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2492 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20485 | |||
| Oval ID: | oval:org.mitre.oval:def:20485 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1776 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20567 | |||
| Oval ID: | oval:org.mitre.oval:def:20567 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1080 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20573 | |||
| Oval ID: | oval:org.mitre.oval:def:20573 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1577 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20576 | |||
| Oval ID: | oval:org.mitre.oval:def:20576 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2517 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20613 | |||
| Oval ID: | oval:org.mitre.oval:def:20613 | ||
| Title: | VMware ESXi and ESX address several security issues | ||
| Description: | Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-3191 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20615 | |||
| Oval ID: | oval:org.mitre.oval:def:20615 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | The Generic Receive Offload (GRO) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5 and 2.6.32 on Red Hat Enterprise Linux 6, as used in Red Hat Enterprise Virtualization (RHEV) Hypervisor and other products, allows remote attackers to cause a denial of service via crafted VLAN packets that are processed by the napi_reuse_skb function, leading to (1) a memory leak or (2) memory corruption, a different vulnerability than CVE-2011-1478. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1576 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20617 | |||
| Oval ID: | oval:org.mitre.oval:def:20617 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service (system crash) by placing a referral at the root of a share. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-3363 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20640 | |||
| Oval ID: | oval:org.mitre.oval:def:20640 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and system crash), via a BNEPCONNADD command. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1079 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20664 | |||
| Oval ID: | oval:org.mitre.oval:def:20664 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1833 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20671 | |||
| Oval ID: | oval:org.mitre.oval:def:20671 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2525 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20672 | |||
| Oval ID: | oval:org.mitre.oval:def:20672 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2213 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20694 | |||
| Oval ID: | oval:org.mitre.oval:def:20694 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2496 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20695 | |||
| Oval ID: | oval:org.mitre.oval:def:20695 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCO_CONNINFO option. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1078 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20697 | |||
| Oval ID: | oval:org.mitre.oval:def:20697 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1093 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20720 | |||
| Oval ID: | oval:org.mitre.oval:def:20720 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-2699 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20728 | |||
| Oval ID: | oval:org.mitre.oval:def:20728 | ||
| Title: | VMware vSphere and vCOps updates to third party libraries | ||
| Description: | The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1020 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20777 | |||
| Oval ID: | oval:org.mitre.oval:def:20777 | ||
| Title: | USN-1242-1 -- linux-lts-backport-maverick vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1242-1 CVE-2010-4250 CVE-2011-1479 CVE-2011-2494 CVE-2011-2495 CVE-2011-2695 CVE-2011-2905 CVE-2011-2909 CVE-2011-3188 CVE-2011-3363 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-lts-backport-maverick |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20812 | |||
| Oval ID: | oval:org.mitre.oval:def:20812 | ||
| Title: | USN-1228-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1228-1 CVE-2011-1776 CVE-2011-2213 CVE-2011-2497 CVE-2011-2695 CVE-2011-2700 CVE-2011-2723 CVE-2011-2928 CVE-2011-3188 CVE-2011-3191 | Version: | 5 |
| Platform(s): | Ubuntu 11.04 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:20867 | |||
| Oval ID: | oval:org.mitre.oval:def:20867 | ||
| Title: | USN-1244-1 -- linux-ti-omap4 vulnerabilities | ||
| Description: | Several security issues were fixed in the kernel. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1244-1 CVE-2010-3873 CVE-2011-2183 CVE-2011-2491 CVE-2011-2494 CVE-2011-2495 CVE-2011-2517 CVE-2011-2695 CVE-2011-2905 CVE-2011-2909 CVE-2011-3363 | Version: | 5 |
| Platform(s): | Ubuntu 10.10 | Product(s): | linux-ti-omap4 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:21936 | |||
| Oval ID: | oval:org.mitre.oval:def:21936 | ||
| Title: | RHSA-2011:1065: Red Hat Enterprise Linux 5.7 kernel security and bug fix update (Important) | ||
| Description: | The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:1065-01 CESA-2011:1065 CVE-2011-1780 CVE-2011-2525 CVE-2011-2689 | Version: | 42 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27552 | |||
| Oval ID: | oval:org.mitre.oval:def:27552 | ||
| Title: | DEPRECATED: ELSA-2011-0836 -- kernel security and bug fix update (important) | ||
| Description: | [2.6.32-131.2.1.el6] - [kernel] lib/vsprintf.c: add %pU to print UUID/GUIDs (Frantisek Hrbata) [704280 700299] - [scsi] megaraid_sas: Driver only report tape drive, JBOD and logic drives (Tomas Henzl) [704601 619422] [2.6.32-131.1.1.el6] - [net] dccp: handle invalid feature options length (Jiri Pirko) [703012 703013] {CVE-2011-1770} - [fs] cifs: check for private_data before trying to put it (Jeff Layton) [703017 702642] {CVE-2011-1771} - [net] can: add missing socket check in can/raw and can/bcm release (Jiri Pirko) [698482 698483] {CVE-2011-1748 CVE-2011-1598} - [netdrv] ixgbe: do not clear FCoE DDP error status for received ABTS (Andy Gospodarek) [704011 695966] - [netdrv] ixgbe: DCB remove ixgbe_fcoe_getapp routine (Andy Gospodarek) [704002 694358] - [fs] setup_arg_pages: diagnose excessive argument size (Oleg Nesterov) [645228 645229] {CVE-2010-3858} - [scsi] bfa: change tech-preview to cover all cases (Rob Evers) [704014 703251] - [scsi] bfa: driver version update (Rob Evers) [704282 703265] - [scsi] bfa: kdump fix (Rob Evers) [704282 703265] - [scsi] bfa: firmware download fix (Rob Evers) [704282 703265] - [netdrv] bna: fix memory leak during RX path cleanup (Ivan Vecera) [704000 698625] - [netdrv] bna: fix for clean fw re-initialization (Ivan Vecera) [704000 698625] - [scsi] ipr: improve interrupt service routine performance (Steve Best) [704009 696754] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0836 CVE-2010-3858 CVE-2011-1598 CVE-2011-1748 CVE-2011-1770 CVE-2011-1771 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27734 | |||
| Oval ID: | oval:org.mitre.oval:def:27734 | ||
| Title: | DEPRECATED: ELSA-2011-0928 -- kernel security and bug fix update (moderate) | ||
| Description: | [2.6.32-131.6.1.el6] - [audit] ia32entry.S sign extend error codes when calling 64 bit code (Eric Paris) [713831 703935] - [audit] push audit success and retcode into arch ptrace.h (Eric Paris) [713831 703935] - [x86] intel-iommu: Flush unmaps at domain_exit (Alex Williamson) [713458 705441] - [x86] intel-iommu: Only unlink device domains from iommu (Alex Williamson) [713458 705441] - [virt] x86: Mask out unsupported CPUID features if running on xen (Igor Mammedov) [711546 703055] - [block] fix accounting bug on cross partition merges (Jerome Marchand) [682989 669363] - [net] vlan: remove multiqueue ability from vlan device (Neil Horman) [713494 703245] - [net] Fix netif_set_real_num_tx_queues (Neil Horman) [713492 702742] - [scsi] mpt2sas: move event handling of MPT2SAS_TURN_ON_FAULT_LED in process context (Tomas Henzl) [714190 701951] - [mm] thp: simple fix for /dev/zero THP mprotect bug (Andrea Arcangeli) [714762 690444] [2.6.32-131.5.1.el6] - [kernel] cgroupfs: use init_cred when populating new cgroupfs mount (Eric Paris) [713135 700538] - [netdrv] ixgbe: adding FdirMode module option (Andy Gospodarek) [711550 707287] - [crypto] testmgr: add xts-aes-256 self-test (Jarod Wilson) [711548 706167] - [fs] ext3: Fix lost extented attributes for inode with ino == 11 (Eric Sandeen) [712413 662666] - [mm] Prevent Disk IO throughput degradation due to memory allocation stalls (Larry Woodman) [711540 679526] - [net] sock: adjust prot->obj_size always (Jiri Pirko) [709381 704231] - [fs] GFS2: resource group bitmap corruption resulting in panics and withdraws (Robert S Peterson) [711528 702057] - [x86] kprobes: Disable irqs during optimized callback (Jiri Olsa) [711545 699865] - [mm] slab, kmemleak: pass the correct pointer to kmemleak_erase() (Steve Best) [712414 698023] - [net] fix netns vs proto registration ordering (Wade Mealing) [702305 702306] {CVE-2011-1767 CVE-2011-1768} - [ppc] Fix oops if scan_dispatch_log is called too early (Steve Best) [711524 696777] - [virt] i8259: initialize isr_ack (Avi Kivity) [711520 670765] - [virt] VMX: Save and restore tr selector across mode switches (Gleb Natapov) [711535 693894] - [virt] VMX: update live TR selector if it changes in real mode (Gleb Natapov) [711535 693894] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0928 CVE-2011-1767 CVE-2011-1768 CVE-2011-2479 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27865 | |||
| Oval ID: | oval:org.mitre.oval:def:27865 | ||
| Title: | DEPRECATED: ELSA-2011-0927 -- kernel security and bug fix update (important) | ||
| Description: | [2.6.18-238.19.1.0.1.el5] - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - bonding: reread information about speed and duplex when interface goes up (John Haxby) [orabug 11890822] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [nfs] too many getattr and access calls after direct I/O [orabug 9348191] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0927 CVE-2010-4649 CVE-2011-0695 CVE-2011-0711 CVE-2011-1044 CVE-2011-1182 CVE-2011-1573 CVE-2011-1576 CVE-2011-1593 CVE-2011-1745 CVE-2011-1746 CVE-2011-1776 CVE-2011-1936 CVE-2011-2022 CVE-2011-2213 CVE-2011-2492 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28004 | |||
| Oval ID: | oval:org.mitre.oval:def:28004 | ||
| Title: | ELSA-2011-2015 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update (important) | ||
| Description: | [2.6.32-100.28.15.el6] - sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set {CVE-2011-1573} - dccp: fix oops on Reset after close {CVE-2011-1093} - bridge: netfilter: fix information leak {CVE-2011-1080} - Bluetooth: bnep: fix buffer overflow {CVE-2011-1079} - net: don't allow CAP_NET_ADMIN to load non-netdev kernel modules {CVE-2011-1019} - ipip: add module alias for tunl0 tunnel device - gre: add module alias for gre0 tunnel device - drm/radeon/kms: check AA resolve registers on r300 {CVE-2011-1016} - drm/radeon: fix regression with AA resolve checking {CVE-2011-1016} - drm: fix unsigned vs signed comparison issue in modeset ctl ioctl {CVE-2011-1013} - proc: protect mm start_code/end_code in /proc/pid/stat {CVE-2011-0726} - ALSA: caiaq - Fix possible string-buffer overflow {CVE-2011-0712} - xfs: zero proper structure size for geometry calls {CVE-2011-0711} - xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1 {CVE-2011-0711} - ima: fix add LSM rule bug {CVE-2011-0006} - IB/uverbs: Handle large number of entries in poll CQ {CVE-2010-4649, CVE-2011-1044} - CAN: Use inode instead of kernel address for /proc file {CVE-2010-4565} [2.6.32-100.28.14.el6] - IB/qib: fix qib compile warning. - IB/core: Allow device-specific per-port sysfs files. - dm crypt: add plain64 iv. - firmware: add firmware for qib. - Infiniband: Add QLogic PCIe QLE InfiniBand host channel adapters support. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-2015 CVE-2010-4565 CVE-2010-4649 CVE-2011-0006 CVE-2011-0711 CVE-2011-0712 CVE-2011-0726 CVE-2011-1013 CVE-2011-1016 CVE-2011-1019 CVE-2011-1044 CVE-2011-1079 CVE-2011-1080 CVE-2011-1093 CVE-2011-1573 | Version: | 5 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel-uek ofa kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware kernel-uek-headers |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28005 | |||
| Oval ID: | oval:org.mitre.oval:def:28005 | ||
| Title: | ELSA-2011-2014 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update (important) | ||
| Description: | [2.6.32-100.28.11.el6] - fs/partitions: Validate map_count in Mac partition tables {CVE-2011-1010} - nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab (v3) {CVE-2011-1090} [2.6.32-100.28.10.el6] - Use cciss for some Smart Array controller for OL5 [orabug 11899706] - CVEs from RHSA-2011-0421 - install_special_mapping skips security_file_mmap check {CVE-2010-4346} - orinoco: fix TKIP countermeasure behaviour {CVE-2010-4648} - net: clear heap allocation for ethtool_get_regs() {CVE-2010-4655} - usb: iowarrior: don't trust report_size for buffer size {CVE-2010-4656} - [media] [v3,media] av7110: check for negative array offset {CVE-2011-0521} - RDMA/cma: Fix crash in request handlers {CVE-2011-0695} - IB/cm: Bump reference count on cm_id before invoking callback {CVE-2011-0695} - gro: reset skb_iif on reuse {CVE-2011-1478} | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-2014 CVE-2010-4346 CVE-2010-4648 CVE-2010-4655 CVE-2010-4656 CVE-2011-0521 CVE-2011-0695 CVE-2011-1010 CVE-2011-1090 CVE-2011-1478 | Version: | 5 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel-uek ofa kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware kernel-uek-headers |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28175 | |||
| Oval ID: | oval:org.mitre.oval:def:28175 | ||
| Title: | DEPRECATED: ELSA-2011-0429 -- kernel security and bug fix update (important) | ||
| Description: | [2.6.18-238.9.1.0.1.el5] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [nfs] too many getattr and access calls after direct I/O [orabug 9348191] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0429 CVE-2010-4346 CVE-2011-0521 CVE-2011-0710 CVE-2011-1010 CVE-2011-1090 CVE-2011-1478 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2013-09-18 | Name : Debian Security Advisory DSA 2389-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2389_1.nasl |
| 2013-09-18 | Name : Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial ... File : nvt/deb_2443_1.nasl |
| 2012-08-31 | Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries. File : nvt/gb_VMSA-2012-0013.nasl |
| 2012-08-17 | Name : CentOS Update for kernel CESA-2012:1156 centos6 File : nvt/gb_CESA-2012_1156_kernel_centos6.nasl |
| 2012-08-17 | Name : RedHat Update for kernel RHSA-2012:1156-01 File : nvt/gb_RHSA-2012_1156-01_kernel.nasl |
| 2012-08-02 | Name : SuSE Update for kernel openSUSE-SU-2012:0206-1 (kernel) File : nvt/gb_suse_2012_0206_1.nasl |
| 2012-08-02 | Name : SuSE Update for kernel openSUSE-SU-2012:0236-1 (kernel) File : nvt/gb_suse_2012_0236_1.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0429 centos5 x86_64 File : nvt/gb_CESA-2011_0429_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0833 centos5 x86_64 File : nvt/gb_CESA-2011_0833_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0927 centos5 x86_64 File : nvt/gb_CESA-2011_0927_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:1065 centos5 x86_64 File : nvt/gb_CESA-2011_1065_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:1212 centos5 x86_64 File : nvt/gb_CESA-2011_1212_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for ecryptfs-utils-75-5.el5_ CESA-2011:1241 centos5 x86_64 File : nvt/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64 File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:1479 centos5 x86_64 File : nvt/gb_CESA-2011_1479_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2012:0007 centos5 File : nvt/gb_CESA-2012_0007_kernel_centos5.nasl |
| 2012-07-09 | Name : RedHat Update for kernel RHSA-2011:1189-01 File : nvt/gb_RHSA-2011_1189-01_kernel.nasl |
| 2012-07-09 | Name : RedHat Update for kernel RHSA-2011:1350-01 File : nvt/gb_RHSA-2011_1350-01_kernel.nasl |
| 2012-07-09 | Name : RedHat Update for kernel RHSA-2011:1465-01 File : nvt/gb_RHSA-2011_1465-01_kernel.nasl |
| 2012-07-09 | Name : RedHat Update for Red Hat Enterprise Linux 6 kernel RHSA-2011:1530-03 File : nvt/gb_RHSA-2011_1530-03_Red_Hat_Enterprise_Linux_6_kernel.nasl |
| 2012-06-25 | Name : Fedora Update for kernel FEDORA-2012-8931 File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl |
| 2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0421-01 File : nvt/gb_RHSA-2011_0421-01_kernel.nasl |
| 2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0498-01 File : nvt/gb_RHSA-2011_0498-01_kernel.nasl |
| 2012-06-06 | Name : RedHat Update for Red Hat Enterprise Linux 6.1 kernel RHSA-2011:0542-01 File : nvt/gb_RHSA-2011_0542-01_Red_Hat_Enterprise_Linux_6.1_kernel.nasl |
| 2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0836-01 File : nvt/gb_RHSA-2011_0836-01_kernel.nasl |
| 2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0928-01 File : nvt/gb_RHSA-2011_0928-01_kernel.nasl |
| 2012-05-17 | Name : Fedora Update for kernel FEDORA-2012-7594 File : nvt/gb_fedora_2012_7594_kernel_fc15.nasl |
| 2012-04-26 | Name : Fedora Update for kernel FEDORA-2012-6406 File : nvt/gb_fedora_2012_6406_kernel_fc15.nasl |
| 2012-04-02 | Name : VMSA-2012-0006 VMware ESXi and ESX address several security issues File : nvt/gb_VMSA-2012-0006.nasl |
| 2012-04-02 | Name : Fedora Update for kernel FEDORA-2011-12823 File : nvt/gb_fedora_2011_12823_kernel_fc16.nasl |
| 2012-03-29 | Name : Fedora Update for kernel FEDORA-2012-3715 File : nvt/gb_fedora_2012_3715_kernel_fc15.nasl |
| 2012-03-19 | Name : Fedora Update for ecryptfs-utils FEDORA-2011-10671 File : nvt/gb_fedora_2011_10671_ecryptfs-utils_fc16.nasl |
| 2012-03-16 | Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX... File : nvt/gb_VMSA-2011-0012.nasl |
| 2012-03-16 | Name : Fedora Update for kernel FEDORA-2012-3356 File : nvt/gb_fedora_2012_3356_kernel_fc15.nasl |
| 2012-03-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1260-1 File : nvt/gb_ubuntu_USN_1260_1.nasl |
| 2012-03-16 | Name : Ubuntu Update for linux USN-1275-1 File : nvt/gb_ubuntu_USN_1275_1.nasl |
| 2012-03-15 | Name : VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Ser... File : nvt/gb_VMSA-2012-0001.nasl |
| 2012-03-09 | Name : Ubuntu Update for linux-ti-omap4 USN-1394-1 File : nvt/gb_ubuntu_USN_1394_1.nasl |
| 2012-03-07 | Name : Fedora Update for kernel FEDORA-2012-2753 File : nvt/gb_fedora_2012_2753_kernel_fc15.nasl |
| 2012-02-13 | Name : Fedora Update for kernel FEDORA-2012-1503 File : nvt/gb_fedora_2012_1503_kernel_fc15.nasl |
| 2012-01-25 | Name : Fedora Update for kernel FEDORA-2012-0861 File : nvt/gb_fedora_2012_0861_kernel_fc15.nasl |
| 2012-01-16 | Name : Fedora Update for kernel FEDORA-2012-0492 File : nvt/gb_fedora_2012_0492_kernel_fc15.nasl |
| 2012-01-13 | Name : RedHat Update for kernel RHSA-2012:0007-01 File : nvt/gb_RHSA-2012_0007-01_kernel.nasl |
| 2011-12-12 | Name : Fedora Update for kernel FEDORA-2011-16621 File : nvt/gb_fedora_2011_16621_kernel_fc15.nasl |
| 2011-12-09 | Name : Ubuntu Update for linux-lts-backport-oneiric USN-1294-1 File : nvt/gb_ubuntu_USN_1294_1.nasl |
| 2011-12-05 | Name : Ubuntu Update for linux USN-1286-1 File : nvt/gb_ubuntu_USN_1286_1.nasl |
| 2011-12-02 | Name : CentOS Update for kernel CESA-2011:1479 centos5 i386 File : nvt/gb_CESA-2011_1479_kernel_centos5_i386.nasl |
| 2011-12-02 | Name : RedHat Update for kernel RHSA-2011:1479-01 File : nvt/gb_RHSA-2011_1479-01_kernel.nasl |
| 2011-12-02 | Name : Fedora Update for kernel FEDORA-2011-16346 File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl |
| 2011-12-02 | Name : Ubuntu Update for linux USN-1285-1 File : nvt/gb_ubuntu_USN_1285_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux USN-1268-1 File : nvt/gb_ubuntu_USN_1268_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux-ec2 USN-1269-1 File : nvt/gb_ubuntu_USN_1269_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux-fsl-imx51 USN-1271-1 File : nvt/gb_ubuntu_USN_1271_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux USN-1272-1 File : nvt/gb_ubuntu_USN_1272_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux-mvl-dove USN-1274-1 File : nvt/gb_ubuntu_USN_1274_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1278-1 File : nvt/gb_ubuntu_USN_1278_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux-lts-backport-natty USN-1279-1 File : nvt/gb_ubuntu_USN_1279_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux-ti-omap4 USN-1280-1 File : nvt/gb_ubuntu_USN_1280_1.nasl |
| 2011-11-25 | Name : Ubuntu Update for linux-ti-omap4 USN-1281-1 File : nvt/gb_ubuntu_USN_1281_1.nasl |
| 2011-11-18 | Name : Fedora Update for kernel FEDORA-2011-15856 File : nvt/gb_fedora_2011_15856_kernel_fc15.nasl |
| 2011-11-11 | Name : Ubuntu Update for linux USN-1253-1 File : nvt/gb_ubuntu_USN_1253_1.nasl |
| 2011-11-11 | Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1 File : nvt/gb_ubuntu_USN_1256_1.nasl |
| 2011-11-08 | Name : Fedora Update for kernel FEDORA-2011-15241 File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl |
| 2011-10-31 | Name : Fedora Update for kernel FEDORA-2011-14747 File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-ec2 USN-1239-1 File : nvt/gb_ubuntu_USN_1239_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-mvl-dove USN-1240-1 File : nvt/gb_ubuntu_USN_1240_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-fsl-imx51 USN-1241-1 File : nvt/gb_ubuntu_USN_1241_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1242-1 File : nvt/gb_ubuntu_USN_1242_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux USN-1243-1 File : nvt/gb_ubuntu_USN_1243_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-ti-omap4 USN-1244-1 File : nvt/gb_ubuntu_USN_1244_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-mvl-dove USN-1245-1 File : nvt/gb_ubuntu_USN_1245_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux USN-1246-1 File : nvt/gb_ubuntu_USN_1246_1.nasl |
| 2011-10-21 | Name : CentOS Update for kernel CESA-2011:1386 centos5 i386 File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl |
| 2011-10-21 | Name : RedHat Update for kernel RHSA-2011:1386-01 File : nvt/gb_RHSA-2011_1386-01_kernel.nasl |
| 2011-10-21 | Name : Ubuntu Update for linux USN-1236-1 File : nvt/gb_ubuntu_USN_1236_1.nasl |
| 2011-10-14 | Name : Ubuntu Update for linux USN-1227-1 File : nvt/gb_ubuntu_USN_1227_1.nasl |
| 2011-10-14 | Name : Ubuntu Update for linux-ti-omap4 USN-1228-1 File : nvt/gb_ubuntu_USN_1228_1.nasl |
| 2011-10-10 | Name : Fedora Update for kernel FEDORA-2011-12874 File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl |
| 2011-10-10 | Name : Fedora Update for kernel FEDORA-2011-13809 File : nvt/gb_fedora_2011_13809_kernel_fc15.nasl |
| 2011-10-10 | Name : Ubuntu Update for linux USN-1225-1 File : nvt/gb_ubuntu_USN_1225_1.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux-ec2 USN-1216-1 File : nvt/gb_ubuntu_USN_1216_1.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux USN-1218-1 File : nvt/gb_ubuntu_USN_1218_1.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1219-1 File : nvt/gb_ubuntu_USN_1219_1.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux-ti-omap4 USN-1220-1 File : nvt/gb_ubuntu_USN_1220_1.nasl |
| 2011-09-23 | Name : CentOS Update for kernel CESA-2011:1065 centos5 i386 File : nvt/gb_CESA-2011_1065_kernel_centos5_i386.nasl |
| 2011-09-23 | Name : CentOS Update for kernel CESA-2011:1212 centos5 i386 File : nvt/gb_CESA-2011_1212_kernel_centos5_i386.nasl |
| 2011-09-23 | Name : CentOS Update for ecryptfs-utils-75-5.el5_ CESA-2011:1241 centos5 i386 File : nvt/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_i386.nasl |
| 2011-09-23 | Name : RedHat Update for kernel RHSA-2011:1321-01 File : nvt/gb_RHSA-2011_1321-01_kernel.nasl |
| 2011-09-23 | Name : Ubuntu Update for linux USN-1211-1 File : nvt/gb_ubuntu_USN_1211_1.nasl |
| 2011-09-23 | Name : Ubuntu Update for linux-ti-omap4 USN-1212-1 File : nvt/gb_ubuntu_USN_1212_1.nasl |
| 2011-09-16 | Name : Fedora Update for ecryptfs-utils FEDORA-2011-11936 File : nvt/gb_fedora_2011_11936_ecryptfs-utils_fc15.nasl |
| 2011-09-16 | Name : Fedora Update for ecryptfs-utils FEDORA-2011-11979 File : nvt/gb_fedora_2011_11979_ecryptfs-utils_fc14.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux USN-1201-1 File : nvt/gb_ubuntu_USN_1201_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1202-1 File : nvt/gb_ubuntu_USN_1202_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-mvl-dove USN-1203-1 File : nvt/gb_ubuntu_USN_1203_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1 File : nvt/gb_ubuntu_USN_1204_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1205-1 File : nvt/gb_ubuntu_USN_1205_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-mvl-dove USN-1208-1 File : nvt/gb_ubuntu_USN_1208_1.nasl |
| 2011-09-12 | Name : RedHat Update for kernel RHSA-2011:1212-01 File : nvt/gb_RHSA-2011_1212-01_kernel.nasl |
| 2011-09-07 | Name : RedHat Update for ecryptfs-utils RHSA-2011:1241-01 File : nvt/gb_RHSA-2011_1241-01_ecryptfs-utils.nasl |
| 2011-09-07 | Name : Fedora Update for ecryptfs-utils FEDORA-2011-10718 File : nvt/gb_fedora_2011_10718_ecryptfs-utils_fc14.nasl |
| 2011-09-07 | Name : Fedora Update for ecryptfs-utils FEDORA-2011-10733 File : nvt/gb_fedora_2011_10733_ecryptfs-utils_fc15.nasl |
| 2011-08-27 | Name : Fedora Update for kernel FEDORA-2011-11103 File : nvt/gb_fedora_2011_11103_kernel_fc14.nasl |
| 2011-08-24 | Name : Ubuntu Update for linux USN-1189-1 File : nvt/gb_ubuntu_USN_1189_1.nasl |
| 2011-08-24 | Name : Ubuntu Update for linux USN-1193-1 File : nvt/gb_ubuntu_USN_1193_1.nasl |
| 2011-08-19 | Name : RedHat Update for kernel RHSA-2011:1163-01 File : nvt/gb_RHSA-2011_1163-01_kernel.nasl |
| 2011-08-19 | Name : Fedora Update for kernel FEDORA-2011-11019 File : nvt/gb_fedora_2011_11019_kernel_fc15.nasl |
| 2011-08-12 | Name : Ubuntu Update for linux USN-1183-1 File : nvt/gb_ubuntu_USN_1183_1.nasl |
| 2011-08-12 | Name : Ubuntu Update for linux USN-1186-1 File : nvt/gb_ubuntu_USN_1186_1.nasl |
| 2011-08-12 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1 File : nvt/gb_ubuntu_USN_1187_1.nasl |
| 2011-08-12 | Name : Ubuntu Update for ecryptfs-utils USN-1188-1 File : nvt/gb_ubuntu_USN_1188_1.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2011:0429 centos5 i386 File : nvt/gb_CESA-2011_0429_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2011:0833 centos5 i386 File : nvt/gb_CESA-2011_0833_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2011:0927 centos5 i386 File : nvt/gb_CESA-2011_0927_kernel_centos5_i386.nasl |
| 2011-08-03 | Name : Debian Security Advisory DSA 2264-1 (linux-2.6) File : nvt/deb_2264_1.nasl |
| 2011-07-22 | Name : RedHat Update for Red Hat Enterprise Linux 5.7 kernel RHSA-2011:1065-01 File : nvt/gb_RHSA-2011_1065-01_Red_Hat_Enterprise_Linux_5.7_kernel.nasl |
| 2011-07-18 | Name : RedHat Update for kernel RHSA-2011:0927-01 File : nvt/gb_RHSA-2011_0927-01_kernel.nasl |
| 2011-07-18 | Name : Fedora Update for kernel FEDORA-2011-9130 File : nvt/gb_fedora_2011_9130_kernel_fc15.nasl |
| 2011-07-18 | Name : Ubuntu Update for linux USN-1170-1 File : nvt/gb_ubuntu_USN_1170_1.nasl |
| 2011-07-12 | Name : Fedora Update for kernel FEDORA-2011-7823 File : nvt/gb_fedora_2011_7823_kernel_fc15.nasl |
| 2011-06-24 | Name : Fedora Update for kernel FEDORA-2011-6447 File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl |
| 2011-06-06 | Name : RedHat Update for kernel RHSA-2011:0833-01 File : nvt/gb_RHSA-2011_0833-01_kernel.nasl |
| 2011-05-17 | Name : Fedora Update for kernel FEDORA-2011-6541 File : nvt/gb_fedora_2011_6541_kernel_fc14.nasl |
| 2011-05-06 | Name : SuSE Update for kernel SUSE-SA:2011:020 File : nvt/gb_suse_2011_020.nasl |
| 2011-04-22 | Name : SuSE Update for kernel SUSE-SA:2011:017 File : nvt/gb_suse_2011_017.nasl |
| 2011-04-19 | Name : RedHat Update for kernel RHSA-2011:0429-01 File : nvt/gb_RHSA-2011_0429-01_kernel.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 77684 | Linux Kernel OMAP4 Bridge Networking Interface Network Packet Parsing Remote DoS |
| 77355 | Linux Kernel clock_gettime() Call Parsing Local DoS |
| 76796 | Linux Kernel taskstats Access Restriction Weakness Local Information Disclosure |
| 75716 | Linux Kernel Sequence Number Generation Weakness Remote Packet Injection |
| 75580 | Linux Kernel CIFS Share Mounting DIFS Referral BUG_ON() Remote DoS |
| 74910 | Linux Kernel fs/cifs/cifssmb.c CIFSFindNext() Function Signedness Error CIFS ... |
| 74882 | Linux Kernel comedi Driver Unspecified Local Information Disclosure |
| 74881 | Linux Kernel si4713-i2c si4713_write_econtrol_string Function Radio Driver Lo... |
| 74879 | Red Hat ecryptfs-utils mount.ecryptfs_private Arbitrary Directory Mount Local... |
| 74823 | Linux Kernel fs/befs/linuxvfs.c befs_follow_link Function Be Filesystem Symli... |
| 74680 | Linux Kernel KSM Implementation ksmd / Exiting Task Race Condition |
| 74679 | Linux Kernel Bluetooth net/bluetooth/l2cap_core.c l2cap_config_req Function O... |
| 74678 | Linux Kernel IPv6 Fragment Identification Prediction Weakness |
| 74677 | Linux Kernel Malformed EXT4 Filesystem Mounting Local DoS |
| 74676 | Linux Kernel /proc/PID/io Interface Cross Session User Information Disclosure |
| 74661 | Linux Kernel mount.cifs Password Protected Mounted CIFS Share Hijacking Weakness |
| 74660 | Linux Kernel NFS Server File Locking Local DoS |
| 74659 | Linux Kernel mremap() Wrapping Condition Weakness |
| 74658 | Linux Kernel trigger_scan / sched_scan SSID Length Handling Bypass |
| 74657 | Linux Kernel Packet Scheduler API Implementation tc_fill_qdisc() Function NUL... |
| 74655 | Linux Kernel napi_reuse_skb() Function Crafted VLAN Packet Handling Remote DoS |
| 74654 | Linux Kernel EFI GUID Partition Table (GPT) Implementation Crafted Partition ... |
| 74653 | Linux Kernel net/ipv4/inet_diag.c inet_diag_bc_audit() Function Local DoS |
| 74652 | Linux Kernel ip_gre Module ipgre_init() Function Namespaces Setup Race Condit... |
| 74651 | Linux Kernel ipip Module ipip_init() Function Namespaces Setup Race Condition... |
| 74650 | Linux Kernel sco_sock_getsockopt() Function Local Memory Disclosure |
| 74645 | Linux Kernel Common Internet File System (CIFS) Implementation cifs_close() F... |
| 74644 | Linux Kernel inotify_init() System Call Group Leak Exhaustion Local DoS |
| 74642 | Linux Kernel do_replace() Function CAP_NET_ADMIN Capability Local Information... |
| 74640 | Linux Kernel TPM Devices Arbitrary Kernel Memory Disclosure |
| 74639 | Linux Kernel IrDA Module Peer name / attribute Handling Local Memory Corruption |
| 74636 | Linux Kernel FAC_NATIONAL_DIGIS digipeater Handling Remote Heap Corruption |
| 74635 | Linux Kernel AARESOLVE_OFFSET Memory Overwrite Local Privilege Escalation |
| 74634 | Linux Kernel perf Configuration Loading Path Subversion Local Privilege Escal... |
| 74633 | Linux Kernel inotify_init1() Double-free Local DoS |
| 74624 | Linux Kernel Event Overflows Local DoS |
| 74138 | Linux Kernel GRO include/linux/netdevice.h skb_gro_header_slow() Function Rem... |
| 74123 | Linux Kernel ext4 Subsystem Extent Format Sparse File Off-by-one Local DoS |
| 73882 | Linux Kernel DCCP net/dccp/input.c dccp_rcv_state_process Function CLOSED End... |
| 73802 | Linux Kernel fs/gfs2/file.c GFS2 gfs2_fallocate() Function Local DoS |
| 73460 | Linux Kernel Bluetooth net/bluetooth/rfcomm/sock.c rfcomm_sock_getsockopt_old... |
| 73459 | Linux Kernel Bluetooth net/bluetooth/l2cap_sock.c l2cap_sock_getsockopt_old()... |
| 73451 | Linux Kernel kernel/taskstats.c add_del_listener Function Exit Handler Regist... |
| 73237 | Linux Kernel mm/huge_memory.c Transparent Hugepage (THP) MADV_HUGEPAGE DoS |
| 73054 | Linux Kernel drivers/net/bonding/bond_main.c bond_select_queue Function Recei... |
| 73049 | Linux Kernel fs/partitions/efi.c is_gpt_valid Function EFI GUID Partition Tab... |
| 71656 | Linux Kernel net/bluetooth/bnep/sock.c bnep_sock_ioctl() System Information L... |
| 71604 | Linux Kernel Generic Receive Offload (GRO) Functionality Malformed VLAN Frame... |
| 71271 | Linux Kernel /proc/<pid>/ Weak Permissions Issue Linux Kernel contains a flaw related to the proc filesystem implementation failing to properly restrict access to the '/proc/<pid>/' directory during execution of a SUID program. This may allow a local attacker to cause a denial of service or obtain sensitive information. |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2012-09-27 | IAVM : 2012-A-0153 - Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity : Category I - VMSKEY : V0033884 |
| 2012-09-13 | IAVM : 2012-A-0148 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0033794 |
| 2012-08-16 | IAVM : 2012-A-0136 - Multiple Vulnerabilities in Juniper Network Management Products Severity : Category I - VMSKEY : V0033662 |
| 2012-05-03 | IAVM : 2012-A-0073 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0032171 |
| 2012-04-12 | IAVM : 2012-A-0056 - Multiple Vulnerabilities in VMWare ESX 4.0 and ESXi 4.0 Severity : Category I - VMSKEY : V0031979 |
| 2012-02-02 | IAVM : 2012-A-0020 - Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity : Category I - VMSKEY : V0031252 |
| 2011-10-27 | IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi Severity : Category I - VMSKEY : V0030545 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-03-03 | Name : The remote VMware ESXi / ESX host is missing a security-related patch. File : vmware_VMSA-2012-0001_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-03-03 | Name : The remote VMware ESXi / ESX host is missing a security-related patch. File : vmware_VMSA-2012-0006_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-03-03 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2012-0008_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-02-29 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2012-0013_remote.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1391-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0536-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0812-1.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0439.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1090.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1408.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2012-1200.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15301.nasl - Type : ACT_GATHER_INFO |
| 2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1253.nasl - Type : ACT_GATHER_INFO |
| 2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0010.nasl - Type : ACT_GATHER_INFO |
| 2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0333.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_ecryptfs-utils-110811.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-110726.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-111026.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-120104.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_ecryptfs-utils-110811.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-110426.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-110726.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-111026.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-120104.nasl - Type : ACT_GATHER_INFO |
| 2013-09-13 | Name : The remote host has a predictable TCP sequence number generator. File : juniper_nsm_psn_2012_08_688.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-16.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-26.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0421.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0498.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0833.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0836.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0927.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0928.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1189.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1212.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1241.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1350.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1386.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1465.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1479.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2014.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2015.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2021.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2024.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2025.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2029.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2033.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2037.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2038.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0007.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1156.nasl - Type : ACT_GATHER_INFO |
| 2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO |
| 2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1479.nasl - Type : ACT_GATHER_INFO |
| 2013-03-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1106.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1163.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1321.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1418.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1419.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1813.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0116.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0358.nasl - Type : ACT_GATHER_INFO |
| 2012-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-8324.nasl - Type : ACT_GATHER_INFO |
| 2012-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-8325.nasl - Type : ACT_GATHER_INFO |
| 2012-08-31 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0013.nasl - Type : ACT_GATHER_INFO |
| 2012-08-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1156.nasl - Type : ACT_GATHER_INFO |
| 2012-08-16 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120814_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1156.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110407_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110412_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110510_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110519_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110531_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110712_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110715_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110823_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110831_ecryptfs_utils_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110906_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111005_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111020_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111122_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111129_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111206_Scientific_Linux_6_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120110_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-06-15 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-8161.nasl - Type : ACT_GATHER_INFO |
| 2012-06-15 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-8162.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7515.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7665.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7729.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7811.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7915.nasl - Type : ACT_GATHER_INFO |
| 2012-04-28 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2012-0008.nasl - Type : ACT_GATHER_INFO |
| 2012-04-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120418.nasl - Type : ACT_GATHER_INFO |
| 2012-03-30 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0006.nasl - Type : ACT_GATHER_INFO |
| 2012-03-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2443.nasl - Type : ACT_GATHER_INFO |
| 2012-03-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1394-1.nasl - Type : ACT_GATHER_INFO |
| 2012-02-07 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120129.nasl - Type : ACT_GATHER_INFO |
| 2012-02-07 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-120130.nasl - Type : ACT_GATHER_INFO |
| 2012-01-31 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0001.nasl - Type : ACT_GATHER_INFO |
| 2012-01-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7918.nasl - Type : ACT_GATHER_INFO |
| 2012-01-18 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2389.nasl - Type : ACT_GATHER_INFO |
| 2012-01-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0007.nasl - Type : ACT_GATHER_INFO |
| 2012-01-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0007.nasl - Type : ACT_GATHER_INFO |
| 2011-12-14 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-111202.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110823.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110824.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110930.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_perf-111111.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7516.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7666.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7812.nasl - Type : ACT_GATHER_INFO |
| 2011-12-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1294-1.nasl - Type : ACT_GATHER_INFO |
| 2011-12-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1530.nasl - Type : ACT_GATHER_INFO |
| 2011-12-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1286-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1479.nasl - Type : ACT_GATHER_INFO |
| 2011-11-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1285-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-29 | Name : The remote Fedora host is missing a security update. File : fedora_2011-16346.nasl - Type : ACT_GATHER_INFO |
| 2011-11-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1269-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1278-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1279-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1280-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1281-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1465.nasl - Type : ACT_GATHER_INFO |
| 2011-11-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1268-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1271-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1272-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-22 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1274-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1275-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1260-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1256-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1253-1.nasl - Type : ACT_GATHER_INFO |
| 2011-11-07 | Name : The remote Fedora host is missing a security update. File : fedora_2011-15241.nasl - Type : ACT_GATHER_INFO |
| 2011-10-31 | Name : The remote Fedora host is missing a security update. File : fedora_2011-14747.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1239-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1240-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1241-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1242-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1243-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1244-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1245-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1246-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7734.nasl - Type : ACT_GATHER_INFO |
| 2011-10-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO |
| 2011-10-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO |
| 2011-10-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1236-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO |
| 2011-10-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1228-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1227-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-10 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12874.nasl - Type : ACT_GATHER_INFO |
| 2011-10-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1350.nasl - Type : ACT_GATHER_INFO |
| 2011-10-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1225-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1218-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1219-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1220-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1216-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2310.nasl - Type : ACT_GATHER_INFO |
| 2011-09-26 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12823.nasl - Type : ACT_GATHER_INFO |
| 2011-09-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1065.nasl - Type : ACT_GATHER_INFO |
| 2011-09-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1212.nasl - Type : ACT_GATHER_INFO |
| 2011-09-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1241.nasl - Type : ACT_GATHER_INFO |
| 2011-09-23 | Name : It may be possible to predict TCP/IP Initial Sequence Numbers for the remote ... File : linux_isn.nasl - Type : ACT_GATHER_INFO |
| 2011-09-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1211-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1212-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-15 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1208-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1201-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1203-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1205-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2303.nasl - Type : ACT_GATHER_INFO |
| 2011-09-07 | Name : The remote Fedora host is missing a security update. File : fedora_2011-10671.nasl - Type : ACT_GATHER_INFO |
| 2011-09-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1212.nasl - Type : ACT_GATHER_INFO |
| 2011-09-06 | Name : The remote Fedora host is missing a security update. File : fedora_2011-10718.nasl - Type : ACT_GATHER_INFO |
| 2011-09-06 | Name : The remote Fedora host is missing a security update. File : fedora_2011-10733.nasl - Type : ACT_GATHER_INFO |
| 2011-09-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1241.nasl - Type : ACT_GATHER_INFO |
| 2011-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1189.nasl - Type : ACT_GATHER_INFO |
| 2011-08-23 | Name : The remote Fedora host is missing a security update. File : fedora_2011-11103.nasl - Type : ACT_GATHER_INFO |
| 2011-08-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1189-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1193-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-11019.nasl - Type : ACT_GATHER_INFO |
| 2011-08-12 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_ecryptfs-utils-110804.nasl - Type : ACT_GATHER_INFO |
| 2011-08-10 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1188-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1186-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1183-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110718.nasl - Type : ACT_GATHER_INFO |
| 2011-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1065.nasl - Type : ACT_GATHER_INFO |
| 2011-07-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO |
| 2011-07-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1168-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1170-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO |
| 2011-07-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1159-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1161-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-13 | Name : The remote Fedora host is missing a security update. File : fedora_2011-9130.nasl - Type : ACT_GATHER_INFO |
| 2011-07-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0928.nasl - Type : ACT_GATHER_INFO |
| 2011-07-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1162-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-30 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7568.nasl - Type : ACT_GATHER_INFO |
| 2011-06-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1160-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-22 | Name : The remote Fedora host is missing a security update. File : fedora_2011-6447.nasl - Type : ACT_GATHER_INFO |
| 2011-06-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2264.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1141-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2240.nasl - Type : ACT_GATHER_INFO |
| 2011-06-07 | Name : The remote Fedora host is missing a security update. File : fedora_2011-7823.nasl - Type : ACT_GATHER_INFO |
| 2011-06-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0836.nasl - Type : ACT_GATHER_INFO |
| 2011-06-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO |
| 2011-05-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0542.nasl - Type : ACT_GATHER_INFO |
| 2011-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0498.nasl - Type : ACT_GATHER_INFO |
| 2011-05-10 | Name : The remote Fedora host is missing a security update. File : fedora_2011-6541.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO |
| 2011-04-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110414.nasl - Type : ACT_GATHER_INFO |
| 2011-04-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110415.nasl - Type : ACT_GATHER_INFO |
| 2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
| 2011-04-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
| 2011-04-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0421.nasl - Type : ACT_GATHER_INFO |
| 2011-03-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1081-1.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:59:13 |
|
| 2014-02-15 17:22:01 |
|
| 2013-06-08 17:22:58 |
|
| 2013-03-01 17:20:45 |
|
