oval:org.mitre.oval:def:7921

Definition Id: oval:org.mitre.oval:def:7921

Oval ID:	oval:org.mitre.oval:def:7921
Title:	DSA-1653 linux-2.6 -- denial of service/privilege escalation
Description:	Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: Joe Jin reported a local denial of service vulnerability that allows system users to trigger an oops due to an improperly initialised data structure. Jan Kratochvil reported a local denial of service vulnerability in the ptrace interface for the s390 architecture. Local users can trigger an invalid pointer dereference, leading to a system panic. Eugene Teo reported an integer overflow in the DCCP subsystem that may allow remote attackers to cause a denial of service in the form of a kernel panic. Eugene Teo reported a lack of capability checks in the kernel driver for Granch SBNI12 leased line adapters (sbni), allowing local users to perform privileged operations. The S_ISUID/S_ISGID bits were not being cleared during an inode splice, which, under certain conditions, can be exploited by local users to obtain the privileges of a group for which they are not a member. Mark Fasheh reported this issue. David Watson reported an issue in the open()/creat() system calls which, under certain conditions, can be exploited by local users to obtain the privileges of a group for which they are not a member. A coding error in the splice subsystem allows local users to attempt to unlock a page structure that has not been locked, resulting in a system crash.
Family:	unix	Class:	patch
Reference(s):	DSA-1653 CVE-2007-6716 CVE-2008-1514 CVE-2008-3276 CVE-2008-3525 CVE-2008-3833 CVE-2008-4210 CVE-2008-4302	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	linux-2.6
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Architecture section Architecture independent section Installed architecture is all AND Packages section linux-support-2.6.18-6 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-patch-debian-2.6.18 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-source-2.6.18 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-manual-2.6.18 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-tree-2.6.18 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-doc-2.6.18 is earlier than 2.6.18.dfsg.1-22etch3 OR Architecture dependent section Installed architecture is s390 AND Packages section linux-headers-2.6.18-6-vserver-s390x is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-s390 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-all is earlier than 2.6.18.dfsg.1-22etch3 AND linux-image-2.6.18-6-s390x is earlier than 2.6.18.dfsg.1-22etch3 AND linux-image-2.6.18-6-vserver-s390x is earlier than 2.6.18.dfsg.1-22etch3 AND linux-image-2.6.18-6-s390-tape is earlier than 2.6.18.dfsg.1-22etch3 AND linux-image-2.6.18-6-s390 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-vserver is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-all-s390 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-s390x is earlier than 2.6.18.dfsg.1-22etch3 OR Architecture dependent section Installed architecture is amd64 AND Packages section linux-image-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-22etch3 AND fai-kernels is earlier than 1.17+etch.22etch3 AND linux-headers-2.6.18-6-all is earlier than 2.6.18.dfsg.1-22etch3 AND xen-linux-system-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-image-2.6.18-6-amd64 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-image-2.6.18-6-vserver-amd64 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-image-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-22etch3 AND xen-linux-system-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-amd64 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-xen is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-modules-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-vserver-amd64 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-all-amd64 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-vserver is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-xen-vserver is earlier than 2.6.18.dfsg.1-22etch3 AND linux-modules-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-22etch3 OR Supported platform section Installed architecture is hppa AND Packages section linux-headers-2.6.18-6-all is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-parisc64 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-image-2.6.18-6-parisc64-smp is earlier than 2.6.18.dfsg.1-22etch3 AND linux-image-2.6.18-6-parisc is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-parisc is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-all-hppa is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-parisc-smp is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6-parisc64-smp is earlier than 2.6.18.dfsg.1-22etch3 AND linux-headers-2.6.18-6 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-image-2.6.18-6-parisc64 is earlier than 2.6.18.dfsg.1-22etch3 AND linux-image-2.6.18-6-parisc-smp is earlier than 2.6.18.dfsg.1-22etch3

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:7921

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0350s

Facebook rss twitter linkedin mail