Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2009:289 | First vendor Publication | 2009-10-27 |
Vendor | Mandriva | Last vendor Modification | 2009-10-27 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to (1) conduct NULL pointer dereference attacks, (2) bypass the mmap_min_addr protection mechanism, or (3) defeat address space layout randomization (ASLR). (CVE-2009-1895) Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size. (CVE-2009-2406) Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to a large encrypted key size in a Tag 3 packet. (CVE-2009-2407) The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a negative dentry and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount. (CVE-2009-2908) The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions before 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (guest kernel crash) and read or write guest kernel memory via unspecified random addresses. (CVE-2009-3290) Additionaly, it includes the fixes from the stable kernel version 2.6.27.37. It also fixes also fixes IBM x3650 M2 hanging when using both network interfaces and Wake on Lan problems on r8169. For details, check the package changelog. To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2009:289 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
25 % | CWE-399 | Resource Management Errors |
25 % | CWE-16 | Configuration |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10072 | |||
Oval ID: | oval:org.mitre.oval:def:10072 | ||
Title: | Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size. | ||
Description: | Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2406 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10216 | |||
Oval ID: | oval:org.mitre.oval:def:10216 | ||
Title: | The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount. | ||
Description: | The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2908 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11255 | |||
Oval ID: | oval:org.mitre.oval:def:11255 | ||
Title: | Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to a large encrypted key size in a Tag 3 packet. | ||
Description: | Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to a large encrypted key size in a Tag 3 packet. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2407 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11328 | |||
Oval ID: | oval:org.mitre.oval:def:11328 | ||
Title: | The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions before 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (guest kernel crash) and read or write guest kernel memory via unspecified "random addresses." | ||
Description: | The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions before 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (guest kernel crash) and read or write guest kernel memory via unspecified "random addresses." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3290 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11768 | |||
Oval ID: | oval:org.mitre.oval:def:11768 | ||
Title: | Service Console update for COS kernel | ||
Description: | The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to (1) conduct NULL pointer dereference attacks, (2) bypass the mmap_min_addr protection mechanism, or (3) defeat address space layout randomization (ASLR). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1895 | Version: | 3 |
Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13413 | |||
Oval ID: | oval:org.mitre.oval:def:13413 | ||
Title: | DSA-1907-1 kvm -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in kvm, a full virtualization system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-5714 Chris Webb discovered an off-by-one bug limiting KVM's VNC passwords to 7 characters. This flaw might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended. CVE-2009-3290 It was discovered that the kvm_emulate_hypercall function in KVM does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service and read or write guest kernel memory. For the stable distribution, these problems have been fixed in version 72+dfsg-5~lenny3. The oldstable distribution does not contain kvm. For the testing distribution these problems will be fixed soon. For the unstable distribution these problems have been fixed in version 85+dfsg-4.1 We recommend that you upgrade your kvm packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1907-1 CVE-2008-5714 CVE-2009-3290 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13582 | |||
Oval ID: | oval:org.mitre.oval:def:13582 | ||
Title: | DSA-1844-1 linux-2.6.24 -- denial of service/privilege escalation | ||
Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1385 Neil Horman discovered a missing fix from the e1000 network driver. A remote user may cause a denial of service by way of a kernel panic triggered by specially crafted frame sizes. CVE-2009-1389 Michael Tokarev discovered an issue in the r8169 network driver. Remote users on the same LAN may cause a denial of service by way of a kernel panic triggered by receiving a large size frame. CVE-2009-1630 Frank Filz discovered that local users may be able to execute files without execute permission when accessed via an nfs4 mount. CVE-2009-1633 Jeff Layton and Suresh Jayaraman fixed several buffer overflows in the CIFS filesystem which allow remote servers to cause memory corruption. CVE-2009-1895 Julien Tinnes and Tavis Ormandy reported and issue in the Linux vulnerability code. Local users can take advantage of a setuid binary that can either be made to dereference a NULL pointer or drop privileges and return control to the user. This allows a user to bypass mmap_min_addr restrictions which can be exploited to execute arbitrary code. CVE-2009-1914 Mikulas Patocka discovered an issue in sparc64 kernels that allows local users to cause a denial of service by reading the /proc/iomem file. CVE-2009-1961 Miklos Szeredi reported an issue in the ocfs2 filesystem. Local users can create a denial of service using a particular sequence of splice system calls. CVE-2009-2406 CVE-2009-2407 Ramon de Carvalho Valle discovered two issues with the eCryptfs layered filesystem using the fsfuzzer utility. A local user with permissions to perform an eCryptfs mount may modify the contents of a eCryptfs file, overflowing the stack and potentially gaining elevated privileges. For the stable distribution, these problems have been fixed in version 2.6.24-6~etchnhalf.8etch2. We recommend that you upgrade your linux-2.6.24 packages. Note: Debian "etch" includes linux kernel packages based upon both the 2.6.18 and 2.6.24 linux releases. All known security issues are carefully tracked against both packages and both packages will receive security updates until security support for Debian "etch" concludes. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, lower severity 2.6.18 and 2.6.24 updates will typically release in a staggered or "leap-frog" fashion. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1844-1 CVE-2009-1385 CVE-2009-1389 CVE-2009-1630 CVE-2009-1633 CVE-2009-1895 CVE-2009-1914 CVE-2009-1961 CVE-2009-2406 CVE-2009-2407 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | linux-2.6.24 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22837 | |||
Oval ID: | oval:org.mitre.oval:def:22837 | ||
Title: | ELSA-2009:1465: kvm security and bug fix update (Important) | ||
Description: | The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions before 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (guest kernel crash) and read or write guest kernel memory via unspecified "random addresses." | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1465-01 CVE-2009-3290 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29154 | |||
Oval ID: | oval:org.mitre.oval:def:29154 | ||
Title: | RHSA-2009:1193 -- kernel security and bug fix update (Important) | ||
Description: | Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1193 CESA-2009:1193-CentOS 5 CVE-2007-5966 CVE-2009-1385 CVE-2009-1388 CVE-2009-1389 CVE-2009-1895 CVE-2009-2406 CVE-2009-2407 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6992 | |||
Oval ID: | oval:org.mitre.oval:def:6992 | ||
Title: | Linux Kernel eCryptfs Lower Dentry Null Pointer Dereference Local Denial of Service Vulnerability | ||
Description: | The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2908 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7760 | |||
Oval ID: | oval:org.mitre.oval:def:7760 | ||
Title: | DSA-1907 kvm -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in kvm, a full virtualization system. The Common Vulnerabilities and Exposures project identifies the following problems: Chris Webb discovered an off-by-one bug limiting KVM's VNC passwords to 7 characters. This flaw might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended. It was discovered that the kvm_emulate_hypercall function in KVM does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (guest kernel crash) and read or write guest kernel memory. The oldstable distribution (etch) does not contain kvm. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1907 CVE-2008-5714 CVE-2009-3290 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7826 | |||
Oval ID: | oval:org.mitre.oval:def:7826 | ||
Title: | VMware kernel personality subsystem vulnerability | ||
Description: | The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to (1) conduct NULL pointer dereference attacks, (2) bypass the mmap_min_addr protection mechanism, or (3) defeat address space layout randomization (ASLR). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1895 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8057 | |||
Oval ID: | oval:org.mitre.oval:def:8057 | ||
Title: | VMware kernel parse_tag_3_packet function vulnerability | ||
Description: | Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to a large encrypted key size in a Tag 3 packet. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2407 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8246 | |||
Oval ID: | oval:org.mitre.oval:def:8246 | ||
Title: | VMware kernel parse_tag_11_packet function vulnerability | ||
Description: | Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2406 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-04-16 | Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates File : nvt/gb_VMSA-2010-0009.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:1550 centos3 i386 File : nvt/gb_CESA-2009_1550_kernel_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:1548 centos5 i386 File : nvt/gb_CESA-2009_1548_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kvm-83-105.el5_ CESA-2009:1465 centos5 i386 File : nvt/gb_CESA-2009_1465_kvm-83-105.el5__centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:1438 centos4 i386 File : nvt/gb_CESA-2009_1438_kernel_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:1193 centos5 i386 File : nvt/gb_CESA-2009_1193_kernel_centos5_i386.nasl |
2011-02-18 | Name : Mandriva Update for kernel MDVSA-2011:029 (kernel) File : nvt/gb_mandriva_MDVSA_2011_029.nasl |
2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-1500 File : nvt/gb_fedora_2010_1500_kernel_fc11.nasl |
2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-0919 File : nvt/gb_fedora_2010_0919_kernel_fc11.nasl |
2010-03-02 | Name : Fedora Update for kernel FEDORA-2010-1804 File : nvt/gb_fedora_2010_1804_kernel_fc11.nasl |
2009-12-30 | Name : Fedora Core 11 FEDORA-2009-13694 (kernel) File : nvt/fcore_2009_13694.nasl |
2009-12-14 | Name : Fedora Core 10 FEDORA-2009-13098 (kernel) File : nvt/fcore_2009_13098.nasl |
2009-12-10 | Name : Fedora Core 11 FEDORA-2009-12786 (kernel) File : nvt/fcore_2009_12786.nasl |
2009-11-11 | Name : Fedora Core 11 FEDORA-2009-10639 (kernel) File : nvt/fcore_2009_10639.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1540 File : nvt/RHSA_2009_1540.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1548 File : nvt/RHSA_2009_1548.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1550 File : nvt/RHSA_2009_1550.nasl |
2009-11-11 | Name : CentOS Security Advisory CESA-2009:1550 (kernel) File : nvt/ovcesa2009_1550.nasl |
2009-11-11 | Name : Mandriva Security Advisory MDVSA-2009:289 (kernel) File : nvt/mdksa_2009_289.nasl |
2009-11-11 | Name : CentOS Security Advisory CESA-2009:1465 (kvm) File : nvt/ovcesa2009_1465.nasl |
2009-11-11 | Name : CentOS Security Advisory CESA-2009:1548 (kernel) File : nvt/ovcesa2009_1548.nasl |
2009-11-11 | Name : Debian Security Advisory DSA 1928-1 (linux-2.6.24) File : nvt/deb_1928_1.nasl |
2009-11-11 | Name : Fedora Core 10 FEDORA-2009-11038 (kernel) File : nvt/fcore_2009_11038.nasl |
2009-11-11 | Name : Fedora Core 11 FEDORA-2009-11032 (kernel) File : nvt/fcore_2009_11032.nasl |
2009-10-27 | Name : Debian Security Advisory DSA 1915-1 (linux-2.6) File : nvt/deb_1915_1.nasl |
2009-10-19 | Name : Debian Security Advisory DSA 1907-1 (kvm) File : nvt/deb_1907_1.nasl |
2009-10-19 | Name : Fedora Core 10 FEDORA-2009-10525 (kernel) File : nvt/fcore_2009_10525.nasl |
2009-10-11 | Name : SLES11: Security update for Linux kernel File : nvt/sles11_ext4dev-kmp-def2.nasl |
2009-10-06 | Name : Fedora Core 10 FEDORA-2009-10165 (kernel) File : nvt/fcore_2009_10165.nasl |
2009-10-06 | Name : RedHat Security Advisory RHSA-2009:1465 File : nvt/RHSA_2009_1465.nasl |
2009-09-21 | Name : CentOS Security Advisory CESA-2009:1438 (kernel) File : nvt/ovcesa2009_1438.nasl |
2009-09-21 | Name : SuSE Security Summary SUSE-SR:2009:015 File : nvt/suse_sr_2009_015.nasl |
2009-09-15 | Name : RedHat Security Advisory RHSA-2009:1438 File : nvt/RHSA_2009_1438.nasl |
2009-09-09 | Name : RedHat Security Advisory RHSA-2009:1239 File : nvt/RHSA_2009_1239.nasl |
2009-09-02 | Name : Fedora Core 11 FEDORA-2009-9044 (kernel) File : nvt/fcore_2009_9044.nasl |
2009-09-02 | Name : Fedora Core 11 FEDORA-2009-8684 (kernel) File : nvt/fcore_2009_8684.nasl |
2009-09-02 | Name : Fedora Core 11 FEDORA-2009-8649 (kernel) File : nvt/fcore_2009_8649.nasl |
2009-09-02 | Name : Fedora Core 10 FEDORA-2009-8647 (kernel) File : nvt/fcore_2009_8647.nasl |
2009-09-02 | Name : SuSE Security Advisory SUSE-SA:2009:045 (kernel) File : nvt/suse_sa_2009_045.nasl |
2009-08-17 | Name : CentOS Security Advisory CESA-2009:1193 (kernel) File : nvt/ovcesa2009_1193.nasl |
2009-08-17 | Name : Fedora Core 10 FEDORA-2009-8264 (kernel) File : nvt/fcore_2009_8264.nasl |
2009-08-17 | Name : Fedora Core 11 FEDORA-2009-8144 (kernel) File : nvt/fcore_2009_8144.nasl |
2009-08-17 | Name : Debian Security Advisory DSA 1845-1 (linux-2.6) File : nvt/deb_1845_1.nasl |
2009-08-17 | Name : Debian Security Advisory DSA 1844-1 (linux-2.6.24) File : nvt/deb_1844_1.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1193 File : nvt/RHSA_2009_1193.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
58880 | Linux Kernel eCryptfs fs/ecryptfs/inode.c d_delete Function NULL Dereference ... |
58214 | Linux Kernel arch/x86/kvm/x86.c kvm_emulate_hypercall() Function Arbitrary Gu... |
56691 | Linux Kernel eCryptfs fs/ecryptfs/keystore.c parse_tag_3_packet Function Encr... |
56690 | Linux Kernel eCryptfs fs/ecryptfs/keystore.c parse_tag_11_packet Function Lit... |
55807 | Linux Kernel PER_CLEAR_ON_SETID Mask Local Security Restriction Bypass |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-08 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2010-0009_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0004_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-03 | Name : The remote host is missing a security-related patch. File : vmware_VMSA-2009-0016_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2009-0017.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1548.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1193.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1438.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1465.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1541.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1550.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1548.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1541.nasl - Type : ACT_GATHER_INFO |
2013-03-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091103_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0079.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1465.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091103_kernel_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090808_kernel_for_SL_5_x.nasl - Type : ACT_GATHER_INFO |
2010-06-28 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0010.nasl - Type : ACT_GATHER_INFO |
2010-06-01 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2010-0009.nasl - Type : ACT_GATHER_INFO |
2010-03-05 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2010-0004.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1928.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1915.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1907.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1845.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1844.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1438.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1193.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1465.nasl - Type : ACT_GATHER_INFO |
2009-11-23 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2009-0016.nasl - Type : ACT_GATHER_INFO |
2009-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11032.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1541.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1548.nasl - Type : ACT_GATHER_INFO |
2009-10-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-289.nasl - Type : ACT_GATHER_INFO |
2009-10-28 | Name : The remote Fedora host is missing a security update. File : fedora_2009-10639.nasl - Type : ACT_GATHER_INFO |
2009-10-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-852-1.nasl - Type : ACT_GATHER_INFO |
2009-10-16 | Name : The remote Fedora host is missing a security update. File : fedora_2009-10525.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-6440.nasl - Type : ACT_GATHER_INFO |
2009-10-05 | Name : The remote Fedora host is missing a security update. File : fedora_2009-10165.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-090816.nasl - Type : ACT_GATHER_INFO |
2009-09-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1438.nasl - Type : ACT_GATHER_INFO |
2009-08-27 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-090814.nasl - Type : ACT_GATHER_INFO |
2009-08-27 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-090816.nasl - Type : ACT_GATHER_INFO |
2009-08-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1193.nasl - Type : ACT_GATHER_INFO |
2009-08-05 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8264.nasl - Type : ACT_GATHER_INFO |
2009-08-05 | Name : The remote Fedora host is missing a security update. File : fedora_2009-8144.nasl - Type : ACT_GATHER_INFO |
2009-07-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-807-1.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:40:55 |
|