Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name MDVSA-2010:198 First vendor Publication 2010-10-07
Vendor Mandriva Last vendor Modification 2010-10-07
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel:

fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount symlinks, which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW. (CVE-2010-1088)

The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. (CVE-2009-3228)

The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel node set. (CVE-2010-0415)

The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls. (CVE-2009-3620)

The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space. (CVE-2010-0622)

The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang) via a crafted cr3 value, which triggers a NULL pointer dereference in the gfn_to_rmap function. (CVE-2009-2287)

The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted application. (CVE-2009-3722)

The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal. (CVE-2009-4308)

The eisa_eeprom_read function in the parisc isa-eeprom component (drivers/parisc/eisa_eeprom.c) in the Linux kernel before 2.6.31-rc6 allows local users to access restricted memory via a negative ppos argument, which bypasses a check that assumes that ppos is positive and causes an out-of-bounds read in the readb function. (CVE-2009-2846)

Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service (panic) or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the read_buf and nfsd4_decode_compound functions. (CVE-2010-2521)

mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIG_SECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1643. (CVE-2008-7256)

The release_one_tty function in drivers/char/tty_io.c in the Linux kernel before 2.6.34-rc4 omits certain required calls to the put_pid function, which has unspecified impact and local attack vectors. (CVE-2010-1162)

mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors. (CVE-2010-1643)

The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data. (CVE-2010-1173)

The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference. (CVE-2010-1187)

The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data. (CVE-2010-1173)

fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service (panic) via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from an OS/2 server, related to the CIFSSMBWrite and CIFSSMBWrite2 functions. (CVE-2010-2248)

Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors. (CVE-2010-2492)

The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file. (CVE-2010-2226)

The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c. (CVE-2010-2798)

The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server. (CVE-2010-2240)

The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory by requesting a large memory-allocation amount. (CVE-2010-2803)

Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service (system crash) via crafted CAN traffic. (CVE-2010-2959)

Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the /dev/sequencer device. (CVE-2010-3080)

A vulnerability in Linux kernel caused by insecure allocation of user space memory when translating system call inputs to 64-bit. A stack pointer underflow can occur when using the compat_alloc_user_space method with an arbitrary length input. (CVE-2010-3081)

The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression. (CVE-2010-3301)

To update your kernel, please follow the directions located at:

http://www.mandriva.com/en/security/kernelupdate

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2010:198

CWE : Common Weakness Enumeration

% Id Name
21 % CWE-476 NULL Pointer Dereference
16 % CWE-264 Permissions, Privileges, and Access Controls
11 % CWE-200 Information Exposure
11 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
11 % CWE-20 Improper Input Validation
5 % CWE-415 Double Free
5 % CWE-399 Resource Management Errors
5 % CWE-269 Improper Privilege Management
5 % CWE-190 Integer Overflow or Wraparound (CWE/SANS Top 25)
5 % CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25)
5 % CWE-94 Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10093
 
Oval ID: oval:org.mitre.oval:def:10093
Title: fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW.
Description: fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1088
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11103
 
Oval ID: oval:org.mitre.oval:def:11103
Title: The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal.
Description: The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal.
Family: unix Class: vulnerability
Reference(s): CVE-2009-4308
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11416
 
Oval ID: oval:org.mitre.oval:def:11416
Title: The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data.
Description: The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1173
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11894
 
Oval ID: oval:org.mitre.oval:def:11894
Title: DSA-2110-1 linux-2.6 -- privilege escalation/denial of service/information leak
Description: CVE-2010-2492 Andre Osterhues reported an issue in the eCryptfs subsystem. A buffer overflow condition may allow local users to cause a denial of service or gain elevated privileges. CVE-2010-2954 Tavis Ormandy reported an issue in the irda subsystem which may allow local users to cause a denial of service via a NULL pointer dereference. CVE-2010-3078 Dan Rosenberg discovered an issue in the XFS file system that allows local users to read potentially sensitive kernel memory. CVE-2010-3080 Tavis Ormandy reported an issue in the ALSA sequencer OSS emulation layer. Local users with sufficient privileges to open /dev/sequencer can cause a denial of service via a NULL pointer dereference. CVE-2010-3081 Ben Hawkes discovered an issue in the 32-bit compatibility code for 64-bit systems. Local users can gain elevated privileges due to insufficient checks in compat_alloc_user_space allocations. For the stable distribution, this problem has been fixed in version 2.6.26-25lenny1. We recommend that you upgrade your linux-2.6 and user-mode-linux packages. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 5.0 user-mode-linux 2.6.26-1um-2+25lenny1
Family: unix Class: patch
Reference(s): DSA-2110-1
CVE-2010-2492
CVE-2010-2954
CVE-2010-3078
CVE-2010-3080
CVE-2010-3081
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12803
 
Oval ID: oval:org.mitre.oval:def:12803
Title: USN-974-2 -- linux regression
Description: USN-974-1 fixed vulnerabilities in the Linux kernel. The fixes for CVE-2010-2240 caused failures for Xen hosts. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network subsystem when setting up frame content and filtering certain messages. An attacker could send specially crafted CAN traffic to crash the system or gain root privileges
Family: unix Class: patch
Reference(s): USN-974-2
CVE-2010-2240
CVE-2010-2803
CVE-2010-2959
Version: 5
Platform(s): Ubuntu 8.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13127
 
Oval ID: oval:org.mitre.oval:def:13127
Title: DSA-2012-1 linux-2.6 -- privilege escalation/denial of service
Description: CVE-2009-3725 Philipp Reisner reported an issue in the connector subsystem which allows unprivileged users to send netlink packets. This allows local users to manipulate settings for uvesafb devices which are normally reserved for privileged users. CVE-2010-0622 Jermome Marchand reported an issue in the futex subsystem that allows a local user to force an invalid futex state which results in a denial of service. This update also includes fixes for regressions introduced by previous updates. See the referenced Debian bug pages for details. For the stable distribution, this problem has been fixed in version 2.6.26-21lenny4. We recommend that you upgrade your linux-2.6 and user-mode-linux packages. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 5.0 user-mode-linux 2.6.26-1um-2+21lenny4
Family: unix Class: patch
Reference(s): DSA-2012-1
CVE-2009-3725
CVE-2010-0622
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13247
 
Oval ID: oval:org.mitre.oval:def:13247
Title: ESX third party update for Service Console kernel
Description: The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2240
Version: 4
Platform(s): VMWare ESX Server 3.5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13341
 
Oval ID: oval:org.mitre.oval:def:13341
Title: DSA-1846-1 kvm -- denial of service
Description: Matt T. Yourst discovered an issue in the kvm subsystem. Local users with permission to manipulate /dev/kvm can cause a denial of service by providing an invalid cr3 value to the KVM_SET_SREGS call. For the stable distribution, these problems have been fixed in version 72+dfsg-5~lenny2. For the unstable distribution, these problems will be fixed soon. We recommend that you upgrade your kvm packages, and rebuild any kernel modules you have built from a kvm-source package version.
Family: unix Class: patch
Reference(s): DSA-1846-1
CVE-2009-2287
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): kvm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13397
 
Oval ID: oval:org.mitre.oval:def:13397
Title: DSA-1996-1 linux-2.6 -- privilege escalation/denial of service/sensitive memory leak
Description: CVE-2009-3939 Joseph Malicki reported that the dbg_lvl sysfs attribute for the megaraid_sas device driver had world-writable permissions, permitting local users to modify logging settings. CVE-2009-4027 Lennert Buytenhek reported a race in the mac80211 subsystem that may allow remote users to cause a denial of service on a system connected to the same wireless network. CVE-2009-4536 & CVE-2009-4538 Fabian Yamaguchi reported issues in the e1000 and e1000e drivers for Intel gigabit network adapters which allow remote users to bypass packet filters using specially crafted ethernet frames. CVE-2010-0003 Andi Kleen reported a defect which allows local users to gain read access to memory reachable by the kernel when the print-fatal-signals option is enabled. This option is disabled by default. CVE-2010-0007 Florian Westphal reported a lack of capability checking in the ebtables netfilter subsystem. If the ebtables module is loaded, local users can add and modify ebtables rules. CVE-2010-0291 Al Viro reported several issues with the mmap/mremap system calls that allow local users to cause a denial of service or obtain elevated privileges. CVE-2010-0298 & CVE-2010-0306 Gleb Natapov discovered issues in the KVM subsystem where missing permission checks permit a user in a guest system to denial of service a guest or gain escalated privileges with the guest. CVE-2010-0307 Mathias Krause reported an issue with the load_elf_binary code on the amd64 flavor kernels that allows local users to cause a denial of service. CVE-2010-0309 Marcelo Tosatti fixed an issue in the PIT emulation code in the KVM subsystem that allows privileged users in a guest domain to cause a denial of service of the host system. CVE-2010-0410 Sebastian Krahmer discovered an issue in the netlink connector subsystem that permits local users to allocate large amounts of system memory resulting in a denial of service. CVE-2010-0415 Ramon de Carvalho Valle discovered an issue in the sys_move_pages interface, limited to amd64, ia64 and powerpc64 flavors in Debian. Local users can exploit this issue to cause a denial of service or gain access to sensitive kernel memory. For the stable distribution, this problem has been fixed in version 2.6.26-21lenny3. For the oldstable distribution, these problems, where applicable, will be fixed in updates to linux-2.6 and linux-2.6.24. We recommend that you upgrade your linux-2.6 and user-mode-linux packages. Note: Debian carefully tracks all known security issues across every linux kernel package in all releases under active security support. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or "leap-frog" fashion. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 5.0 user-mode-linux 2.6.26-1um-2+21lenny3
Family: unix Class: patch
Reference(s): DSA-1996-1
CVE-2009-3939
CVE-2009-4027
CVE-2009-4536
CVE-2009-4538
CVE-2010-0003
CVE-2010-0007
CVE-2010-0291
CVE-2010-0298
CVE-2010-0306
CVE-2010-0307
CVE-2010-0309
CVE-2010-0410
CVE-2010-0415
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17343
 
Oval ID: oval:org.mitre.oval:def:17343
Title: USN-518-1 -- linux-source-2.6.15/17/20 vulnerabilities
Description: Evan Teran discovered that the Linux kernel ptrace routines did not correctly handle certain requests robustly.
Family: unix Class: patch
Reference(s): USN-518-1
CVE-2007-3731
CVE-2007-3739
CVE-2007-3740
CVE-2007-4573
Version: 7
Platform(s): Ubuntu 6.06
Ubuntu 6.10
Ubuntu 7.04
Product(s): linux-source-2.6.15
linux-source-2.6.17
linux-source-2.6.20
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19910
 
Oval ID: oval:org.mitre.oval:def:19910
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2240
Version: 5
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
VMWare ESX Server 3.5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20153
 
Oval ID: oval:org.mitre.oval:def:20153
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2492
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20184
 
Oval ID: oval:org.mitre.oval:def:20184
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2798
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20241
 
Oval ID: oval:org.mitre.oval:def:20241
Title: DSA-2003-1 linux-2.6 - several vulnerabilities
Description: NOTE: This kernel update marks the final planned kernel security update for the 2.6.18 kernel in the Debian release 'etch'. Although security support for 'etch' officially ended on Feburary 15th, 2010, this update was already in preparation before that date. A final update that includes fixes for these issues in the 2.6.24 kernel is also in preparation and will be released shortly.
Family: unix Class: patch
Reference(s): DSA-2003-1
CVE-2009-3080
CVE-2009-3726
CVE-2009-4005
CVE-2009-4020
CVE-2009-4021
CVE-2009-4536
CVE-2010-0007
CVE-2010-0410
CVE-2010-0415
CVE-2010-0622
Version: 5
Platform(s): Debian GNU/Linux 4.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20261
 
Oval ID: oval:org.mitre.oval:def:20261
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal.
Family: unix Class: vulnerability
Reference(s): CVE-2009-4308
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20266
 
Oval ID: oval:org.mitre.oval:def:20266
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set.
Family: unix Class: vulnerability
Reference(s): CVE-2010-0415
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20277
 
Oval ID: oval:org.mitre.oval:def:20277
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1187
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20401
 
Oval ID: oval:org.mitre.oval:def:20401
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service (panic) or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the read_buf and nfsd4_decode_compound functions.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2521
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20417
 
Oval ID: oval:org.mitre.oval:def:20417
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1088
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20479
 
Oval ID: oval:org.mitre.oval:def:20479
Title: VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console
Description: The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2240
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20508
 
Oval ID: oval:org.mitre.oval:def:20508
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2226
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20529
 
Oval ID: oval:org.mitre.oval:def:20529
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3081
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20536
 
Oval ID: oval:org.mitre.oval:def:20536
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1173
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20551
 
Oval ID: oval:org.mitre.oval:def:20551
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space.
Family: unix Class: vulnerability
Reference(s): CVE-2010-0622
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20563
 
Oval ID: oval:org.mitre.oval:def:20563
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service (panic) via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from an OS/2 server, related to the CIFSSMBWrite and CIFSSMBWrite2 functions.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2248
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21705
 
Oval ID: oval:org.mitre.oval:def:21705
Title: ELSA-2007:0936: kernel security update (Important)
Description: The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.
Family: unix Class: patch
Reference(s): ELSA-2007:0936-01
CVE-2007-4573
Version: 6
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22076
 
Oval ID: oval:org.mitre.oval:def:22076
Title: RHSA-2010:0661: kernel security update (Important)
Description: The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.
Family: unix Class: patch
Reference(s): RHSA-2010:0661-01
CESA-2010:0661
CVE-2010-2240
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22300
 
Oval ID: oval:org.mitre.oval:def:22300
Title: RHSA-2010:0704: kernel security update (Important)
Description: The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.
Family: unix Class: patch
Reference(s): RHSA-2010:0704-01
CESA-2010:0704
CVE-2010-3081
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23010
 
Oval ID: oval:org.mitre.oval:def:23010
Title: ELSA-2010:0661: kernel security update (Important)
Description: The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.
Family: unix Class: patch
Reference(s): ELSA-2010:0661-01
CVE-2010-2240
Version: 6
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23170
 
Oval ID: oval:org.mitre.oval:def:23170
Title: ELSA-2010:0704: kernel security update (Important)
Description: The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.
Family: unix Class: patch
Reference(s): ELSA-2010:0704-01
CVE-2010-3081
Version: 6
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27891
 
Oval ID: oval:org.mitre.oval:def:27891
Title: DEPRECATED: ELSA-2010-0661 -- kernel security update (important)
Description: [2.6.18-194.11.3.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] [2.6.18-194.11.3.el5] - [mm] accept an abutting stack segment (Jiri Pirko) [607857 607858] {CVE-2010-2240} [2.6.18-194.11.2.el5] - [mm] pass correct mm when growing stack (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix up some user-visible effects of stack guard page (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix page table unmap for stack guard page properly (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix missing unmap for stack guard page failure case (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] keep a guard page below a grow-down stack segment (Jiri Pirko) [607857 607858] {CVE-2010-2240}
Family: unix Class: patch
Reference(s): ELSA-2010-0661
CVE-2010-2240
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28053
 
Oval ID: oval:org.mitre.oval:def:28053
Title: DEPRECATED: ELSA-2010-0704 -- kernel security update (important)
Description: [2.6.18-194.11.4.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] [2.6.18-194.11.4.el5] - [misc] make compat_alloc_user_space() incorporate the access_ok() (Don Howard) [634463 634464] {CVE-2010-3081}
Family: unix Class: patch
Reference(s): ELSA-2010-0704
CVE-2010-3081
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6757
 
Oval ID: oval:org.mitre.oval:def:6757
Title: Linux Kernel 2.4 and 2.6 Multiple Local Information Disclosure Vulnerabilities
Description: The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3228
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6763
 
Oval ID: oval:org.mitre.oval:def:6763
Title: Linux Kernel r128 Driver CCE Initialization NULL Pointer Dereference Denial of Service Vulnerability
Description: The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3620
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6841
 
Oval ID: oval:org.mitre.oval:def:6841
Title: DSA-2003 linux-2.6 -- privilege escalation/denial of service
Description: NOTE: This kernel update marks the final planned kernel security update for the 2.6.18 kernel in the Debian release "etch". Although security support for "etch" officially ended on Feburary 15th, 2010, this update was already in preparation before that date. A final update that includes fixes for these issues in the 2.6.24 kernel is also in preparation and will be released shortly. Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: Dave Jones reported an issue in the gdth SCSI driver. A missing check for negative offsets in an ioctl call could be exploited by local users to create a denial of service or potentially gain elevated privileges. Trond Myklebust reported an issue where a malicious NFS server could cause a denial of service condition on its clients by returning incorrect attributes during an open call. Roel Kluin discovered an issue in the hfc_usb driver, an ISDN driver for Colognechip HFC-S USB chip. A potential read overflow exists which may allow remote users to cause a denial of service condition. Amerigo Wang discovered an issue in the HFS filesystem that would allow a denial of service by a local user who has sufficient privileges to mount a specially crafted filesystem. Anana V. Avati discovered an issue in the fuse subsystem. If the system is sufficiently low on memory, a local user can cause the kernel to dereference an invalid pointer resulting in a denial of service and potentially an escalation of privileges. Fabian Yamaguchi reported an issue in the e1000 driver for Intel gigabit network adapters which allow remote users to bypass packet filters using specially crafted ethernet frames. Florian Westphal reported a lack of capability checking in the ebtables netfilter subsystem. If the ebtables module is loaded, local users can add and modify ebtables rules. Sebastian Krahmer discovered an issue in the netlink connector subsystem that permits local users to allocate large amounts of system memory resulting in a denial of service. Ramon de Carvalho Valle discovered an issue in the sys_move_pages interface, limited to amd64, ia64 and powerpc64 flavors in Debian. Local users can exploit this issue to cause a denial of service or gain access to sensitive kernel memory. Jermome Marchand reported an issue in the futex subsystem that allows a local user to force an invalid futex state which results in a denial of service. This update also fixes a regression introduced by a previous security update that caused problems booting on certain s390 systems.
Family: unix Class: patch
Reference(s): DSA-2003
CVE-2009-3080
CVE-2009-3726
CVE-2009-4005
CVE-2009-4020
CVE-2009-4021
CVE-2009-4536
CVE-2010-0007
CVE-2010-0410
CVE-2010-0415
CVE-2010-0622
Version: 5
Platform(s): Debian GNU/Linux 4.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7263
 
Oval ID: oval:org.mitre.oval:def:7263
Title: DSA-1846 kvm -- denial of service
Description: Matt T. Yourst discovered an issue in the kvm subsystem. Local users with permission to manipulate /dev/kvm can cause a denial of service (hang) by providing an invalid cr3 value to the KVM_SET_SREGS call.
Family: unix Class: patch
Reference(s): DSA-1846
CVE-2009-2287
Version: 3
Platform(s): Debian GNU/Linux 5.0
Product(s): kvm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7309
 
Oval ID: oval:org.mitre.oval:def:7309
Title: DSA-2012 linux-2.6 -- privilege escalation/denial of service
Description: Two vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: Philipp Reisner reported an issue in the connector subsystem which allows unprivileged users to send netlink packets. This allows local users to manipulate settings for uvesafb devices which are normally reserved for privileged users. Jermome Marchand reported an issue in the futex subsystem that allows a local user to force an invalid futex state which results in a denial of service. This update also includes fixes for regressions introduced by previous updates. See the referenced Debian bug pages for details.
Family: unix Class: patch
Reference(s): DSA-2012
CVE-2009-3725
CVE-2010-0622
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7480
 
Oval ID: oval:org.mitre.oval:def:7480
Title: DSA-1996 linux-2.6 -- privilege escalation/denial of service/sensitive memory leak
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: Joseph Malicki reported that the dbg_lvl sysfs attribute for the megaraid_sas device driver had world-writable permissions, permitting local users to modify logging settings. Lennert Buytenhek reported a race in the mac80211 subsystem that may allow remote users to cause a denial of service on a system connected to the same wireless network. Fabian Yamaguchi reported issues in the e1000 and e1000e drivers for Intel gigabit network adapters which allow remote users to bypass packet filters using specially crafted ethernet frames. Andi Kleen reported a defect which allows local users to gain read access to memory reachable by the kernel when the print-fatal-signals option is enabled. This option is disabled by default. Florian Westphal reported a lack of capability checking in the ebtables netfilter subsystem. If the ebtables module is loaded, local users can add and modify ebtables rules. Al Viro reported several issues with the mmap/mremap system calls that allow local users to cause a denial of service or obtain elevated privileges. Gleb Natapov discovered issues in the KVM subsystem where missing permission checks permit a user in a guest system to denial of service a guest or gain escalated privileges with the guest. Mathias Krause reported an issue with the load_elf_binary code on the amd64 flavor kernels that allows local users to cause a denial of service. Marcelo Tosatti fixed an issue in the PIT emulation code in the KVM subsystem that allows privileged users in a guest domain to cause a denial of service of the host system. Sebastian Krahmer discovered an issue in the netlink connector subsystem that permits local users to allocate large amounts of system memory resulting in a denial of service. Ramon de Carvalho Valle discovered an issue in the sys_move_pages interface, limited to amd64, ia64 and powerpc64 flavors in Debian. Local users can exploit this issue to cause a denial of service or gain access to sensitive kernel memory.
Family: unix Class: patch
Reference(s): DSA-1996
CVE-2009-3939
CVE-2009-4027
CVE-2009-4536
CVE-2009-4538
CVE-2010-0003
CVE-2010-0007
CVE-2010-0291
CVE-2010-0298
CVE-2010-0306
CVE-2010-0307
CVE-2010-0309
CVE-2010-0410
CVE-2010-0415
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7532
 
Oval ID: oval:org.mitre.oval:def:7532
Title: DSA-2005 linux-2.6.24 -- privilege escalation/denial of service/sensitive memory leak
Description: NOTE: This kernel update marks the final planned kernel security update for the 2.6.24 kernel in the Debian release "etch". Although security support for "etch" officially ended on Feburary 15th, 2010, this update was already in preparation before that date. Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: Steve Beattie and Kees Cook reported an information leak in the maps and smaps files available under /proc. Local users may be able to read this data for setuid processes while the ELF binary is being loaded. Eric Paris provided several fixes to increase the protection provided by the mmap_min_addr tunable against NULL pointer dereference vulnerabilities. Dave Jones reported an issue in the gdth SCSI driver. A missing check for negative offsets in an ioctl call could be exploited by local users to create a denial of service or potentially gain elevated privileges. Trond Myklebust reported an issue where a malicious NFS server could cause a denial of service condition on its clients by returning incorrect attributes during an open call. Joe Malicki discovered an issue in the megaraid_sas driver. Insufficient permissions on the sysfs dbg_lvl interface allow local users to modify the debug logging behavior. Roel Kluin discovered an issue in the hfc_usb driver, an ISDN driver for Colognechip HFC-S USB chip. A potential read overflow exists which may allow remote users to cause a denial of service condition. Amerigo Wang discovered an issue in the HFS filesystem that would allow a denial of service by a local user who has sufficient privileges to mount a specially crafted filesystem. Anana V. Avati discovered an issue in the fuse subsystem. If the system is sufficiently low on memory, a local user can cause the kernel to dereference an invalid pointer resulting in a denial of service and potentially an escalation of privileges. Jay Fenlason discovered an issue in the firewire stack that allows local users to cause a denial of service by making a specially crafted ioctl call. Ted Ts’o discovered an issue in the ext4 filesystem that allows local users to cause a denial of service. For this to be exploitable, the local user must have sufficient privileges to mount a filesystem. Fabian Yamaguchi reported issues in the e1000 and e1000e drivers for Intel gigabit network adapters which allow remote users to bypass packet filters using specially crafted Ethernet frames. Andi Kleen reported a defect which allows local users to gain read access to memory reachable by the kernel when the print-fatal-signals option is enabled. This option is disabled by default. Florian Westphal reported a lack of capability checking in the ebtables netfilter subsystem. If the ebtables module is loaded, local users can add and modify ebtables rules. Al Viro reported several issues with the mmap/mremap system calls that allow local users to cause a denial of service or obtain elevated privileges. Sebastian Krahmer discovered an issue in the netlink connector subsystem that permits local users to allocate large amounts of system memory resulting in a denial of service. Ramon de Carvalho Valle discovered an issue in the sys_move_pages interface, limited to amd64, ia64 and powerpc64 flavors in Debian. Local users can exploit this issue to cause a denial of service or gain access to sensitive kernel memory. Jermome Marchand reported an issue in the futex subsystem that allows a local user to force an invalid futex state which results in a denial of service .
Family: unix Class: patch
Reference(s): DSA-2005
CVE-2009-2691
CVE-2009-2695
CVE-2009-3080
CVE-2009-3726
CVE-2009-3889
CVE-2009-4005
CVE-2009-4020
CVE-2009-4021
CVE-2009-4138
CVE-2009-4308
CVE-2009-4536
CVE-2009-4538
CVE-2010-0003
CVE-2010-0007
CVE-2010-0291
CVE-2010-0410
CVE-2010-0415
CVE-2010-0622
Version: 5
Platform(s): Debian GNU/Linux 4.0
Product(s): linux-2.6.24
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9399
 
Oval ID: oval:org.mitre.oval:def:9399
Title: The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set.
Description: The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set.
Family: unix Class: vulnerability
Reference(s): CVE-2010-0415
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9409
 
Oval ID: oval:org.mitre.oval:def:9409
Title: The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors.
Description: The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3228
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9655
 
Oval ID: oval:org.mitre.oval:def:9655
Title: The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space.
Description: The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space.
Family: unix Class: vulnerability
Reference(s): CVE-2010-0622
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9735
 
Oval ID: oval:org.mitre.oval:def:9735
Title: The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.
Description: The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.
Family: unix Class: vulnerability
Reference(s): CVE-2007-4573
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9832
 
Oval ID: oval:org.mitre.oval:def:9832
Title: The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference.
Description: The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1187
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9891
 
Oval ID: oval:org.mitre.oval:def:9891
Title: The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.
Description: The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3620
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9892
 
Oval ID: oval:org.mitre.oval:def:9892
Title: The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted application.
Description: The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted application.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3722
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 3
Application 3
Application 4
Application 3
Application 3
Application 2
Application 3
Application 1
Application 1
Application 2
Os 10
Os 2
Os 2
Os 1341
Os 3
Os 1
Os 1
Os 1
Os 1
Os 3
Os 2
Os 1
Os 1
Os 5
Os 1
Os 2
Os 2
Os 2

ExploitDB Exploits

id Description
2010-08-27 Linux Kernel < 2.6.36-rc1 CAN BCM Privilege Escalation Exploit
2010-08-09 Linux Kernel <= 2.6.33.3 SCTP INIT Remote DoS

OpenVAS Exploits

Date Description
2012-06-05 Name : RedHat Update for kernel RHSA-2011:0007-01
File : nvt/gb_RHSA-2011_0007-01_kernel.nasl
2012-04-16 Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates
File : nvt/gb_VMSA-2010-0009.nasl
2012-03-16 Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe...
File : nvt/gb_VMSA-2011-0003.nasl
2012-03-16 Name : VMSA-2011-0009.3 VMware hosted product updates, ESX patches and VI Client upd...
File : nvt/gb_VMSA-2011-0009.nasl
2012-03-16 Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX...
File : nvt/gb_VMSA-2011-0012.nasl
2012-03-15 Name : VMSA-2010-0016 VMware ESXi and ESX third party updates for Service Console an...
File : nvt/gb_VMSA-2010-0016.nasl
2012-03-15 Name : VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates ...
File : nvt/gb_VMSA-2011-0007.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:1522 centos4 i386
File : nvt/gb_CESA-2009_1522_kernel_centos4_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:1548 centos5 i386
File : nvt/gb_CESA-2009_1548_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:1670 centos5 i386
File : nvt/gb_CESA-2009_1670_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:1671 centos4 i386
File : nvt/gb_CESA-2009_1671_kernel_centos4_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2010:0147 centos5 i386
File : nvt/gb_CESA-2010_0147_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2010:0504 centos5 i386
File : nvt/gb_CESA-2010_0504_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2010:0610 centos5 i386
File : nvt/gb_CESA-2010_0610_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2010:0704 centos5 i386
File : nvt/gb_CESA-2010_0704_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2010:0723 centos5 i386
File : nvt/gb_CESA-2010_0723_kernel_centos5_i386.nasl
2011-06-24 Name : Fedora Update for kernel FEDORA-2011-6447
File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl
2011-05-10 Name : Ubuntu Update for linux-ti-omap4 USN-1119-1
File : nvt/gb_ubuntu_USN_1119_1.nasl
2011-04-22 Name : SuSE Update for kernel SUSE-SA:2011:017
File : nvt/gb_suse_2011_017.nasl
2011-03-15 Name : Fedora Update for kernel FEDORA-2011-2134
File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl
2011-03-07 Name : Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1
File : nvt/gb_ubuntu_USN_1083_1.nasl
2011-01-14 Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1041-1
File : nvt/gb_ubuntu_USN_1041_1.nasl
2011-01-11 Name : SuSE Update for kernel SUSE-SA:2010:039
File : nvt/gb_suse_2010_039.nasl
2011-01-11 Name : SuSE Update for kernel SUSE-SA:2010:047
File : nvt/gb_suse_2010_047.nasl
2011-01-04 Name : Mandriva Update for kernel MDVSA-2010:257 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_257.nasl
2010-12-28 Name : Fedora Update for kernel FEDORA-2010-18983
File : nvt/gb_fedora_2010_18983_kernel_fc13.nasl
2010-12-23 Name : Fedora Update for kernel FEDORA-2010-18506
File : nvt/gb_fedora_2010_18506_kernel_fc13.nasl
2010-12-09 Name : Fedora Update for kernel FEDORA-2010-18432
File : nvt/gb_fedora_2010_18432_kernel_fc12.nasl
2010-12-09 Name : Mandriva Update for kernel MDVSA-2010:247 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_247.nasl
2010-12-02 Name : Fedora Update for kernel FEDORA-2010-14832
File : nvt/gb_fedora_2010_14832_kernel_fc14.nasl
2010-10-22 Name : Ubuntu Update for Linux kernel vulnerabilities USN-1000-1
File : nvt/gb_ubuntu_USN_1000_1.nasl
2010-10-19 Name : Mandriva Update for kernel MDVSA-2010:198 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_198.nasl
2010-10-10 Name : Debian Security Advisory DSA 2094-1 (linux-2.6)
File : nvt/deb_2094_1.nasl
2010-10-10 Name : Debian Security Advisory DSA 2110-1 (linux-2.6)
File : nvt/deb_2110_1.nasl
2010-10-01 Name : CentOS Update for kernel CESA-2010:0718 centos4 i386
File : nvt/gb_CESA-2010_0718_kernel_centos4_i386.nasl
2010-10-01 Name : RedHat Update for kernel RHSA-2010:0718-01
File : nvt/gb_RHSA-2010_0718-01_kernel.nasl
2010-10-01 Name : RedHat Update for kernel RHSA-2010:0723-01
File : nvt/gb_RHSA-2010_0723-01_kernel.nasl
2010-10-01 Name : SuSE Update for kernel SUSE-SA:2010:043
File : nvt/gb_suse_2010_043.nasl
2010-10-01 Name : SuSE Update for kernel SUSE-SA:2010:046
File : nvt/gb_suse_2010_046.nasl
2010-09-27 Name : RedHat Update for kernel RHSA-2010:0704-01
File : nvt/gb_RHSA-2010_0704-01_kernel.nasl
2010-09-27 Name : Mandriva Update for kernel MDVSA-2010:172 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_172.nasl
2010-09-27 Name : Mandriva Update for kernel MDVSA-2010:188 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_188.nasl
2010-09-22 Name : Fedora Update for kernel FEDORA-2010-14878
File : nvt/gb_fedora_2010_14878_kernel_fc12.nasl
2010-09-22 Name : Fedora Update for kernel FEDORA-2010-14890
File : nvt/gb_fedora_2010_14890_kernel_fc13.nasl
2010-09-22 Name : Ubuntu Update for Linux kernel vulnerabilities USN-988-1
File : nvt/gb_ubuntu_USN_988_1.nasl
2010-09-10 Name : CentOS Update for kernel CESA-2010:0676 centos4 i386
File : nvt/gb_CESA-2010_0676_kernel_centos4_i386.nasl
2010-09-10 Name : RedHat Update for kernel RHSA-2010:0676-01
File : nvt/gb_RHSA-2010_0676-01_kernel.nasl
2010-09-10 Name : SuSE Update for kernel SUSE-SA:2010:036
File : nvt/gb_suse_2010_036.nasl
2010-09-07 Name : RedHat Update for kernel RHSA-2010:0661-01
File : nvt/gb_RHSA-2010_0661-01_kernel.nasl
2010-09-07 Name : Fedora Update for kernel FEDORA-2010-13903
File : nvt/gb_fedora_2010_13903_kernel_fc12.nasl
2010-08-30 Name : CentOS Update for kernel CESA-2010:0474 centos4 i386
File : nvt/gb_CESA-2010_0474_kernel_centos4_i386.nasl
2010-08-30 Name : CentOS Update for kernel CESA-2010:0606 centos4 i386
File : nvt/gb_CESA-2010_0606_kernel_centos4_i386.nasl
2010-08-30 Name : Fedora Update for kernel FEDORA-2010-13058
File : nvt/gb_fedora_2010_13058_kernel_fc13.nasl
2010-08-30 Name : Fedora Update for kernel FEDORA-2010-13110
File : nvt/gb_fedora_2010_13110_kernel_fc12.nasl
2010-08-30 Name : Ubuntu Update for linux regression USN-974-2
File : nvt/gb_ubuntu_USN_974_2.nasl
2010-08-20 Name : Ubuntu Update for Linux kernel vulnerabilities USN-974-1
File : nvt/gb_ubuntu_USN_974_1.nasl
2010-08-13 Name : RedHat Update for kernel RHSA-2010:0610-01
File : nvt/gb_RHSA-2010_0610-01_kernel.nasl
2010-08-06 Name : RedHat Update for kernel RHSA-2010:0606-01
File : nvt/gb_RHSA-2010_0606-01_kernel.nasl
2010-08-06 Name : Ubuntu Update for Linux kernel vulnerabilities USN-966-1
File : nvt/gb_ubuntu_USN_966_1.nasl
2010-07-23 Name : SuSE Update for kernel SUSE-SA:2010:031
File : nvt/gb_suse_2010_031.nasl
2010-07-02 Name : RedHat Update for kernel RHSA-2010:0504-01
File : nvt/gb_RHSA-2010_0504-01_kernel.nasl
2010-06-18 Name : RedHat Update for kernel RHSA-2010:0474-01
File : nvt/gb_RHSA-2010_0474-01_kernel.nasl
2010-06-07 Name : Ubuntu Update for Linux kernel vulnerabilities USN-947-1
File : nvt/gb_ubuntu_USN_947_1.nasl
2010-06-07 Name : Ubuntu Update for linux regression USN-947-2
File : nvt/gb_ubuntu_USN_947_2.nasl
2010-06-03 Name : Debian Security Advisory DSA 2053-1 (linux-2.6)
File : nvt/deb_2053_1.nasl
2010-05-04 Name : Mandriva Update for kernel MDVSA-2010:088 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_088.nasl
2010-03-31 Name : Mandriva Update for kernel MDVSA-2010:066 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_066.nasl
2010-03-22 Name : RedHat Update for kernel RHSA-2010:0147-01
File : nvt/gb_RHSA-2010_0147-01_kernel.nasl
2010-03-22 Name : SuSE Update for kernel SUSE-SA:2010:016
File : nvt/gb_suse_2010_016.nasl
2010-03-22 Name : Ubuntu Update for Linux kernel vulnerabilities USN-914-1
File : nvt/gb_ubuntu_USN_914_1.nasl
2010-03-16 Name : Debian Security Advisory DSA 2012-1 (linux-2.6)
File : nvt/deb_2012_1.nasl
2010-03-12 Name : Mandriva Update for rsnapshot MDVA-2010:088 (rsnapshot)
File : nvt/gb_mandriva_MDVA_2010_088.nasl
2010-03-05 Name : SuSE Update for kernel SUSE-SA:2010:014
File : nvt/gb_suse_2010_014.nasl
2010-03-02 Name : Fedora Update for kernel FEDORA-2010-0919
File : nvt/gb_fedora_2010_0919_kernel_fc11.nasl
2010-03-02 Name : Fedora Update for kernel FEDORA-2010-1500
File : nvt/gb_fedora_2010_1500_kernel_fc11.nasl
2010-03-02 Name : Fedora Update for kernel FEDORA-2010-1787
File : nvt/gb_fedora_2010_1787_kernel_fc12.nasl
2010-03-02 Name : Fedora Update for kernel FEDORA-2010-1804
File : nvt/gb_fedora_2010_1804_kernel_fc11.nasl
2010-02-25 Name : Debian Security Advisory DSA 2003-1 (linux-2.6)
File : nvt/deb_2003_1.nasl
2010-02-19 Name : Mandriva Update for drakxtools MDVA-2010:066 (drakxtools)
File : nvt/gb_mandriva_MDVA_2010_066.nasl
2010-02-19 Name : SuSE Update for kernel SUSE-SA:2010:012
File : nvt/gb_suse_2010_012.nasl
2010-02-08 Name : Ubuntu Update for Linux kernel vulnerabilities USN-894-1
File : nvt/gb_ubuntu_USN_894_1.nasl
2010-01-20 Name : SuSE Update for kernel SUSE-SA:2010:005
File : nvt/gb_suse_2010_005.nasl
2010-01-15 Name : SuSE Update for kernel SUSE-SA:2010:001
File : nvt/gb_suse_2010_001.nasl
2009-12-30 Name : RedHat Security Advisory RHSA-2009:1670
File : nvt/RHSA_2009_1670.nasl
2009-12-30 Name : RedHat Security Advisory RHSA-2009:1671
File : nvt/RHSA_2009_1671.nasl
2009-12-30 Name : Fedora Core 11 FEDORA-2009-13694 (kernel)
File : nvt/fcore_2009_13694.nasl
2009-12-30 Name : CentOS Security Advisory CESA-2009:1670 (kernel)
File : nvt/ovcesa2009_1670.nasl
2009-12-30 Name : CentOS Security Advisory CESA-2009:1671 (kernel)
File : nvt/ovcesa2009_1671.nasl
2009-12-14 Name : Fedora Core 10 FEDORA-2009-13098 (kernel)
File : nvt/fcore_2009_13098.nasl
2009-12-10 Name : Fedora Core 11 FEDORA-2009-12786 (kernel)
File : nvt/fcore_2009_12786.nasl
2009-12-10 Name : SuSE Security Advisory SUSE-SA:2009:060 (kernel)
File : nvt/suse_sa_2009_060.nasl
2009-12-03 Name : SLES11: Security update for Linux kernel
File : nvt/sles11_ext4dev-kmp-def4.nasl
2009-11-11 Name : RedHat Security Advisory RHSA-2009:1540
File : nvt/RHSA_2009_1540.nasl
2009-11-11 Name : RedHat Security Advisory RHSA-2009:1548
File : nvt/RHSA_2009_1548.nasl
2009-11-11 Name : Debian Security Advisory DSA 1927-1 (linux-2.6)
File : nvt/deb_1927_1.nasl
2009-11-11 Name : Debian Security Advisory DSA 1928-1 (linux-2.6.24)
File : nvt/deb_1928_1.nasl
2009-11-11 Name : Debian Security Advisory DSA 1929-1 (linux-2.6)
File : nvt/deb_1929_1.nasl
2009-11-11 Name : Fedora Core 11 FEDORA-2009-11032 (kernel)
File : nvt/fcore_2009_11032.nasl
2009-11-11 Name : Fedora Core 10 FEDORA-2009-11038 (kernel)
File : nvt/fcore_2009_11038.nasl
2009-11-11 Name : CentOS Security Advisory CESA-2009:1548 (kernel)
File : nvt/ovcesa2009_1548.nasl
2009-10-27 Name : RedHat Security Advisory RHSA-2009:1522
File : nvt/RHSA_2009_1522.nasl
2009-10-27 Name : CentOS Security Advisory CESA-2009:1522 (kernel)
File : nvt/ovcesa2009_1522.nasl
2009-10-11 Name : SLES11: Security update for KVM
File : nvt/sles11_kvm.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5020541.nasl
2009-09-02 Name : Debian Security Advisory DSA 1872-1 (linux-2.6)
File : nvt/deb_1872_1.nasl
2009-08-17 Name : Debian Security Advisory DSA 1845-1 (linux-2.6)
File : nvt/deb_1845_1.nasl
2009-08-17 Name : Debian Security Advisory DSA 1846-1 (kvm)
File : nvt/deb_1846_1.nasl
2009-04-09 Name : Mandriva Update for kernel MDKSA-2007:195 (kernel)
File : nvt/gb_mandriva_MDKSA_2007_195.nasl
2009-04-09 Name : Mandriva Update for kernel MDVSA-2008:105 (kernel)
File : nvt/gb_mandriva_MDVSA_2008_105.nasl
2009-03-23 Name : Ubuntu Update for linux-source-2.6.15/17/20 vulnerabilities USN-518-1
File : nvt/gb_ubuntu_USN_518_1.nasl
2009-02-27 Name : Fedora Update for kernel FEDORA-2007-2298
File : nvt/gb_fedora_2007_2298_kernel_fc7.nasl
2009-01-28 Name : SuSE Update for kernel SUSE-SA:2007:053
File : nvt/gb_suse_2007_053.nasl
2009-01-28 Name : SuSE Update for kernel SUSE-SA:2007:064
File : nvt/gb_suse_2007_064.nasl
2008-02-28 Name : Debian Security Advisory DSA 1504-1 (kernel-source-2.6.8 (2.6.8-17sarge1))
File : nvt/deb_1504_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1378-1 (linux-2.6)
File : nvt/deb_1378_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1378-2 (linux-2.6)
File : nvt/deb_1378_2.nasl
2008-01-17 Name : Debian Security Advisory DSA 1381-1 (linux-2.6)
File : nvt/deb_1381_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1381-2 (linux-2.6)
File : nvt/deb_1381_2.nasl
0000-00-00 Name : Slackware Advisory SSA:2010-240-06 xorg-server
File : nvt/esoft_slk_ssa_2010_240_06.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
68213 Linux Kernel on 64-bit include/asm/compat.h compat_alloc_user_space Function ...

68192 Linux Kernel on x86_64 arch/x86/ia32/ia32entry.S IA32 System Call Emulation O...

68176 Linux Kernel sound/core/seq/oss/seq_oss_init.c snd_seq_oss_open Function Doub...

67893 Linux Kernel eCryptfs Subsystem fs/ecryptfs/messaging.c ecryptfs_uid_hash Mac...

67366 Linux Kernel fs/gfs2/dir.c gfs2_dirent_find_space Function GFS2 File System R...

67335 Linux Kernel Controller Area Network net/can/bcm.c Broadcast Manager Implemen...

67334 Linux Kernel drivers/gpu/drm/drm_drv.c drm_ioctl() Function Crafted IOCTL Ker...

67244 Linux Kernel fs/cifs/cifssmb.c CIFSSMBWrite() SMB Response Packet Handling R...

67243 Linux Kernel fs/nfsd/nfs4xdr.c NFS XDR Compound Request Handling Overflow

67237 Linux Kernel mm/memory.c do_anonymous_page Function Shared Memory Segment Bot...

65631 Linux Kernel fs/xfs/xfs_dfrag.c xfs_swapext() Function Crafted IOCTL Local Ac...

65136 Linux Kernel mm/shmem.c knfsd shmemfs Object Export DoS

64557 Linux Kernel net/sctp/sm_make_chunk.c sctp_process_unk_param Function SCTPChu...

63897 Linux Kernel drivers/char/tty_io.c release_one_tty() Function Memory Exhausti...

63630 Linux Kernel fs/namei.c NFS Automount Symlink LOOKUP_FOLLOW Unspecified Issue

63452 Linux Kernel Transparent Inter-Process Communication (TIPC) AF_TIPC Datagram ...

62380 Linux Kernel kernel/futex.c wake_futex_pi Function Local DoS

62168 Linux Kernel mm/migrate.c do_pages_move() Function Local DoS

61035 Linux Kernel fs/ext4/super.c ext4_decode_error Function DoS

59477 Linux Kernel KVM Subsystem arch/x86/kvm/vmx.c handle_dr Function CPL Verifica...

59211 Linux Kernel ATI Rage 128 Driver CCE NULL Dereference Local Privilege Escalation

59070 Linux Kernel tc Subsystem net/sched/sch_api.c tc_fill_tclass Function Local M...

57821 Linux Kernel net/sched/sch_api.c tc_fill_tclass() Function Kernel Memory Disc...

57210 Linux Kernel drivers/parisc/eisa_eeprom.c eisa_eeprom_read Function Local Mem...

55567 Linux Kernel KVM on x86 kvm_arch_vcpu_ioctl_set_sregs Function Crafted CR3 Va...

37287 Linux Kernel on x86_64 IA32 System Call Emulation %RAX Register Local Privile...

Information Assurance Vulnerability Management (IAVM)

Date Description
2011-10-27 IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi
Severity : Category I - VMSKEY : V0030545
2011-06-09 IAVM : 2011-A-0075 - Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0028311
2011-05-12 IAVM : 2011-A-0066 - Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0027158
2010-09-23 IAVM : 2010-B-0085 - Linux Kernel Privilege Escalation Vulnerability
Severity : Category I - VMSKEY : V0025410
2010-01-07 IAVM : 2010-A-0001 - Multiple Vulnerabilities in Linux Kernel
Severity : Category I - VMSKEY : V0022180

Snort® IPS/IDS

Date Description
2014-01-10 Linux kernel IA32 out-of-bounds system call attempt
RuleID : 24371 - Revision : 5 - Type : OS-LINUX
2014-01-10 Linux kernel IA32 out-of-bounds system call attempt
RuleID : 24370 - Revision : 6 - Type : OS-LINUX
2014-01-10 Linux kernel sctp_process_unk_param SCTPChunkInit buffer overflow attempt
RuleID : 16724 - Revision : 7 - Type : OS-LINUX

Nessus® Vulnerability Scanner

Date Description
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0004_remote.nasl - Type : ACT_GATHER_INFO
2016-03-08 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2010-0009_remote.nasl - Type : ACT_GATHER_INFO
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0017_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0003_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0007_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0009_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO
2015-04-23 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16471.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2009-0033.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0622.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_Kernel-100824.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-100915.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-100921.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_xorg-x11-Xvnc-100819.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0936.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0937.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2007-0938.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1522.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1541.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1548.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1670.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1671.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0126.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0147.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0474.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0504.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0606.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0610.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0661.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0676.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0704.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0718.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0723.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0007.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1541.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1548.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0661.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0723.nasl - Type : ACT_GATHER_INFO
2013-03-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1083-1.nasl - Type : ACT_GATHER_INFO
2013-03-08 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO
2013-03-06 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091103_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_xorg-x11-server-dmx-120410.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_xorg-x11-server-rdp-120410.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0126.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0660.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0670.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0677.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0705.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0711.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0719.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0893.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0907.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20070927_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091022_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091215_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091215_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100301_kvm_on_SL5_4.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100316_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100615_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100701_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100805_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100810_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100907_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100921_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101110_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-4472.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-4745.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-6697.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-6730.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7015.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7137.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7164.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7261.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7384.nasl - Type : ACT_GATHER_INFO
2011-10-14 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1119-1.nasl - Type : ACT_GATHER_INFO
2011-06-06 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0009.nasl - Type : ACT_GATHER_INFO
2011-05-28 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-265-01.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-101020.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO
2011-04-29 Name : The remote VMware ESXi / ESX host is missing a security-related patch.
File : vmware_VMSA-2011-0007.nasl - Type : ACT_GATHER_INFO
2011-03-25 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7381.nasl - Type : ACT_GATHER_INFO
2011-03-17 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100109.nasl - Type : ACT_GATHER_INFO
2011-02-14 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0003.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100618.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100903.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100921.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-101007.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_xorg-x11-Xvnc-100819.nasl - Type : ACT_GATHER_INFO
2011-01-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0007.nasl - Type : ACT_GATHER_INFO
2011-01-11 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1041-1.nasl - Type : ACT_GATHER_INFO
2010-12-17 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-257.nasl - Type : ACT_GATHER_INFO
2010-12-14 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7257.nasl - Type : ACT_GATHER_INFO
2010-12-06 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-247.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100709.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100920.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-101020.nasl - Type : ACT_GATHER_INFO
2010-12-01 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0017.nasl - Type : ACT_GATHER_INFO
2010-11-18 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0842.nasl - Type : ACT_GATHER_INFO
2010-11-16 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2010-0016.nasl - Type : ACT_GATHER_INFO
2010-10-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1000-1.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-6694.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7133.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7160.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_xorg-x11-Xvnc-7126.nasl - Type : ACT_GATHER_INFO
2010-10-08 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-198.nasl - Type : ACT_GATHER_INFO
2010-10-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0718.nasl - Type : ACT_GATHER_INFO
2010-10-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0718.nasl - Type : ACT_GATHER_INFO
2010-10-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0723.nasl - Type : ACT_GATHER_INFO
2010-10-06 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12638.nasl - Type : ACT_GATHER_INFO
2010-09-24 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-188.nasl - Type : ACT_GATHER_INFO
2010-09-24 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-100921.nasl - Type : ACT_GATHER_INFO
2010-09-24 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-100921.nasl - Type : ACT_GATHER_INFO
2010-09-23 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12646.nasl - Type : ACT_GATHER_INFO
2010-09-22 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0704.nasl - Type : ACT_GATHER_INFO
2010-09-22 Name : The remote Fedora host is missing a security update.
File : fedora_2010-14832.nasl - Type : ACT_GATHER_INFO
2010-09-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0704.nasl - Type : ACT_GATHER_INFO
2010-09-21 Name : The remote Fedora host is missing a security update.
File : fedora_2010-14878.nasl - Type : ACT_GATHER_INFO
2010-09-21 Name : The remote Fedora host is missing a security update.
File : fedora_2010-14890.nasl - Type : ACT_GATHER_INFO
2010-09-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2110.nasl - Type : ACT_GATHER_INFO
2010-09-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-988-1.nasl - Type : ACT_GATHER_INFO
2010-09-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0676.nasl - Type : ACT_GATHER_INFO
2010-09-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-172.nasl - Type : ACT_GATHER_INFO
2010-09-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0676.nasl - Type : ACT_GATHER_INFO
2010-09-03 Name : The remote Fedora host is missing a security update.
File : fedora_2010-13903.nasl - Type : ACT_GATHER_INFO
2010-08-31 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0661.nasl - Type : ACT_GATHER_INFO
2010-08-29 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-240-06.nasl - Type : ACT_GATHER_INFO
2010-08-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0606.nasl - Type : ACT_GATHER_INFO
2010-08-27 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12636.nasl - Type : ACT_GATHER_INFO
2010-08-27 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-974-2.nasl - Type : ACT_GATHER_INFO
2010-08-24 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0474.nasl - Type : ACT_GATHER_INFO
2010-08-24 Name : The remote Fedora host is missing a security update.
File : fedora_2010-13058.nasl - Type : ACT_GATHER_INFO
2010-08-24 Name : The remote Fedora host is missing a security update.
File : fedora_2010-13110.nasl - Type : ACT_GATHER_INFO
2010-08-23 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2094.nasl - Type : ACT_GATHER_INFO
2010-08-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-974-1.nasl - Type : ACT_GATHER_INFO
2010-08-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0610.nasl - Type : ACT_GATHER_INFO
2010-08-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0610.nasl - Type : ACT_GATHER_INFO
2010-08-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0606.nasl - Type : ACT_GATHER_INFO
2010-08-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-966-1.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-066.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-088.nasl - Type : ACT_GATHER_INFO
2010-07-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0504.nasl - Type : ACT_GATHER_INFO
2010-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-100709.nasl - Type : ACT_GATHER_INFO
2010-07-13 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0504.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-1787.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-1804.nasl - Type : ACT_GATHER_INFO
2010-06-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0474.nasl - Type : ACT_GATHER_INFO
2010-06-04 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-947-1.nasl - Type : ACT_GATHER_INFO
2010-06-04 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-947-2.nasl - Type : ACT_GATHER_INFO
2010-06-01 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2010-0009.nasl - Type : ACT_GATHER_INFO
2010-05-26 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2053.nasl - Type : ACT_GATHER_INFO
2010-05-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0147.nasl - Type : ACT_GATHER_INFO
2010-05-07 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7011.nasl - Type : ACT_GATHER_INFO
2010-03-23 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-100317.nasl - Type : ACT_GATHER_INFO
2010-03-19 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0147.nasl - Type : ACT_GATHER_INFO
2010-03-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-914-1.nasl - Type : ACT_GATHER_INFO
2010-03-15 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2012.nasl - Type : ACT_GATHER_INFO
2010-03-09 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_kernel-100301.nasl - Type : ACT_GATHER_INFO
2010-03-05 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0004.nasl - Type : ACT_GATHER_INFO
2010-03-04 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0126.nasl - Type : ACT_GATHER_INFO
2010-03-03 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-100223.nasl - Type : ACT_GATHER_INFO
2010-03-03 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100223.nasl - Type : ACT_GATHER_INFO
2010-03-02 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2005.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1845.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1846.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1872.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1927.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1928.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1929.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1962.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1996.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2003.nasl - Type : ACT_GATHER_INFO
2010-02-18 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12578.nasl - Type : ACT_GATHER_INFO
2010-02-16 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_kernel-100203.nasl - Type : ACT_GATHER_INFO
2010-02-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-894-1.nasl - Type : ACT_GATHER_INFO
2010-01-15 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-100107.nasl - Type : ACT_GATHER_INFO
2010-01-15 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100108.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1670.nasl - Type : ACT_GATHER_INFO
2010-01-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-091218.nasl - Type : ACT_GATHER_INFO
2009-12-23 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-6726.nasl - Type : ACT_GATHER_INFO
2009-12-21 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1671.nasl - Type : ACT_GATHER_INFO
2009-12-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1670.nasl - Type : ACT_GATHER_INFO
2009-12-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1671.nasl - Type : ACT_GATHER_INFO
2009-12-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-864-1.nasl - Type : ACT_GATHER_INFO
2009-12-03 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-091123.nasl - Type : ACT_GATHER_INFO
2009-12-01 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-091123.nasl - Type : ACT_GATHER_INFO
2009-11-06 Name : The remote Fedora host is missing a security update.
File : fedora_2009-11032.nasl - Type : ACT_GATHER_INFO
2009-11-06 Name : The remote Fedora host is missing a security update.
File : fedora_2009-11038.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1541.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1548.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2009-10-27 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1522.nasl - Type : ACT_GATHER_INFO
2009-10-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1522.nasl - Type : ACT_GATHER_INFO
2009-10-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-852-1.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kvm-090806.nasl - Type : ACT_GATHER_INFO
2009-07-29 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-807-1.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-105.nasl - Type : ACT_GATHER_INFO
2008-02-25 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1504.nasl - Type : ACT_GATHER_INFO
2008-01-08 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-4752.nasl - Type : ACT_GATHER_INFO
2007-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-4471.nasl - Type : ACT_GATHER_INFO
2007-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-4741.nasl - Type : ACT_GATHER_INFO
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-518-1.nasl - Type : ACT_GATHER_INFO
2007-11-06 Name : The remote Fedora host is missing a security update.
File : fedora_2007-2298.nasl - Type : ACT_GATHER_INFO
2007-10-25 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2007-195.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-4473.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-4487.nasl - Type : ACT_GATHER_INFO
2007-10-17 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-4503.nasl - Type : ACT_GATHER_INFO
2007-10-03 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2007-0936.nasl - Type : ACT_GATHER_INFO
2007-10-03 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2007-0937.nasl - Type : ACT_GATHER_INFO
2007-10-03 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2007-0938.nasl - Type : ACT_GATHER_INFO
2007-10-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1378.nasl - Type : ACT_GATHER_INFO
2007-10-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1381.nasl - Type : ACT_GATHER_INFO
2007-10-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0936.nasl - Type : ACT_GATHER_INFO
2007-10-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0937.nasl - Type : ACT_GATHER_INFO
2007-10-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2007-0938.nasl - Type : ACT_GATHER_INFO
2007-09-25 Name : The remote Fedora Core host is missing a security update.
File : fedora_2007-712.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:41:47
  • Multiple Updates