Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Linux kernel vulnerabilities
Informations
Name USN-1186-1 First vendor Publication 2011-08-09
Vendor Ubuntu Last vendor Modification 2011-08-09
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.9 Attack Range Local
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 8.04 LTS

Summary:

Multiple kernel flaws have been fixed.

Software Description: - linux: Linux kernel

Details:

Dan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4073)

Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. (CVE-2010-4165)

Vladymyr Denysov discovered that Xen virtual CD-ROM devices were not handled correctly. A local attacker in a guest could make crafted blkback requests that would crash the host, leading to a denial of service. (CVE-2010-4238)

Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service. (CVE-2010-4249)

Dan Carpenter discovered that the Infiniband driver did not correctly handle certain requests. A local user could exploit this to crash the system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)

Dan Rosenberg discovered that XFS did not correctly initialize memory. A local attacker could make crafted ioctl calls to leak portions of kernel stack memory, leading to a loss of privacy. (CVE-2011-0711)

Timo Warns discovered that MAC partition parsing routines did not correctly calculate block counts. A local attacker with physical access could plug in a specially crafted block device to crash the system or potentially gain root privileges. (CVE-2011-1010)

Neil Horman discovered that NFSv4 did not correctly handle certain orders of operation with ACL data. A remote attacker with access to an NFSv4 mount could exploit this to crash the system, leading to a denial of service. (CVE-2011-1090)

Vasiliy Kulikov discovered that the netfilter code did not check certain strings copied from userspace. A local attacker with netfilter access could exploit this to read kernel memory or crash the system, leading to a denial of service. (CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-2534)

Vasiliy Kulikov discovered that the Acorn Universal Networking driver did not correctly initialize memory. A remote attacker could send specially crafted traffic to read kernel stack memory, leading to a loss of privacy. (CVE-2011-1173)

Vasiliy Kulikov discovered that taskstats listeners were not correctly handled. A local attacker could expoit this to exhaust memory and CPU resources, leading to a denial of service. (CVE-2011-2484)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 8.04 LTS:
linux-image-2.6.24-29-386 2.6.24-29.92
linux-image-2.6.24-29-generic 2.6.24-29.92
linux-image-2.6.24-29-hppa32 2.6.24-29.92
linux-image-2.6.24-29-hppa64 2.6.24-29.92
linux-image-2.6.24-29-itanium 2.6.24-29.92
linux-image-2.6.24-29-lpia 2.6.24-29.92
linux-image-2.6.24-29-lpiacompat 2.6.24-29.92
linux-image-2.6.24-29-mckinley 2.6.24-29.92
linux-image-2.6.24-29-openvz 2.6.24-29.92
linux-image-2.6.24-29-powerpc 2.6.24-29.92
linux-image-2.6.24-29-powerpc-smp 2.6.24-29.92
linux-image-2.6.24-29-powerpc64-smp 2.6.24-29.92
linux-image-2.6.24-29-rt 2.6.24-29.92
linux-image-2.6.24-29-server 2.6.24-29.92
linux-image-2.6.24-29-sparc64 2.6.24-29.92
linux-image-2.6.24-29-sparc64-smp 2.6.24-29.92
linux-image-2.6.24-29-virtual 2.6.24-29.92
linux-image-2.6.24-29-xen 2.6.24-29.92

After a standard system update you need to reboot your computer to make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1186-1
CVE-2010-4073, CVE-2010-4165, CVE-2010-4238, CVE-2010-4249,
CVE-2010-4649, CVE-2011-0711, CVE-2011-1010, CVE-2011-1044,
CVE-2011-1090, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172,
CVE-2011-1173, CVE-2011-2484, CVE-2011-2534

Package Information:
https://launchpad.net/ubuntu/+source/linux/2.6.24-29.92

Original Source

Url : http://www.ubuntu.com/usn/USN-1186-1

CWE : Common Weakness Enumeration

% Id Name
43 % CWE-200 Information Exposure
14 % CWE-399 Resource Management Errors
14 % CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25)
7 % CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
7 % CWE-369 Divide By Zero
7 % CWE-264 Permissions, Privileges, and Access Controls
7 % CWE-190 Integer Overflow or Wraparound (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12770
 
Oval ID: oval:org.mitre.oval:def:12770
Title: USN-1074-1 -- linux-fsl-imx51 vulnerabilities
Description: Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packats. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. James Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service. Neil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges. David Howells discovered that DNS resolution in CIFS could be spoofed. A local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9.10 was affected. Bob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Sergey Vlasov discovered that JFS did not correctly handle certain extended attributes. A local attacker could bypass namespace access rules, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Ubuntu 10.10 was not affected. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Toshiyuki Okajima discovered that ext4 did not correctly check certain parameters. A local attacker could exploit this to crash the system or overwrite the last block of large files. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service
Family: unix Class: patch
Reference(s): USN-1074-1
CVE-2009-4895
CVE-2010-2066
CVE-2010-2226
CVE-2010-2240
CVE-2010-2248
CVE-2010-2478
CVE-2010-3084
CVE-2010-2495
CVE-2010-2521
CVE-2010-2524
CVE-2010-2538
CVE-2010-2798
CVE-2010-2803
CVE-2010-2942
CVE-2010-3477
CVE-2010-2943
CVE-2010-2946
CVE-2010-2954
CVE-2010-2955
CVE-2010-2959
CVE-2010-2962
CVE-2010-2963
CVE-2010-3015
CVE-2010-3067
CVE-2010-3078
CVE-2010-3079
CVE-2010-3080
CVE-2010-3081
CVE-2010-3296
CVE-2010-3297
CVE-2010-3298
CVE-2010-3301
CVE-2010-3310
CVE-2010-3432
CVE-2010-3437
CVE-2010-3442
CVE-2010-3448
CVE-2010-3698
CVE-2010-3705
CVE-2010-3848
CVE-2010-3849
CVE-2010-3850
CVE-2010-3858
CVE-2010-3861
CVE-2010-3904
CVE-2010-4072
CVE-2010-4073
CVE-2010-4074
CVE-2010-4078
CVE-2010-4079
CVE-2010-4165
CVE-2010-4169
CVE-2010-4249
Version: 5
Platform(s): Ubuntu 9.10
Product(s): linux-fsl-imx51
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12842
 
Oval ID: oval:org.mitre.oval:def:12842
Title: USN-1073-1 -- linux, linux-ec2 vulnerabilities
Description: Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Dan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the VIA video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the semctl syscall did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. James Bottomley discovered that the ICP vortex storage array controller driver did not validate certain sizes. A local attacker on a 64bit system could exploit this to crash the kernel, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel L2TP implementation contained multiple integer signedness errors. A local attacker could exploit this to crash the kernel, or possibly gain root privileges. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that multithreaded exec did not handle CPU timers correctly. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service
Family: unix Class: patch
Reference(s): USN-1073-1
CVE-2010-0435
CVE-2010-3448
CVE-2010-3698
CVE-2010-3859
CVE-2010-3865
CVE-2010-3873
CVE-2010-3874
CVE-2010-3875
CVE-2010-3876
CVE-2010-3877
CVE-2010-3880
CVE-2010-4073
CVE-2010-4074
CVE-2010-4078
CVE-2010-4079
CVE-2010-4080
CVE-2010-4081
CVE-2010-4082
CVE-2010-4083
CVE-2010-4157
CVE-2010-4160
CVE-2010-4165
CVE-2010-4169
CVE-2010-4248
CVE-2010-4249
Version: 5
Platform(s): Ubuntu 9.10
Product(s): linux
linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13363
 
Oval ID: oval:org.mitre.oval:def:13363
Title: USN-1074-2 -- linux-fsl-imx51 vulnerabilities
Description: USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04. Original advisory details: Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packats. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. James Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service. Neil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges. David Howells discovered that DNS resolution in CIFS could be spoofed. A local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9.10 was affected. Bob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Sergey Vlasov discovered that JFS did not correctly handle certain extended attributes. A local attacker could bypass namespace access rules, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Ubuntu 10.10 was not affected. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Toshiyuki Okajima discovered that ext4 did not correctly check certain parameters. A local attacker could exploit this to crash the system or overwrite the last block of large files. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service
Family: unix Class: patch
Reference(s): USN-1074-2
CVE-2010-3904
CVE-2010-3848
CVE-2010-3849
CVE-2010-3850
CVE-2010-3301
CVE-2010-3081
CVE-2009-4895
CVE-2010-2066
CVE-2010-2226
CVE-2010-2248
CVE-2010-2478
CVE-2010-3084
CVE-2010-2495
CVE-2010-2521
CVE-2010-2524
CVE-2010-2538
CVE-2010-2798
CVE-2010-2942
CVE-2010-3477
CVE-2010-2943
CVE-2010-2946
CVE-2010-2954
CVE-2010-2955
CVE-2010-2962
CVE-2010-2963
CVE-2010-3015
CVE-2010-3067
CVE-2010-3078
CVE-2010-3079
CVE-2010-3080
CVE-2010-3296
CVE-2010-3297
CVE-2010-3298
CVE-2010-3310
CVE-2010-3432
CVE-2010-3437
CVE-2010-3442
CVE-2010-3448
CVE-2010-3698
CVE-2010-3705
CVE-2010-3858
CVE-2010-3861
CVE-2010-4072
CVE-2010-4073
CVE-2010-4074
CVE-2010-4078
CVE-2010-4079
CVE-2010-4165
CVE-2010-4169
CVE-2010-4249
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-fsl-imx51
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14810
 
Oval ID: oval:org.mitre.oval:def:14810
Title: USN-1186-1 -- Linux kernel vulnerabilities
Description: linux: Linux kernel Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1186-1
CVE-2010-4073
CVE-2010-4165
CVE-2010-4238
CVE-2010-4249
CVE-2010-4649
CVE-2011-1044
CVE-2011-0711
CVE-2011-1010
CVE-2011-1090
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-2534
CVE-2011-1173
CVE-2011-2484
Version: 5
Platform(s): Ubuntu 8.04
Product(s): Linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19711
 
Oval ID: oval:org.mitre.oval:def:19711
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRY_V1 ioctl call.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0711
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19779
 
Oval ID: oval:org.mitre.oval:def:19779
Title: VMware vSphere and vCOps updates to third party libraries
Description: The add_del_listener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a crafted application.
Family: unix Class: vulnerability
Reference(s): CVE-2011-2484
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19982
 
Oval ID: oval:org.mitre.oval:def:19982
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4073
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20210
 
Oval ID: oval:org.mitre.oval:def:20210
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1170
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20307
 
Oval ID: oval:org.mitre.oval:def:20307
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4238
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20313
 
Oval ID: oval:org.mitre.oval:def:20313
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux kernel before 2.6.38 stores NFSv4 ACL data in memory that is allocated by kmalloc but not properly freed, which allows local users to cause a denial of service (panic) via a crafted attempt to set an ACL.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1090
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20410
 
Oval ID: oval:org.mitre.oval:def:20410
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via a malformed Mac OS partition table.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1010
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20444
 
Oval ID: oval:org.mitre.oval:def:20444
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1172
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20528
 
Oval ID: oval:org.mitre.oval:def:20528
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4649
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20548
 
Oval ID: oval:org.mitre.oval:def:20548
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1171
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20550
 
Oval ID: oval:org.mitre.oval:def:20550
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1044
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20611
 
Oval ID: oval:org.mitre.oval:def:20611
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4249
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25739
 
Oval ID: oval:org.mitre.oval:def:25739
Title: SUSE-SU-2013:1832-1 -- Security update for Linux kernel
Description: The SUSE Linux Enterprise Server 10 SP3 LTSS kernel received a roll up update to fix lots of moderate security issues and several bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:1832-1
CVE-2012-4530
CVE-2011-2494
CVE-2013-2234
CVE-2013-2237
CVE-2013-2147
CVE-2013-2141
CVE-2013-0160
CVE-2012-6537
CVE-2013-3222
CVE-2013-3223
CVE-2013-3224
CVE-2013-3228
CVE-2013-3229
CVE-2013-3231
CVE-2013-3232
CVE-2013-3234
CVE-2013-3235
CVE-2013-1827
CVE-2012-6549
CVE-2012-6547
CVE-2012-6546
CVE-2012-6544
CVE-2012-6545
CVE-2012-6542
CVE-2012-6541
CVE-2012-6540
CVE-2013-0914
CVE-2011-2492
CVE-2013-2206
CVE-2012-6539
CVE-2013-2232
CVE-2013-2164
CVE-2012-4444
CVE-2013-1928
CVE-2013-0871
CVE-2013-0268
CVE-2012-3510
CVE-2011-4110
CVE-2012-2136
CVE-2009-4020
CVE-2011-2928
CVE-2011-4077
CVE-2011-4324
CVE-2011-4330
CVE-2011-1172
CVE-2011-2525
CVE-2011-2699
CVE-2011-1171
CVE-2011-1170
CVE-2011-3209
CVE-2011-2213
CVE-2010-3880
CVE-2011-2534
CVE-2011-2203
CVE-2009-4067
CVE-2011-3363
CVE-2011-2484
CVE-2011-4132
CVE-2010-4249
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): Linux kernel
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 1
Os 1
Os 1
Os 1393
Os 2
Os 1
Os 1
Os 1
Os 1
Os 1
Os 1
Os 2
Os 1
Os 3
Os 1

ExploitDB Exploits

id Description
2011-09-05 Linux Kernel < 2.6.36.2 Econet Privilege Escalation Exploit
2011-03-10 Linux Kernel < 2.6.37-rc2 TCP_MAXSEG Kernel Panic DoS
2011-03-02 Linux Kernel <= 2.6.37 Local Kernel Denial of Service

OpenVAS Exploits

Date Description
2012-08-31 Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries.
File : nvt/gb_VMSA-2012-0013.nasl
2012-08-02 Name : SuSE Update for kernel openSUSE-SU-2012:0206-1 (kernel)
File : nvt/gb_suse_2012_0206_1.nasl
2012-08-02 Name : SuSE Update for kernel openSUSE-SU-2012:0236-1 (kernel)
File : nvt/gb_suse_2012_0236_1.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0162 centos4 x86_64
File : nvt/gb_CESA-2011_0162_kernel_centos4_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0303 centos5 x86_64
File : nvt/gb_CESA-2011_0303_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64
File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0429 centos5 x86_64
File : nvt/gb_CESA-2011_0429_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0927 centos5 x86_64
File : nvt/gb_CESA-2011_0927_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0833 centos5 x86_64
File : nvt/gb_CESA-2011_0833_kernel_centos5_x86_64.nasl
2012-07-09 Name : RedHat Update for kernel RHSA-2011:1350-01
File : nvt/gb_RHSA-2011_1350-01_kernel.nasl
2012-07-09 Name : RedHat Update for kernel RHSA-2011:0283-01
File : nvt/gb_RHSA-2011_0283-01_kernel.nasl
2012-06-06 Name : RedHat Update for Red Hat Enterprise Linux 6.1 kernel RHSA-2011:0542-01
File : nvt/gb_RHSA-2011_0542-01_Red_Hat_Enterprise_Linux_6.1_kernel.nasl
2012-06-06 Name : RedHat Update for kernel RHSA-2011:0498-01
File : nvt/gb_RHSA-2011_0498-01_kernel.nasl
2012-06-05 Name : RedHat Update for kernel RHSA-2011:0007-01
File : nvt/gb_RHSA-2011_0007-01_kernel.nasl
2012-03-16 Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX...
File : nvt/gb_VMSA-2011-0012.nasl
2012-03-15 Name : VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Ser...
File : nvt/gb_VMSA-2012-0001.nasl
2011-12-02 Name : Fedora Update for kernel FEDORA-2011-16346
File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl
2011-11-11 Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1
File : nvt/gb_ubuntu_USN_1256_1.nasl
2011-11-08 Name : Fedora Update for kernel FEDORA-2011-15241
File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl
2011-10-31 Name : Fedora Update for kernel FEDORA-2011-14747
File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl
2011-10-21 Name : RedHat Update for kernel RHSA-2011:1386-01
File : nvt/gb_RHSA-2011_1386-01_kernel.nasl
2011-10-21 Name : CentOS Update for kernel CESA-2011:1386 centos5 i386
File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl
2011-10-10 Name : Fedora Update for kernel FEDORA-2011-12874
File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl
2011-09-30 Name : Ubuntu Update for linux-ec2 USN-1216-1
File : nvt/gb_ubuntu_USN_1216_1.nasl
2011-09-30 Name : Ubuntu Update for linux USN-1218-1
File : nvt/gb_ubuntu_USN_1218_1.nasl
2011-09-23 Name : Ubuntu Update for linux-ti-omap4 USN-1212-1
File : nvt/gb_ubuntu_USN_1212_1.nasl
2011-09-16 Name : Ubuntu Update for linux USN-1201-1
File : nvt/gb_ubuntu_USN_1201_1.nasl
2011-09-16 Name : Ubuntu Update for linux-mvl-dove USN-1203-1
File : nvt/gb_ubuntu_USN_1203_1.nasl
2011-09-16 Name : Ubuntu Update for linux-ti-omap4 USN-1202-1
File : nvt/gb_ubuntu_USN_1202_1.nasl
2011-09-16 Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1
File : nvt/gb_ubuntu_USN_1204_1.nasl
2011-09-16 Name : Ubuntu Update for linux-lts-backport-maverick USN-1205-1
File : nvt/gb_ubuntu_USN_1205_1.nasl
2011-09-16 Name : Ubuntu Update for linux-mvl-dove USN-1208-1
File : nvt/gb_ubuntu_USN_1208_1.nasl
2011-08-27 Name : Fedora Update for kernel FEDORA-2011-11103
File : nvt/gb_fedora_2011_11103_kernel_fc14.nasl
2011-08-24 Name : Ubuntu Update for linux USN-1193-1
File : nvt/gb_ubuntu_USN_1193_1.nasl
2011-08-12 Name : Ubuntu Update for linux USN-1183-1
File : nvt/gb_ubuntu_USN_1183_1.nasl
2011-08-12 Name : Ubuntu Update for linux USN-1186-1
File : nvt/gb_ubuntu_USN_1186_1.nasl
2011-08-12 Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1
File : nvt/gb_ubuntu_USN_1187_1.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2011:0833 centos5 i386
File : nvt/gb_CESA-2011_0833_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2011:0429 centos5 i386
File : nvt/gb_CESA-2011_0429_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2011:0303 centos5 i386
File : nvt/gb_CESA-2011_0303_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2011:0927 centos5 i386
File : nvt/gb_CESA-2011_0927_kernel_centos5_i386.nasl
2011-08-03 Name : Debian Security Advisory DSA 2264-1 (linux-2.6)
File : nvt/deb_2264_1.nasl
2011-07-18 Name : RedHat Update for kernel RHSA-2011:0927-01
File : nvt/gb_RHSA-2011_0927-01_kernel.nasl
2011-07-18 Name : Ubuntu Update for linux USN-1168-1
File : nvt/gb_ubuntu_USN_1168_1.nasl
2011-07-18 Name : Ubuntu Update for linux USN-1167-1
File : nvt/gb_ubuntu_USN_1167_1.nasl
2011-07-18 Name : Ubuntu Update for linux-ec2 USN-1161-1
File : nvt/gb_ubuntu_USN_1161_1.nasl
2011-07-18 Name : Ubuntu Update for linux-mvl-dove USN-1159-1
File : nvt/gb_ubuntu_USN_1159_1.nasl
2011-07-08 Name : Ubuntu Update for linux-fsl-imx51 USN-1164-1
File : nvt/gb_ubuntu_USN_1164_1.nasl
2011-07-08 Name : Ubuntu Update for linux-mvl-dove USN-1162-1
File : nvt/gb_ubuntu_USN_1162_1.nasl
2011-07-08 Name : Ubuntu Update for linux USN-1160-1
File : nvt/gb_ubuntu_USN_1160_1.nasl
2011-06-24 Name : Fedora Update for kernel FEDORA-2011-6447
File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl
2011-06-20 Name : Fedora Update for kernel FEDORA-2011-7551
File : nvt/gb_fedora_2011_7551_kernel_fc14.nasl
2011-06-06 Name : RedHat Update for kernel RHSA-2011:0833-01
File : nvt/gb_RHSA-2011_0833-01_kernel.nasl
2011-06-06 Name : Ubuntu Update for linux USN-1141-1
File : nvt/gb_ubuntu_USN_1141_1.nasl
2011-06-03 Name : Ubuntu Update for linux USN-1133-1
File : nvt/gb_ubuntu_USN_1133_1.nasl
2011-05-17 Name : Fedora Update for kernel FEDORA-2011-6541
File : nvt/gb_fedora_2011_6541_kernel_fc14.nasl
2011-05-10 Name : Ubuntu Update for linux-source-2.6.15 USN-1111-1
File : nvt/gb_ubuntu_USN_1111_1.nasl
2011-05-10 Name : Ubuntu Update for linux-ti-omap4 USN-1119-1
File : nvt/gb_ubuntu_USN_1119_1.nasl
2011-05-06 Name : SuSE Update for kernel SUSE-SA:2011:020
File : nvt/gb_suse_2011_020.nasl
2011-04-22 Name : SuSE Update for kernel SUSE-SA:2011:017
File : nvt/gb_suse_2011_017.nasl
2011-04-19 Name : RedHat Update for kernel RHSA-2011:0429-01
File : nvt/gb_RHSA-2011_0429-01_kernel.nasl
2011-03-15 Name : Fedora Update for kernel FEDORA-2011-2134
File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl
2011-03-07 Name : Debian Security Advisory DSA 2153-1 (linux-2.6)
File : nvt/deb_2153_1.nasl
2011-03-07 Name : RedHat Update for kernel RHSA-2011:0303-01
File : nvt/gb_RHSA-2011_0303-01_kernel.nasl
2011-03-07 Name : Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1
File : nvt/gb_ubuntu_USN_1083_1.nasl
2011-03-07 Name : Ubuntu Update for linux vulnerabilities USN-1081-1
File : nvt/gb_ubuntu_USN_1081_1.nasl
2011-03-07 Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2
File : nvt/gb_ubuntu_USN_1080_2.nasl
2011-03-07 Name : Ubuntu Update for linux vulnerabilities USN-1080-1
File : nvt/gb_ubuntu_USN_1080_1.nasl
2011-02-28 Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1
File : nvt/gb_ubuntu_USN_1073_1.nasl
2011-02-18 Name : Mandriva Update for kernel MDVSA-2011:029 (kernel)
File : nvt/gb_mandriva_MDVSA_2011_029.nasl
2011-02-16 Name : SuSE Update for kernel SUSE-SA:2011:008
File : nvt/gb_suse_2011_008.nasl
2011-02-11 Name : Fedora Update for kernel FEDORA-2011-1138
File : nvt/gb_fedora_2011_1138_kernel_fc14.nasl
2011-02-04 Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1054-1
File : nvt/gb_ubuntu_USN_1054_1.nasl
2011-01-31 Name : CentOS Update for kernel CESA-2011:0162 centos4 i386
File : nvt/gb_CESA-2011_0162_kernel_centos4_i386.nasl
2011-01-24 Name : Debian Security Advisory DSA 2126-1 (linux-2.6)
File : nvt/deb_2126_1.nasl
2011-01-21 Name : RedHat Update for kernel RHSA-2011:0162-01
File : nvt/gb_RHSA-2011_0162-01_kernel.nasl
2011-01-14 Name : RedHat Update for Red Hat Enterprise Linux 5.6 kernel RHSA-2011:0017-01
File : nvt/gb_RHSA-2011_0017-01_Red_Hat_Enterprise_Linux_5.6_kernel.nasl
2011-01-11 Name : SuSE Update for kernel SUSE-SA:2011:001
File : nvt/gb_suse_2011_001.nasl
2011-01-11 Name : SuSE Update for kernel SUSE-SA:2011:002
File : nvt/gb_suse_2011_002.nasl
2010-12-28 Name : Fedora Update for kernel FEDORA-2010-18983
File : nvt/gb_fedora_2010_18983_kernel_fc13.nasl
2010-12-23 Name : Fedora Update for kernel FEDORA-2010-18506
File : nvt/gb_fedora_2010_18506_kernel_fc13.nasl
2010-12-09 Name : Fedora Update for kernel FEDORA-2010-18432
File : nvt/gb_fedora_2010_18432_kernel_fc12.nasl
2010-12-09 Name : Fedora Update for kernel FEDORA-2010-18493
File : nvt/gb_fedora_2010_18493_kernel_fc14.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
73451 Linux Kernel kernel/taskstats.c add_del_listener Function Exit Handler Regist...

73298 Linux Kernel on x86_64 net/econet/af_econet.c econet_sendmsg Function AUN Pac...

73297 Linux Kernel IPv6 net/ipv6/netfilter/ip6_tables.c CAP_NET_ADMIN Missing Null ...

73296 Linux Kernel IPv4 net/ipv4/netfilter/ip_tables.c CAP_NET_ADMIN Missing Null C...

73295 Linux Kernel IPv4 net/ipv4/netfilter/arp_tables.c CAP_NET_ADMIN Missing Null ...

73293 Linux Kernel net/ipv4/netfilter/ipt_CLUSTERIP.c clusterip_proc_write Function...

73041 Linux Kernel fs/nfs/nfs4proc.c __nfs4_proc_set_acl Function kmalloc NFSv4 ACL...

72996 Linux Kernel fs/partitions/mac.c mac_partition Function Mac OS Partition Tabl...

72993 Linux Kernel drivers/infiniband/core/uverbs_cmd.c ib_uverbs_poll_cq Function ...

71649 Linux Kernel drivers/infiniband/core/uverbs_cmd.c ib_uverbs_poll_cq Function ...

70950 Linux Kernel fs/xfs/xfs_fsops.c xfs_fs_geometry() Local Memory Disclosure

Linux Kernel contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the 'xfs_fs_geometry()' function in 'fs/xfs/xfs_fsops.c' fails to properly initialize the 'logsunit' member of the 'xfs_fsop_geom_t' structure, which will disclose kernel stack memory to a local attacker.
70660 Linux Kernel on RHEL Xen vbd_create Function blkback Driver Virtual CD-ROM De...

The 'vbd_create' function in Xen allows guest OS users to cause a denial of service when attempting to access a virtual CD-ROM through the blkback driver.
69531 Linux Kernel ipc Subsystem ipc/compat_mq.c Multiple Function Local Memory Dis...

Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the ipc Subsystem fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via vectors related to the 'compat_sys_mq_open' and 'compat_sys_mq_getsetattr' functions in 'ipc/compat_mq.c'.
69530 Linux Kernel ipc Subsystem ipc/compat.c Multiple Function Local Memory Disclo...

Linux Kernel contains a flaw that may lead to an unauthorized information disclosure.  The issue is triggered when the ipc Subsystem fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via vectors related to the 'compat_sys_semctl', 'compat_sys_msgctl', and 'compat_sys_shmctl' functions in 'ipc/compat.c'.
69527 Linux Kernel net/unix/garbage.c wait_for_unix_gc Function SOCK_SEQPACKET Sock...

Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'wait_for_unix_gc' function in 'net/unix/garbage.c' fails to properly select times for garbage collection of inflight sockets, allowing a local attacker to cause a denial of service via the 'socketpair' and 'sendmsg' system calls for SOCK_SEQPACKET sockets.
69241 Linux Kernel TCP MSS Divide-by-zero DoS

Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when a user program passes a malformed TCP_MAXSEG value to tcp_select_initial_window, causing a divide-by-zero, resulting in loss of availability for the system.

Information Assurance Vulnerability Management (IAVM)

Date Description
2012-09-27 IAVM : 2012-A-0153 - Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity : Category I - VMSKEY : V0033884
2012-09-13 IAVM : 2012-A-0148 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity : Category I - VMSKEY : V0033794
2012-02-02 IAVM : 2012-A-0020 - Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity : Category I - VMSKEY : V0031252
2011-10-27 IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi
Severity : Category I - VMSKEY : V0030545

Nessus® Vulnerability Scanner

Date Description
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03 Name : The remote VMware ESXi / ESX host is missing a security-related patch.
File : vmware_VMSA-2012-0001_remote.nasl - Type : ACT_GATHER_INFO
2016-02-29 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2012-0013_remote.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2012-1391-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0812-1.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-0439.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-1090.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-1408.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1253.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-101215.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-110726.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-120104.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-110426.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-110726.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-120104.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0007.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0162.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0283.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0303.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0429.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0498.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0833.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0927.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1350.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2010.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2014.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2015.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2016.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2029.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO
2013-03-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1083-1.nasl - Type : ACT_GATHER_INFO
2013-03-08 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0883.nasl - Type : ACT_GATHER_INFO
2012-10-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-8324.nasl - Type : ACT_GATHER_INFO
2012-10-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-8325.nasl - Type : ACT_GATHER_INFO
2012-08-31 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2012-0013.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110118_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110222_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110301_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110412_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110510_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110519_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110531_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110715_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111005_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111020_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7261.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7384.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7515.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7665.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7915.nasl - Type : ACT_GATHER_INFO
2012-04-23 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12677.nasl - Type : ACT_GATHER_INFO
2012-01-31 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2012-0001.nasl - Type : ACT_GATHER_INFO
2012-01-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7918.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7516.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7666.nasl - Type : ACT_GATHER_INFO
2011-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1256-1.nasl - Type : ACT_GATHER_INFO
2011-10-21 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2011-10-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2011-10-14 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO
2011-10-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1350.nasl - Type : ACT_GATHER_INFO
2011-09-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1218-1.nasl - Type : ACT_GATHER_INFO
2011-09-27 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1216-1.nasl - Type : ACT_GATHER_INFO
2011-09-26 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2310.nasl - Type : ACT_GATHER_INFO
2011-09-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1212-1.nasl - Type : ACT_GATHER_INFO
2011-09-15 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1208-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1201-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1203-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1205-1.nasl - Type : ACT_GATHER_INFO
2011-09-09 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2303.nasl - Type : ACT_GATHER_INFO
2011-08-23 Name : The remote Fedora host is missing a security update.
File : fedora_2011-11103.nasl - Type : ACT_GATHER_INFO
2011-08-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1193-1.nasl - Type : ACT_GATHER_INFO
2011-08-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1186-1.nasl - Type : ACT_GATHER_INFO
2011-08-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO
2011-08-04 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1183-1.nasl - Type : ACT_GATHER_INFO
2011-07-26 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110718.nasl - Type : ACT_GATHER_INFO
2011-07-19 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO
2011-07-18 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1168-1.nasl - Type : ACT_GATHER_INFO
2011-07-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO
2011-07-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1159-1.nasl - Type : ACT_GATHER_INFO
2011-07-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1161-1.nasl - Type : ACT_GATHER_INFO
2011-07-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO
2011-07-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1164-1.nasl - Type : ACT_GATHER_INFO
2011-07-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1162-1.nasl - Type : ACT_GATHER_INFO
2011-06-30 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7568.nasl - Type : ACT_GATHER_INFO
2011-06-29 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1160-1.nasl - Type : ACT_GATHER_INFO
2011-06-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2264.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1111-1.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1119-1.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1133-1.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1141-1.nasl - Type : ACT_GATHER_INFO
2011-06-10 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2240.nasl - Type : ACT_GATHER_INFO
2011-06-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO
2011-05-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0542.nasl - Type : ACT_GATHER_INFO
2011-05-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0498.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-101202.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-debug-101215.nasl - Type : ACT_GATHER_INFO
2011-04-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110414.nasl - Type : ACT_GATHER_INFO
2011-04-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110415.nasl - Type : ACT_GATHER_INFO
2011-04-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0303.nasl - Type : ACT_GATHER_INFO
2011-04-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO
2011-04-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO
2011-03-25 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7381.nasl - Type : ACT_GATHER_INFO
2011-03-09 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110228.nasl - Type : ACT_GATHER_INFO
2011-03-08 Name : The remote Fedora host is missing a security update.
File : fedora_2011-2134.nasl - Type : ACT_GATHER_INFO
2011-03-03 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1080-2.nasl - Type : ACT_GATHER_INFO
2011-03-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0303.nasl - Type : ACT_GATHER_INFO
2011-03-02 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1080-1.nasl - Type : ACT_GATHER_INFO
2011-03-02 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1081-1.nasl - Type : ACT_GATHER_INFO
2011-03-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1073-1.nasl - Type : ACT_GATHER_INFO
2011-02-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0283.nasl - Type : ACT_GATHER_INFO
2011-02-11 Name : The remote Fedora host is missing a security update.
File : fedora_2011-1138.nasl - Type : ACT_GATHER_INFO
2011-02-11 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12672.nasl - Type : ACT_GATHER_INFO
2011-02-02 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1054-1.nasl - Type : ACT_GATHER_INFO
2011-01-31 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2153.nasl - Type : ACT_GATHER_INFO
2011-01-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110104.nasl - Type : ACT_GATHER_INFO
2011-01-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO
2011-01-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0017.nasl - Type : ACT_GATHER_INFO
2011-01-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0007.nasl - Type : ACT_GATHER_INFO
2010-12-26 Name : The remote Fedora host is missing a security update.
File : fedora_2010-18983.nasl - Type : ACT_GATHER_INFO
2010-12-14 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7257.nasl - Type : ACT_GATHER_INFO
2010-12-08 Name : The remote Fedora host is missing a security update.
File : fedora_2010-18506.nasl - Type : ACT_GATHER_INFO
2010-12-06 Name : The remote Fedora host is missing a security update.
File : fedora_2010-18493.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote Fedora host is missing a security update.
File : fedora_2010-18432.nasl - Type : ACT_GATHER_INFO
2010-11-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2126.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:58:51
  • Multiple Updates