Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Linux kernel (Maverick backport) vulnerabilities
Informations
NameUSN-1187-1First vendor Publication2011-08-09
VendorUbuntuLast vendor Modification2011-08-09
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score7.8Attack RangeNetwork
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 10.04 LTS

Summary:

Multiple kernel flaws have been fixed.

Software Description: - linux-lts-backport-maverick: Linux kernel backport from Maverick

Details:

It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3698)

Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. (CVE-2010-3865)

Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)

Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3876)

Vasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)

Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. (CVE-2010-3880)

Vasiliy Kulikov discovered that kvm did not correctly clear memory. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. (CVE-2010-3881)

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4075, CVE-2010-4076, CVE-2010-4077)

Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4079)

Dan Rosenberg discovered that the semctl syscall did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4083)

Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2010-4163, CVE-2010-4668)

It was discovered that multithreaded exec did not handle CPU timers correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4248)

Nelson Elhage discovered that Econet did not correctly handle AUN packets over UDP. A local attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2010-4342)

Tavis Ormandy discovered that the install_special_mapping function could bypass the mmap_min_addr restriction. A local attacker could exploit this to mmap 4096 bytes below the mmap_min_addr area, possibly improving the chances of performing NULL pointer dereference attacks. (CVE-2010-4346)

Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. A local attacker could exploit this crash the system or gain root privileges. (CVE-2010-4527)

Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. (CVE-2010-4529)

Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc filesystem. A local attacker could use this to increase the chances of a successful memory corruption exploit. (CVE-2010-4565)

Dan Carpenter discovered that the Infiniband driver did not correctly handle certain requests. A local user could exploit this to crash the system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)

Kees Cook discovered that the IOWarrior USB device driver did not correctly check certain size fields. A local attacker with physical access could plug in a specially crafted USB device to crash the system or potentially gain root privileges. (CVE-2010-4656)

Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file holes. A local attacker could exploit this to read uninitialized data from the disk, leading to a loss of privacy. (CVE-2011-0463)

Dan Carpenter discovered that the TTPCI DVB driver did not check certain values during an ioctl. If the dvb-ttpci module was loaded, a local attacker could exploit this to crash the system, leading to a denial of service, or possibly gain root privileges. (CVE-2011-0521)

Jens Kuehnel discovered that the InfiniBand driver contained a race condition. On systems using InfiniBand, a local attacker could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2011-0695)

Dan Rosenberg discovered that XFS did not correctly initialize memory. A local attacker could make crafted ioctl calls to leak portions of kernel stack memory, leading to a loss of privacy. (CVE-2011-0711)

Rafael Dominguez Vega discovered that the caiaq Native Instruments USB driver did not correctly validate string lengths. A local attacker with physical access could plug in a specially crafted USB device to crash the system or potentially gain root privileges. (CVE-2011-0712)

Kees Cook reported that /proc/pid/stat did not correctly filter certain memory locations. A local attacker could determine the memory layout of processes in an attempt to increase the chances of a successful memory corruption exploit. (CVE-2011-0726)

Timo Warns discovered that MAC partition parsing routines did not correctly calculate block counts. A local attacker with physical access could plug in a specially crafted block device to crash the system or potentially gain root privileges. (CVE-2011-1010)

Timo Warns discovered that LDM partition parsing routines did not correctly calculate block counts. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. (CVE-2011-1012)

Matthiew Herrb discovered that the drm modeset interface did not correctly handle a signed comparison. A local attacker could exploit this to crash the system or possibly gain root privileges. (CVE-2011-1013)

Marek Olšák discovered that the Radeon GPU drivers did not correctly validate certain registers. On systems with specific hardware, a local attacker could exploit this to write to arbitrary video memory. (CVE-2011-1016)

Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. (CVE-2011-1017)

Vasiliy Kulikov discovered that the CAP_SYS_MODULE capability was not needed to load kernel modules. A local attacker with the CAP_NET_ADMIN capability could load existing kernel modules, possibly increasing the attack surface available on the system. (CVE-2011-1019)

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2011-1078)

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly check that device name strings were NULL terminated. A local attacker could exploit this to crash the system, leading to a denial of service, or leak contents of kernel stack memory, leading to a loss of privacy. (CVE-2011-1079)

Vasiliy Kulikov discovered that bridge network filtering did not check that name fields were NULL terminated. A local attacker could exploit this to leak contents of kernel stack memory, leading to a loss of privacy. (CVE-2011-1080)

Nelson Elhage discovered that the epoll subsystem did not correctly handle certain structures. A local attacker could create malicious requests that would hang the system, leading to a denial of service. (CVE-2011-1082)

Neil Horman discovered that NFSv4 did not correctly handle certain orders of operation with ACL data. A remote attacker with access to an NFSv4 mount could exploit this to crash the system, leading to a denial of service. (CVE-2011-1090)

Johan Hovold discovered that the DCCP network stack did not correctly handle certain packet combinations. A remote attacker could send specially crafted network traffic that would crash the system, leading to a denial of service. (CVE-2011-1093)

Peter Huewe discovered that the TPM device did not correctly initialize memory. A local attacker could exploit this to read kernel heap memory contents, leading to a loss of privacy. (CVE-2011-1160)

Timo Warns discovered that OSF partition parsing routines did not correctly clear memory. A local attacker with physical access could plug in a specially crafted block device to read kernel memory, leading to a loss of privacy. (CVE-2011-1163)

Dan Rosenberg discovered that some ALSA drivers did not correctly check the adapter index during ioctl calls. If this driver was loaded, a local attacker could make a specially crafted ioctl call to gain root privileges. (CVE-2011-1169)

Vasiliy Kulikov discovered that the netfilter code did not check certain strings copied from userspace. A local attacker with netfilter access could exploit this to read kernel memory or crash the system, leading to a denial of service. (CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-2534)

Vasiliy Kulikov discovered that the Acorn Universal Networking driver did not correctly initialize memory. A remote attacker could send specially crafted traffic to read kernel stack memory, leading to a loss of privacy. (CVE-2011-1173)

Dan Rosenberg discovered that the IRDA subsystem did not correctly check certain field sizes. If a system was using IRDA, a remote attacker could send specially crafted traffic to crash the system or gain root privileges. (CVE-2011-1180)

Julien Tinnes discovered that the kernel did not correctly validate the signal structure from tkill(). A local attacker could exploit this to send signals to arbitrary threads, possibly bypassing expected restrictions. (CVE-2011-1182)

Ryan Sweat discovered that the GRO code did not correctly validate memory. In some configurations on systems using VLANs, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2011-1478)

Dan Rosenberg discovered that MPT devices did not correctly validate certain values in ioctl calls. If these drivers were loaded, a local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. (CVE-2011-1494, CVE-2011-1495)

Timo Warns discovered that the GUID partition parsing routines did not correctly validate certain structures. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. (CVE-2011-1577)

Tavis Ormandy discovered that the pidmap function did not correctly handle large requests. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-1593)

Oliver Hartkopp and Dave Jones discovered that the CAN network driver did not correctly validate certain socket structures. If this driver was loaded, a local attacker could crash the system, leading to a denial of service. (CVE-2011-1598, CVE-2011-1748)

Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl values. A local attacker with access to the video subsystem could exploit this to crash the system, leading to a denial of service, or possibly gain root privileges. (CVE-2011-1745, CVE-2011-2022)

Vasiliy Kulikov discovered that the AGP driver did not check the size of certain memory allocations. A local attacker with access to the video subsystem could exploit this to run the system out of memory, leading to a denial of service. (CVE-2011-1746)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.35-30-generic 2.6.35-30.56~lucid1
linux-image-2.6.35-30-generic-pae 2.6.35-30.56~lucid1
linux-image-2.6.35-30-server 2.6.35-30.56~lucid1
linux-image-2.6.35-30-virtual 2.6.35-30.56~lucid1

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well.

References:
http://www.ubuntu.com/usn/usn-1187-1
CVE-2010-3698, CVE-2010-3865, CVE-2010-3875, CVE-2010-3876,
CVE-2010-3877, CVE-2010-3880, CVE-2010-3881, CVE-2010-4075,
CVE-2010-4076, CVE-2010-4077, CVE-2010-4079, CVE-2010-4083,
CVE-2010-4163, CVE-2010-4248, CVE-2010-4342, CVE-2010-4346,
CVE-2010-4527, CVE-2010-4529, CVE-2010-4565, CVE-2010-4649,
CVE-2010-4656, CVE-2010-4668, CVE-2011-0463, CVE-2011-0521,
CVE-2011-0695, CVE-2011-0711, CVE-2011-0712, CVE-2011-0726,
CVE-2011-1010, CVE-2011-1012, CVE-2011-1013, CVE-2011-1016,
CVE-2011-1017, CVE-2011-1019, CVE-2011-1044, CVE-2011-1078,
CVE-2011-1079, CVE-2011-1080, CVE-2011-1082, CVE-2011-1090,

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-backport-maverick/2.6.35-30.56~lucid1

Original Source

Url : http://www.ubuntu.com/usn/USN-1187-1

CWE : Common Weakness Enumeration

%idName
29 %CWE-200Information Exposure
21 %CWE-20Improper Input Validation
16 %CWE-189Numeric Errors (CWE/SANS Top 25)
16 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
12 %CWE-399Resource Management Errors
3 %CWE-362Race Condition
3 %CWE-264Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:13699
 
Oval ID: oval:org.mitre.oval:def:13699
Title: USN-1111-1 -- linux-source-2.6.15 vulnerabilities
Description: linux-source-2.6.15: Linux kernel Multiple flaws fixed in the Linux kernel.
Family: unix Class: patch
Reference(s): USN-1111-1
CVE-2010-4164
CVE-2010-4249
CVE-2010-4258
CVE-2010-4342
CVE-2010-4527
CVE-2010-4529
CVE-2011-0521
CVE-2011-0695
CVE-2011-1017
Version: 5
Platform(s): Ubuntu 6.06
Product(s): linux-source-2.6.15
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19610
 
Oval ID: oval:org.mitre.oval:def:19610
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0521
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14006
 
Oval ID: oval:org.mitre.oval:def:14006
Title: USN-1133-1 -- linux vulnerabilities
Description: linux: Linux kernel Multiple flaws in the Linux kernel.
Family: unix Class: patch
Reference(s): USN-1133-1
CVE-2010-4342
CVE-2010-4527
CVE-2010-4529
CVE-2011-0521
Version: 5
Platform(s): Ubuntu 8.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12874
 
Oval ID: oval:org.mitre.oval:def:12874
Title: DSA-2153-1 linux-2.6 -- privilege escalation/denial of service/information leak
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0435 Gleb Napatov reported an issue in the KVM subsystem that allows virtual machines to cause a denial of service of the host machine by executing mov to/from DR instructions. CVE-2010-3699 Keir Fraser provided a fix for an issue in the Xen subsystem. A guest can cause a denial of service on the host by retaining a leaked reference to a device. This can result in a zombie domain, xenwatch process hangs, and xm command failures. CVE-2010-4158 Dan Rosenberg discovered an issue in the socket filters subsystem, allowing local unprivileged users to obtain the contents of sensitive kernel memory. CVE-2010-4162 Dan Rosenberg discovered an overflow issue in the block I/O subsystem that allows local users to map large numbers of pages, resulting in a denial of service due to invocation of the out of memory killer. CVE-2010-4163 Dan Rosenberg discovered an issue in the block I/O subsystem. Due to improper validation of iov segments, local users can trigger a kernel panic resulting in a denial of service. CVE-2010-4242 Alan Cox reported an issue in the Bluetooth subsystem. Local users with sufficient permission to access HCI UART devices can cause a denial of service due to a missing check for an existing tty write operation. CVE-2010-4243 Brad Spengler reported a denial-of-service issue in the kernel memory accounting system. By passing large argv/envp values to exec, local users can cause the out of memory killer to kill processes owned by other users. CVE-2010-4248 Oleg Nesterov reported an issue in the POSIX CPU timers subsystem. Local users can cause a denial of service due to incorrect assumptions about thread group leader behavior. CVE-2010-4249 Vegard Nossum reported an issue with the UNIX socket garbage collector. Local users can consume all of LOWMEM and decrease system performance by overloading the system with inflight sockets. CVE-2010-4258 Nelson Elhage reported an issue in Linux oops handling. Local users may be able to obtain elevated privileges if they are able to trigger an oops with a process" fs set to KERNEL_DS. CVE-2010-4342 Nelson Elhage reported an issue in the econet protocol. Remote attackers can cause a denial of service by sending an Acorn Universal Networking packet over UDP. CVE-2010-4346 Tavis Ormandy discovered an issue in the install_special_mapping routine which allows local users to bypass the mmap_min_addr security restriction. Combined with an otherwise low severity local denial of service vulnerability, a local user could obtain elevated privileges. CVE-2010-4526 Eugene Teo reported a race condition in the Linux SCTP implementation. Remote users can cause a denial of service by transmitting an ICMP unreachable message to a locked socket. CVE-2010-4527 Dan Rosenberg reported two issues in the OSS soundcard driver. Local users with access to the device may contain access to sensitive kernel memory or cause a buffer overflow, potentially leading to an escalation of privileges. CVE-2010-4529 Dan Rosenberg reported an issue in the Linux kernel IrDA socket implementation on non-x86 architectures. Local users may be able to gain access to sensitive kernel memory via a specially crafted IRLMP_ENUMDEVICES getsockopt call. CVE-2010-4565 Dan Rosenberg reported an issue in the Linux CAN protocol implementation. Local users can obtain the address of a kernel heap object which might help facilitate system exploitation. CVE-2010-4649 Dan Carpenter reported an issue in the uverb handling of the InfiniBand subsystem. A potential buffer overflow may allow local users to cause a denial of service by passing in a large cmd.ne value. CVE-2010-4656 Kees Cook reported an issue in the driver for I/O-Warrior USB devices. Local users with access to these devices maybe able to overrun kernel buffers, resulting in a denial of service or privilege escalation. CVE-2010-4668 Dan Rosenberg reported an issue in the block subsystem. A local user can cause a denial of service by submitting certain 0-length I/O requests. CVE-2011-0521 Dan Carpenter reported an issue in the DVB driver for AV7110 cards. Local users can pass a negative info->num value, corrupting kernel memory and causing a denial of service.
Family: unix Class: patch
Reference(s): DSA-2153-1
CVE-2010-0435
CVE-2010-3699
CVE-2010-4158
CVE-2010-4162
CVE-2010-4163
CVE-2010-4242
CVE-2010-4243
CVE-2010-4248
CVE-2010-4249
CVE-2010-4258
CVE-2010-4342
CVE-2010-4346
CVE-2010-4526
CVE-2010-4527
CVE-2010-4529
CVE-2010-4565
CVE-2010-4649
CVE-2010-4656
CVE-2010-4668
CVE-2011-0521
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20441
 
Oval ID: oval:org.mitre.oval:def:20441
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets (RDS) request, which triggers a buffer overflow.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3865
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13949
 
Oval ID: oval:org.mitre.oval:def:13949
Title: USN-1119-1 -- linux-ti-omap4 vulnerabilities
Description: linux-ti-omap4: Linux kernel for OMAP4 devices Multiple security flaws have been fixed in the OMAP4 port of the Linux kernel.
Family: unix Class: patch
Reference(s): USN-1119-1
CVE-2010-3904
CVE-2010-3848
CVE-2010-3849
CVE-2010-3850
CVE-2010-3081
CVE-2010-2954
CVE-2010-2955
CVE-2010-2960
CVE-2010-2962
CVE-2010-2963
CVE-2010-3079
CVE-2010-3080
CVE-2010-3437
CVE-2010-3705
CVE-2010-3861
CVE-2010-3865
CVE-2010-3875
CVE-2010-3876
CVE-2010-3877
CVE-2010-3881
CVE-2010-4072
CVE-2010-4079
CVE-2010-4158
CVE-2010-4164
CVE-2010-4165
CVE-2010-4249
CVE-2010-4258
CVE-2010-4342
CVE-2010-4346
CVE-2010-4527
CVE-2010-4529
Version: 5
Platform(s): Ubuntu 10.10
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21719
 
Oval ID: oval:org.mitre.oval:def:21719
Title: RHSA-2011:0007: kernel security and bug fix update (Important)
Description: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device, related to an unaligned map. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4163.
Family: unix Class: patch
Reference(s): RHSA-2011:0007-01
CVE-2010-2492
CVE-2010-3067
CVE-2010-3078
CVE-2010-3080
CVE-2010-3298
CVE-2010-3477
CVE-2010-3861
CVE-2010-3865
CVE-2010-3874
CVE-2010-3876
CVE-2010-3880
CVE-2010-4072
CVE-2010-4073
CVE-2010-4074
CVE-2010-4075
CVE-2010-4077
CVE-2010-4079
CVE-2010-4080
CVE-2010-4081
CVE-2010-4082
CVE-2010-4083
CVE-2010-4158
CVE-2010-4160
CVE-2010-4162
CVE-2010-4163
CVE-2010-4242
CVE-2010-4248
CVE-2010-4249
CVE-2010-4263
CVE-2010-4525
CVE-2010-4668
Version: 406
Platform(s): Red Hat Enterprise Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13173
 
Oval ID: oval:org.mitre.oval:def:13173
Title: USN-1086-1 -- linux-ec2 vulnerabilities
Description: Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. Dan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service
Family: unix Class: patch
Reference(s): USN-1086-1
CVE-2010-4075
CVE-2010-4158
CVE-2010-4163
CVE-2010-4668
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23550
 
Oval ID: oval:org.mitre.oval:def:23550
Title: ELSA-2011:0007: kernel security and bug fix update (Important)
Description: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device, related to an unaligned map. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4163.
Family: unix Class: patch
Reference(s): ELSA-2011:0007-01
CVE-2010-2492
CVE-2010-3067
CVE-2010-3078
CVE-2010-3080
CVE-2010-3298
CVE-2010-3477
CVE-2010-3861
CVE-2010-3865
CVE-2010-3874
CVE-2010-3876
CVE-2010-3880
CVE-2010-4072
CVE-2010-4073
CVE-2010-4074
CVE-2010-4075
CVE-2010-4077
CVE-2010-4079
CVE-2010-4080
CVE-2010-4081
CVE-2010-4082
CVE-2010-4083
CVE-2010-4158
CVE-2010-4160
CVE-2010-4162
CVE-2010-4163
CVE-2010-4242
CVE-2010-4248
CVE-2010-4249
CVE-2010-4263
CVE-2010-4525
CVE-2010-4668
Version: 129
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28019
 
Oval ID: oval:org.mitre.oval:def:28019
Title: DEPRECATED: ELSA-2011-0007 -- kernel security and bug fix update (important)
Description: [2.6.32-71.14.1.0.1.el6] - replace Red Hat with Oracle in files genkey and kernel.spec
Family: unix Class: patch
Reference(s): ELSA-2011-0007
CVE-2010-3298
CVE-2010-3301
CVE-2010-3432
CVE-2010-3437
CVE-2010-3442
CVE-2010-3477
CVE-2010-3698
CVE-2010-3705
CVE-2010-3861
CVE-2010-3865
CVE-2010-3874
CVE-2010-3876
CVE-2010-3880
CVE-2010-3904
CVE-2010-4072
CVE-2010-4073
CVE-2010-4074
CVE-2010-4075
CVE-2010-4077
CVE-2010-4079
CVE-2010-4080
CVE-2010-4081
CVE-2010-4082
CVE-2010-4083
CVE-2010-2492
CVE-2010-2803
CVE-2010-2955
CVE-2010-2962
CVE-2010-3067
CVE-2010-3078
CVE-2010-3079
CVE-2010-3080
CVE-2010-3081
CVE-2010-3084
CVE-2010-4158
CVE-2010-4160
CVE-2010-4162
CVE-2010-4163
CVE-2010-4242
CVE-2010-4248
CVE-2010-4249
CVE-2010-4263
CVE-2010-4525
CVE-2010-4668
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27959
 
Oval ID: oval:org.mitre.oval:def:27959
Title: ELSA-2011-2010 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update (important)
Description: [2.6.32-100.28.9.el6] - sync up the version [2.6.32-100.28.8.el6] - [block] check for proper length of iov entries earlier in blk_rq_map_user_iov (Xiaotian Feng) {CVE-2010-4668} - scm: lower SCM_MAX_FD (Eric Dumazet) {CVE-2010-4249} - perf_events: Fix perf_counter_mmap() hook in mprotect() (Pekka Enberg) {CVE-2010-4169} - tcp: Increase TCP_MAXSEG socket option minimum (David S. Miller) {CVE-2010-4165} - Enable module force load option [orabug 11782146] - Enable vmw balloon and pvscsi (Guru Anbalagane) [orabug 11697522] [2.6.32-100.28.7.el6] - build from git [2.6.32-100.28.6.el6] - Remove crashkernel option if it is present [bug 11714928]
Family: unix Class: patch
Reference(s): ELSA-2011-2010
CVE-2010-4165
CVE-2010-4169
CVE-2010-4249
CVE-2010-4668
Version: 5
Platform(s): Oracle Linux 5
Product(s): kernel-uek
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22207
 
Oval ID: oval:org.mitre.oval:def:22207
Title: RHSA-2010:0998: kvm security and bug fix update (Low)
Description: arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.
Family: unix Class: patch
Reference(s): RHSA-2010:0998-01
CVE-2010-3881
Version: 4
Platform(s): Red Hat Enterprise Linux 5
Product(s): kvm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23262
 
Oval ID: oval:org.mitre.oval:def:23262
Title: ELSA-2010:0998: kvm security and bug fix update (Low)
Description: arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.
Family: unix Class: patch
Reference(s): ELSA-2010:0998-01
CVE-2010-3881
Version: 6
Platform(s): Oracle Linux 5
Product(s): kvm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27628
 
Oval ID: oval:org.mitre.oval:def:27628
Title: DEPRECATED: ELSA-2010-0998 -- kvm security and bug fix update (low)
Description: [kvm-83-164.0.1.el5_5.30] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch to replace RHEL with OEL - Added kvm-Introduce-oel-machine-type.patch so that OEL is a recognized VM [kvm-83-164.el5_5.30] - Revert the bz#661397 patches as they are not enough - kvm-kernel-Revert-KVM-VMX-Return-0-from-a-failed-VMREAD.patch [bz#661397] - kvm-kernel-Revert-KVM-Don-t-spin-on-virt-instruction-faults-dur.patch [bz#661397] - Related: bz#661397 (reboot(RB_AUTOBOOT) fails if kvm instance is running) - kvm-kernel-KVM-fix-AMD-initial-TSC-offset-problems-additional-f.patch [bz#656984] - Resolves: bz#656984 (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.) [kvm-83-164.el5_5.29] - kvm-kernel-KVM-Don-t-spin-on-virt-instruction-faults-during-reb.patch [bz#661397] - kvm-kernel-KVM-VMX-Return-0-from-a-failed-VMREAD.patch [bz#661397] - Resolves: bz#661397 (reboot(RB_AUTOBOOT) fails if kvm instance is running) [kvm-83-164.el5_5.28] - kvm-implement-dummy-PnP-support.patch [bz#659850] - kvm-load-registers-after-restoring-pvclock-msrs.patch [bz#660239] - Resolves: bz#659850 (If VM boot seq. is set up as nc (PXE then disk) the VM is always stuck on trying to PXE boot) - Resolves: bz#660239 (clock drift when migrating a guest between mis-matched CPU clock speed) [kvm-83-164.el5_5.27] - kvm-kernel-KVM-fix-AMD-initial-TSC-offset-problems.patch [bz#656984] - Resolves: bz#656984 (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.) [kvm-83-164.el5_5.26] - Updated kversion to 2.6.18-194.26.1.el5 to match build root - kvm-kernel-KVM-x86-fix-information-leak-to-userland.patch [bz#649832] - Resolves: bz#649832 (CVE-2010-3881 kvm: arch/x86/kvm/x86.c: reading uninitialized stack memory [5.5.z]) - CVE: CVE-2010-3881
Family: unix Class: patch
Reference(s): ELSA-2010-0998
CVE-2010-3881
Version: 4
Platform(s): Oracle Linux 5
Product(s): kvm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20348
 
Oval ID: oval:org.mitre.oval:def:20348
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The install_special_mapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-language application.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4346
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13270
 
Oval ID: oval:org.mitre.oval:def:13270
Title: USN-1105-1 -- linux vulnerabilities
Description: Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If a system was using X.25, a remote attacker could exploit this to crash the system, leading to a denial of service. Alan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. A local attacker could exploit this flaw to gain root privileges. Nelson Elhage discovered that the kernel did not correctly handle process cleanup after triggering a recoverable kernel bug. If a local attacker were able to trigger certain kinds of kernel bugs, they could create a specially crafted process to gain root privileges. Tavis Ormandy discovered that the install_special_mapping function could bypass the mmap_min_addr restriction. A local attacker could exploit this to mmap 4096 bytes below the mmap_min_addr area, possibly improving the chances of performing NULL pointer dereference attacks
Family: unix Class: patch
Reference(s): USN-1105-1
CVE-2010-4075
CVE-2010-4158
CVE-2010-4162
CVE-2010-4163
CVE-2010-4668
CVE-2010-4164
CVE-2010-4242
CVE-2010-4258
CVE-2010-4346
Version: 5
Platform(s): Ubuntu 8.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20234
 
Oval ID: oval:org.mitre.oval:def:20234
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via vectors related to calls that specify a large number of memory pages.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1746
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15138
 
Oval ID: oval:org.mitre.oval:def:15138
Title: USN-1187-1 -- Linux kernel (Maverick backport) vulnerabilities
Description: linux-lts-backport-maverick: Linux kernel backport from Maverick Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1187-1
CVE-2010-3698
CVE-2010-3865
CVE-2010-3875
CVE-2010-3876
CVE-2010-3877
CVE-2010-3880
CVE-2010-3881
CVE-2010-4075
CVE-2010-4076
CVE-2010-4077
CVE-2010-4079
CVE-2010-4083
CVE-2010-4163
CVE-2010-4668
CVE-2010-4248
CVE-2010-4342
CVE-2010-4346
CVE-2010-4527
CVE-2010-4529
CVE-2010-4565
CVE-2010-4649
CVE-2011-1044
CVE-2010-4656
CVE-2011-0463
CVE-2011-0521
CVE-2011-0695
CVE-2011-0711
CVE-2011-0712
CVE-2011-0726
CVE-2011-1010
CVE-2011-1012
CVE-2011-1013
CVE-2011-1016
CVE-2011-1017
CVE-2011-1019
CVE-2011-1078
CVE-2011-1079
CVE-2011-1080
CVE-2011-1082
CVE-2011-1090
CVE-2011-1093
CVE-2011-1160
CVE-2011-1163
CVE-2011-1169
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-2534
CVE-2011-1173
CVE-2011-1180
CVE-2011-1182
CVE-2011-1478
CVE-2011-1494
CVE-2011-1495
CVE-2011-1577
CVE-2011-1593
CVE-2011-1598
CVE-2011-1748
CVE-2011-1745
CVE-2011-2022
CVE-2011-1746
Version: 5
Platform(s): Ubuntu 10.04
Product(s): Linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13906
 
Oval ID: oval:org.mitre.oval:def:13906
Title: USN-1183-1 -- linux vulnerabilities
Description: linux: Linux kernel Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1183-1
CVE-2010-4076
CVE-2010-4077
CVE-2011-1090
CVE-2011-1163
CVE-2011-1577
CVE-2011-1598
CVE-2011-1746
Version: 5
Platform(s): Ubuntu 10.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13824
 
Oval ID: oval:org.mitre.oval:def:13824
Title: USN-1170-1 -- linux vulnerabilities
Description: linux: Linux kernel Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1170-1
CVE-2010-4076
CVE-2010-4077
CVE-2010-4247
CVE-2010-4526
CVE-2011-0726
CVE-2011-1163
CVE-2011-1577
CVE-2011-1745
CVE-2011-2022
CVE-2011-1746
Version: 5
Platform(s): Ubuntu 8.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20437
 
Oval ID: oval:org.mitre.oval:def:20437
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0695
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20695
 
Oval ID: oval:org.mitre.oval:def:20695
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCO_CONNINFO option.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1078
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20577
 
Oval ID: oval:org.mitre.oval:def:20577
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1494
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
VMWare ESX Server 3.5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20570
 
Oval ID: oval:org.mitre.oval:def:20570
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1494
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20528
 
Oval ID: oval:org.mitre.oval:def:20528
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4649
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21905
 
Oval ID: oval:org.mitre.oval:def:21905
Title: RHSA-2011:0421: kernel security and bug fix update (Important)
Description: The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame.
Family: unix Class: patch
Reference(s): RHSA-2011:0421-01
CVE-2010-3296
CVE-2010-4346
CVE-2010-4526
CVE-2010-4648
CVE-2010-4655
CVE-2010-4656
CVE-2011-0521
CVE-2011-0695
CVE-2011-0710
CVE-2011-0716
CVE-2011-1478
Version: 146
Platform(s): Red Hat Enterprise Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21105
 
Oval ID: oval:org.mitre.oval:def:21105
Title: RHSA-2011:0429: kernel security and bug fix update (Important)
Description: The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame.
Family: unix Class: patch
Reference(s): RHSA-2011:0429-01
CESA-2011:0429
CVE-2010-4346
CVE-2011-0521
CVE-2011-0710
CVE-2011-1010
CVE-2011-1090
CVE-2011-1478
Version: 81
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19627
 
Oval ID: oval:org.mitre.oval:def:19627
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1478
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23108
 
Oval ID: oval:org.mitre.oval:def:23108
Title: ELSA-2011:0421: kernel security and bug fix update (Important)
Description: The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame.
Family: unix Class: patch
Reference(s): ELSA-2011:0421-01
CVE-2010-3296
CVE-2010-4346
CVE-2010-4526
CVE-2010-4648
CVE-2010-4655
CVE-2010-4656
CVE-2011-0521
CVE-2011-0695
CVE-2011-0710
CVE-2011-0716
CVE-2011-1478
Version: 49
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23096
 
Oval ID: oval:org.mitre.oval:def:23096
Title: ELSA-2011:0429: kernel security and bug fix update (Important)
Description: The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame.
Family: unix Class: patch
Reference(s): ELSA-2011:0429-01
CVE-2010-4346
CVE-2011-0521
CVE-2011-0710
CVE-2011-1010
CVE-2011-1090
CVE-2011-1478
Version: 29
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28175
 
Oval ID: oval:org.mitre.oval:def:28175
Title: DEPRECATED: ELSA-2011-0429 -- kernel security and bug fix update (important)
Description: [2.6.18-238.9.1.0.1.el5] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [nfs] too many getattr and access calls after direct I/O [orabug 9348191] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497)
Family: unix Class: patch
Reference(s): ELSA-2011-0429
CVE-2010-4346
CVE-2011-0521
CVE-2011-0710
CVE-2011-1010
CVE-2011-1090
CVE-2011-1478
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28005
 
Oval ID: oval:org.mitre.oval:def:28005
Title: ELSA-2011-2014 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update (important)
Description: [2.6.32-100.28.11.el6] - fs/partitions: Validate map_count in Mac partition tables {CVE-2011-1010} - nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab (v3) {CVE-2011-1090} [2.6.32-100.28.10.el6] - Use cciss for some Smart Array controller for OL5 [orabug 11899706] - CVEs from RHSA-2011-0421 - install_special_mapping skips security_file_mmap check {CVE-2010-4346} - orinoco: fix TKIP countermeasure behaviour {CVE-2010-4648} - net: clear heap allocation for ethtool_get_regs() {CVE-2010-4655} - usb: iowarrior: don't trust report_size for buffer size {CVE-2010-4656} - [media] [v3,media] av7110: check for negative array offset {CVE-2011-0521} - RDMA/cma: Fix crash in request handlers {CVE-2011-0695} - IB/cm: Bump reference count on cm_id before invoking callback {CVE-2011-0695} - gro: reset skb_iif on reuse {CVE-2011-1478}
Family: unix Class: patch
Reference(s): ELSA-2011-2014
CVE-2010-4346
CVE-2010-4648
CVE-2010-4655
CVE-2010-4656
CVE-2011-0521
CVE-2011-0695
CVE-2011-1010
CVE-2011-1090
CVE-2011-1478
Version: 5
Platform(s): Oracle Linux 5
Product(s): kernel-uek
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27421
 
Oval ID: oval:org.mitre.oval:def:27421
Title: DEPRECATED: ELSA-2011-0421 -- kernel security and bug fix update (important)
Description: [2.6.32-71.24.1.el6] - [fs] Revert '[fs] inotify: stop kernel memory leak on file creation failure' (Eric Paris) [656831 656832] {CVE-2010-4250}
Family: unix Class: patch
Reference(s): ELSA-2011-0421
CVE-2010-3296
CVE-2010-4346
CVE-2010-4526
CVE-2010-4648
CVE-2010-4655
CVE-2010-4656
CVE-2011-0521
CVE-2011-0695
CVE-2011-0710
CVE-2011-0716
CVE-2011-1478
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20592
 
Oval ID: oval:org.mitre.oval:def:20592
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3877
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20379
 
Oval ID: oval:org.mitre.oval:def:20379
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3876
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22364
 
Oval ID: oval:org.mitre.oval:def:22364
Title: RHSA-2010:0898: kvm security update (Moderate)
Description: The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT).
Family: unix Class: patch
Reference(s): RHSA-2010:0898-01
CESA-2010:0898
CVE-2010-3698
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kvm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23193
 
Oval ID: oval:org.mitre.oval:def:23193
Title: ELSA-2010:0898: kvm security update (Moderate)
Description: The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT).
Family: unix Class: patch
Reference(s): ELSA-2010:0898-01
CVE-2010-3698
Version: 6
Platform(s): Oracle Linux 5
Product(s): kvm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28099
 
Oval ID: oval:org.mitre.oval:def:28099
Title: DEPRECATED: ELSA-2010-0898 -- kvm security update (moderate)
Description: [kvm-83-164.0.1.el5_5.25] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-add-oracle-workaround-for-libvirt-bug.patch [kvm-83-164.el5_5.25] - Adding load_gs_index to kmod symbol greylist - Related: bz#639886 (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.5.z]) [kvm-83-164.el5_5.24] - Updated kversion to 2.6.18-194.17.1.el5 to match build root - kvm.spec: fix ./configure arguments (ensure spice, kvm-cap-pit and kvm-cap-device-assignment are always enabled) - kvm-kernel-KVM-Fix-fs-gs-reload-oops-with-invalid-ldt.patch [bz#639886] - Resolves: bz#639886 (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.5.z]) - CVE: CVE-2010-3698
Family: unix Class: patch
Reference(s): ELSA-2010-0898
CVE-2010-3698
Version: 4
Platform(s): Oracle Linux 5
Product(s): kvm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19711
 
Oval ID: oval:org.mitre.oval:def:19711
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRY_V1 ioctl call.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0711
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20545
 
Oval ID: oval:org.mitre.oval:def:20545
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.
Family: unix Class: vulnerability
Reference(s): CVE-2011-2022
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13013
 
Oval ID: oval:org.mitre.oval:def:13013
Title: DSA-2240-1 linux-2.6 -- privilege escalation/denial of service/information leak
Description: CVE-2010-3875 Vasiliy Kulikov discovered an issue in the Linux implementation of the Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to sensitive kernel memory. CVE-2011-0695 Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can exploit a race condition to cause a denial of service. CVE-2011-0711 Dan Rosenberg reported an issue in the XFS filesystem. Local users may obtain access to sensitive kernel memory. CVE-2011-0726 Kees Cook reported an issue in the /proc/pid/stat implementation. Local users could learn the text location of a process, defeating protections provided by address space layout randomization. CVE-2011-1016 Marek Olšák discovered an issue in the driver for ATI/AMD Radeon video chips. Local users could pass arbitrary values to video memory and the graphics translation table, resulting in denial of service or escalated privileges. On default Debian installations, this is exploitable only by members of the "video" group. CVE-2011-1078 Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users can obtain access to sensitive kernel memory. CVE-2011-1079 Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users with the CAP_NET_ADMIN capability can cause a denial of service. CVE-2011-1080 Vasiliy Kulikov discovered an issue in the Netfilter subsystem. Local users can obtain access to sensitive kernel memory. CVE-2011-1090 Neil Horman discovered a memory leak in the setacl call on NFSv4 filesystems. Local users can explot this to cause a denial of service. CVE-2011-1160 Peter Huewe reported an issue in the Linux kernel's support for TPM security chips. Local users with permission to open the device can gain access to sensitive kernel memory. CVE-2011-1163 Timo Warns reported an issue in the kernel support for Alpha OSF format disk partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted OSF partition. CVE-2011-1170 Vasiliy Kulikov reported an issue in the Netfilter arp table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1171 Vasiliy Kulikov reported an issue in the Netfilter IP table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1172 Vasiliy Kulikov reported an issue in the Netfilter IP6 table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1173 Vasiliy Kulikov reported an issue in the Acorn Econet protocol implementation. Local users can obtain access to sensitive kernel memory on systems that use this rare hardware. CVE-2011-1180 Dan Rosenberg reported a buffer overflow in the Information Access Service of the IrDA protocol, used for Infrared devices. Remote attackers within IR device range can cause a denial of service or possibly gain elevated privileges. CVE-2011-1182 Julien Tinnes reported an issue in the rt_sigqueueinfo interface. Local users can generate signals with falsified source pid and uid information. CVE-2011-1476 Dan Rosenberg reported issues in the Open Sound System MIDI interface that allow local users to cause a denial of service. This issue does not affect official Debian Linux image packages as they no longer provide support for OSS. However, custom kernels built from Debians linux-source-2.6.32 may have enabled this configuration and would therefore be vulnerable. CVE-2011-1477 Dan Rosenberg reported issues in the Open Sound System driver for cards that include a Yamaha FM synthesizer chip. Local users can cause memory corruption resulting in a denial of service. This issue does not affect official Debian Linux image packages as they no longer provide support for OSS. However, custom kernels built from Debians linux-source-2.6.32 may have enabled this configuration and would therefore be vulnerable. CVE-2011-1478 Ryan Sweat reported an issue in the Generic Receive Offload support in the Linux networking subsystem. If an interface has GRO enabled and is running in promiscuous mode, remote users can cause a denial of service by sending packets on an unknown VLAN. CVE-2011-1493 Dan Rosenburg reported two issues in the Linux implementation of the Amateur Radio X.25 PLP protocol. A remote user can cause a denial of service by providing specially crafted facilities fields. CVE-2011-1494 Dan Rosenberg reported an issue in the /dev/mpt2ctl interface provided by the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can obtain elevated privileges by specially crafted ioctl calls. On default Debian installations this is not exploitable as this interface is only accessible to root. CVE-2011-1495 Dan Rosenberg reported two additional issues in the /dev/mpt2ctl interface provided by the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can obtain elevated privileges and ready arbitrary kernel memory by using specially crafted ioctl calls. On default Debian installations this is not exploitable as this interface is only accessible to root. CVE-2011-1585 Jeff Layton reported an issue in the Common Internet File System. Local users can bypass authentication requirements for shares that are already mounted by another user. CVE-2011-1593 Robert Swiecki reported a signednes issue in the next_pidmap function, which can be exploited my local users to cause a denial of service. CVE-2011-1598 Dave Jones reported an issue in the Broadcast Manager Controller Area Network protocol that may allow local users to cause a NULL pointer dereference, resulting in a denial of service. CVE-2011-1745 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the AGPIOC_BIND ioctl. On default Debian installations, this is exploitable only by users in the video group. CVE-2011-1746 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the agp_allocate_memory and agp_create_user_memory. On default Debian installations, this is exploitable only by users in the video group. CVE-2011-1748 Oliver Kartkopp reported an issue in the Controller Area Network raw socket implementation which permits ocal users to cause a NULL pointer dereference, resulting in a denial of service. CVE-2011-1759 Dan Rosenberg reported an issue in the support for executing "old ABI" binaries on ARM processors. Local users can obtain elevated privileges due to insufficient bounds checking in the semtimedop system call. CVE-2011-1767 Alexecy Dobriyan reported an issue in the GRE over IP implementation. Remote users can cause a denial of service by sending a packet during module initialisation. CVE-2011-1770 Dan Rosenberg reported an issue in the Datagram Congestion Control Protocol. Remote users can cause a denial of service or potentially obtain access to sensitive kernel memory. CVE-2011-1776 Timo Warns reported an issue in the Linux implementation for GUID partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted corrupted invalid partition table. CVE-2011-2022 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the AGPIOC_UNBIND ioctl. On default Debian installations, this is exploitable only by users in the video group. This update also includes changes queued for the next point release of Debian 6.0, which also fix various non-security issues
Family: unix Class: patch
Reference(s): DSA-2240-1
CVE-2010-3875
CVE-2011-0695
CVE-2011-0711
CVE-2011-0726
CVE-2011-1016
CVE-2011-1078
CVE-2011-1079
CVE-2011-1080
CVE-2011-1090
CVE-2011-1160
CVE-2011-1163
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-1173
CVE-2011-1180
CVE-2011-1182
CVE-2011-1476
CVE-2011-1477
CVE-2011-1478
CVE-2011-1493
CVE-2011-1494
CVE-2011-1495
CVE-2011-1585
CVE-2011-1593
CVE-2011-1598
CVE-2011-1745
CVE-2011-1746
CVE-2011-1748
CVE-2011-1759
CVE-2011-1767
CVE-2011-1770
CVE-2011-1776
CVE-2011-2022
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20640
 
Oval ID: oval:org.mitre.oval:def:20640
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and system crash), via a BNEPCONNADD command.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1079
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20550
 
Oval ID: oval:org.mitre.oval:def:20550
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1044
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21680
 
Oval ID: oval:org.mitre.oval:def:21680
Title: RHSA-2011:0004: kernel security, bug fix, and enhancement update (Important)
Description: Race condition in the __exit_signal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader in the de_thread function in fs/exec.c.
Family: unix Class: patch
Reference(s): RHSA-2011:0004-01
CESA-2011:0004
CVE-2010-3432
CVE-2010-3442
CVE-2010-3699
CVE-2010-3858
CVE-2010-3859
CVE-2010-3865
CVE-2010-3876
CVE-2010-3880
CVE-2010-4083
CVE-2010-4157
CVE-2010-4161
CVE-2010-4242
CVE-2010-4247
CVE-2010-4248
Version: 185
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20281
 
Oval ID: oval:org.mitre.oval:def:20281
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Race condition in the __exit_signal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader in the de_thread function in fs/exec.c.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4248
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13709
 
Oval ID: oval:org.mitre.oval:def:13709
Title: USN-1072-1 -- linux vulnerabilities
Description: Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that Xen did not correctly clean up threads. A local attacker in a guest system could exploit this to exhaust host system resources, leading to a denial of serivce. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the semctl syscall did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. James Bottomley discovered that the ICP vortex storage array controller driver did not validate certain sizes. A local attacker on a 64bit system could exploit this to crash the kernel, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel L2TP implementation contained multiple integer signedness errors. A local attacker could exploit this to to crash the kernel, or possibly gain root privileges. It was discovered that multithreaded exec did not handle CPU timers correctly. A local attacker could exploit this to crash the system, leading to a denial of service
Family: unix Class: patch
Reference(s): USN-1072-1
CVE-2010-0435
CVE-2010-2943
CVE-2010-3296
CVE-2010-3297
CVE-2010-3448
CVE-2010-3698
CVE-2010-3699
CVE-2010-3858
CVE-2010-3859
CVE-2010-3873
CVE-2010-3875
CVE-2010-3876
CVE-2010-3877
CVE-2010-3880
CVE-2010-4072
CVE-2010-4074
CVE-2010-4078
CVE-2010-4079
CVE-2010-4080
CVE-2010-4081
CVE-2010-4083
CVE-2010-4157
CVE-2010-4160
CVE-2010-4248
Version: 5
Platform(s): Ubuntu 8.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23232
 
Oval ID: oval:org.mitre.oval:def:23232
Title: ELSA-2011:0004: kernel security, bug fix, and enhancement update (Important)
Description: Race condition in the __exit_signal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader in the de_thread function in fs/exec.c.
Family: unix Class: patch
Reference(s): ELSA-2011:0004-01
CVE-2010-3432
CVE-2010-3442
CVE-2010-3699
CVE-2010-3858
CVE-2010-3859
CVE-2010-3865
CVE-2010-3876
CVE-2010-3880
CVE-2010-4083
CVE-2010-4157
CVE-2010-4161
CVE-2010-4242
CVE-2010-4247
CVE-2010-4248
Version: 61
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28117
 
Oval ID: oval:org.mitre.oval:def:28117
Title: DEPRECATED: ELSA-2011-0004 -- kernel security, bug fix, and enhancement update (important)
Description: [2.6.18-194.32.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - make xenkbd.abs_pointer=1 by default (John Haxby) [orabug 67188919] - fix filp_close() race (Joe Jin) [orabug 10335998]
Family: unix Class: patch
Reference(s): ELSA-2011-0004
CVE-2010-3432
CVE-2010-3442
CVE-2010-3699
CVE-2010-3858
CVE-2010-3859
CVE-2010-3865
CVE-2010-3876
CVE-2010-3880
CVE-2010-4083
CVE-2010-4157
CVE-2010-4161
CVE-2010-4242
CVE-2010-4247
CVE-2010-4248
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20530
 
Oval ID: oval:org.mitre.oval:def:20530
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1495
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20404
 
Oval ID: oval:org.mitre.oval:def:20404
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1495
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
VMWare ESX Server 3.5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27793
 
Oval ID: oval:org.mitre.oval:def:27793
Title: ELSA-2011-2016 -- Unbreakable Enterprise kernel security fix update (important)
Description: A [2.6.32-100.28.17.el6] - [net] Extend prot->slab size when add sock extend fields. [2.6.32-100.28.16.el6] - kernel: Fix unlimited socket backlog DoS {CVE-2010-4251} - RDS: Fix congestion issues for loopback - rds: prevent BUG_ON triggering on congestion map updates {CVE-2011-1023} - epoll: prevent creating circular epoll structures {CVE-2011-1082} - fs: fix corrupted OSF partition table parsing {CVE-2011-1163} - fs: Increase OSF partition limit from 8 to 18 {CVE-2011-1163} - netfilter: arp_tables: fix infoleak to userspace {CVE-2011-1170} - netfilter: ip_tables: fix infoleak to userspace {CVE-2011-1171} - ipv6: netfilter: ip6_tables: fix infoleak to userspace {CVE-2011-1172} - [SCSI] mpt2sas: prevent heap overflows and unchecked reads {CVE-2011-1494, CVE-2011-1495}
Family: unix Class: patch
Reference(s): ELSA-2011-2016
CVE-2010-4251
CVE-2011-1023
CVE-2011-1082
CVE-2011-1163
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-1494
CVE-2011-1495
Version: 5
Platform(s): Oracle Linux 5
Product(s): kernel-uek
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20263
 
Oval ID: oval:org.mitre.oval:def:20263
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1163
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20553
 
Oval ID: oval:org.mitre.oval:def:20553
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3880
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20697
 
Oval ID: oval:org.mitre.oval:def:20697
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1093
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13433
 
Oval ID: oval:org.mitre.oval:def:13433
Title: USN-1093-1 -- linux-mvl-dove vulnerabilities
Description: Joel Becker discovered that OCFS2 did not correctly validate on-disk symlink structures. If an attacker were able to trick a user or automated system into mounting a specially crafted filesystem, it could crash the system or exposde kernel memory, leading to a loss of privacy. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Tavis Ormandy discovered that the session keyring did not correctly check for its parent. On systems without a default session keyring, a local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Dan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service. It was discovered that multithreaded exec did not handle CPU timers correctly. A local attacker could exploit this to crash the system, leading to a denial of service. Krishna Gudipati discovered that the bfa adapter driver did not correctly initialize certain structures. A local attacker could read files in /sys to crash the system, leading to a denial of service. Tavis Ormandy discovered that the install_special_mapping function could bypass the mmap_min_addr restriction. A local attacker could exploit this to mmap 4096 bytes below the mmap_min_addr area, possibly improving the chances of performing NULL pointer dereference attacks. It was discovered that the ICMP stack did not correctly handle certain unreachable messages. If a remote attacker were able to acquire a socket lock, they could send specially crafted traffic that would crash the system, leading to a denial of service. Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. A local attacker could exploit this crash the system or gain root privileges. Dan Carpenter discovered that the Infiniband driver did not correctly handle certain requests. A local user could exploit this to crash the system or potentially gain root privileges
Family: unix Class: patch
Reference(s): USN-1093-1
CVE-2010-3904
CVE-2010-3848
CVE-2010-3849
CVE-2010-3850
CVE-2010-2478
CVE-2010-3084
CVE-2010-2942
CVE-2010-3477
CVE-2010-2943
CVE-2010-2954
CVE-2010-2955
CVE-2010-2960
CVE-2010-2962
CVE-2010-2963
CVE-2010-3067
CVE-2010-3078
CVE-2010-3079
CVE-2010-3080
CVE-2010-3296
CVE-2010-3297
CVE-2010-3298
CVE-2010-3310
CVE-2010-3432
CVE-2010-3437
CVE-2010-3442
CVE-2010-3448
CVE-2010-3698
CVE-2010-3705
CVE-2010-3858
CVE-2010-3859
CVE-2010-3861
CVE-2010-3865
CVE-2010-3873
CVE-2010-3874
CVE-2010-3875
CVE-2010-3876
CVE-2010-3877
CVE-2010-3880
CVE-2010-3881
CVE-2010-4072
CVE-2010-4073
CVE-2010-4075
CVE-2010-4079
CVE-2010-4080
CVE-2010-4081
CVE-2010-4082
CVE-2010-4083
CVE-2010-4157
CVE-2010-4158
CVE-2010-4160
CVE-2010-4162
CVE-2010-4163
CVE-2010-4668
CVE-2010-4164
CVE-2010-4165
CVE-2010-4169
CVE-2010-4175
CVE-2010-4242
CVE-2010-4248
CVE-2010-4249
CVE-2010-4258
CVE-2010-4343
CVE-2010-4346
CVE-2010-4526
CVE-2010-4527
CVE-2010-4648
CVE-2010-4649
CVE-2011-1044
CVE-2010-4650
CVE-2010-4655
CVE-2010-4656
CVE-2011-0006
CVE-2011-0521
CVE-2011-0712
CVE-2011-1010
CVE-2011-1012
CVE-2011-1082
CVE-2011-1093
Version: 5
Platform(s): Ubuntu 10.10
Ubuntu 10.04
Product(s): linux-mvl-dove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20410
 
Oval ID: oval:org.mitre.oval:def:20410
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via a malformed Mac OS partition table.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1010
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19700
 
Oval ID: oval:org.mitre.oval:def:19700
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1593
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14116
 
Oval ID: oval:org.mitre.oval:def:14116
Title: USN-1146-1 -- linux vulnerabilities
Description: linux: Linux kernel Multiple flaws fixed in the Linux kernel.
Family: unix Class: patch
Reference(s): USN-1146-1
CVE-2010-4655
CVE-2010-4656
CVE-2011-0463
CVE-2011-0695
CVE-2011-0712
CVE-2011-1012
CVE-2011-1017
CVE-2011-1593
Version: 5
Platform(s): Ubuntu 8.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20210
 
Oval ID: oval:org.mitre.oval:def:20210
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1170
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20444
 
Oval ID: oval:org.mitre.oval:def:20444
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1172
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13909
 
Oval ID: oval:org.mitre.oval:def:13909
Title: USN-1164-1 -- linux-fsl-imx51 vulnerabilities
Description: linux-fsl-imx51: Linux kernel for IMX51 Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1164-1
CVE-2010-3865
CVE-2010-3873
CVE-2010-3874
CVE-2010-3875
CVE-2010-3876
CVE-2010-3877
CVE-2010-3880
CVE-2010-4080
CVE-2010-4081
CVE-2010-4082
CVE-2010-4083
CVE-2010-4157
CVE-2010-4164
CVE-2010-4248
CVE-2010-4258
CVE-2010-4342
CVE-2010-4346
CVE-2010-4527
CVE-2010-4529
CVE-2010-4565
CVE-2010-4655
CVE-2010-4656
CVE-2011-0463
CVE-2011-0521
CVE-2011-0695
CVE-2011-0711
CVE-2011-0712
CVE-2011-1017
CVE-2011-1182
CVE-2011-1494
CVE-2011-1495
CVE-2011-1593
CVE-2011-1745
CVE-2011-2022
CVE-2011-1746
CVE-2011-1748
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-fsl-imx51
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20548
 
Oval ID: oval:org.mitre.oval:def:20548
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1171
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20650
 
Oval ID: oval:org.mitre.oval:def:20650
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for a process executing a PIE binary.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0726
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20431
 
Oval ID: oval:org.mitre.oval:def:20431
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1745
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20325
 
Oval ID: oval:org.mitre.oval:def:20325
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1182
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20313
 
Oval ID: oval:org.mitre.oval:def:20313
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux kernel before 2.6.38 stores NFSv4 ACL data in memory that is allocated by kmalloc but not properly freed, which allows local users to cause a denial of service (panic) via a crafted attempt to set an ACL.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1090
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20567
 
Oval ID: oval:org.mitre.oval:def:20567
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1080
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20523
 
Oval ID: oval:org.mitre.oval:def:20523
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4075
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20573
 
Oval ID: oval:org.mitre.oval:def:20573
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1577
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os1386
Os31

ExploitDB Exploits

idDescription
2011-03-14Linux <= 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit

OpenVAS Exploits

DateDescription
2012-08-17Name : RedHat Update for kernel RHSA-2012:1156-01
File : nvt/gb_RHSA-2012_1156-01_kernel.nasl
2012-08-17Name : CentOS Update for kernel CESA-2012:1156 centos6
File : nvt/gb_CESA-2012_1156_kernel_centos6.nasl
2012-08-02Name : SuSE Update for kernel openSUSE-SU-2012:0206-1 (kernel)
File : nvt/gb_suse_2012_0206_1.nasl
2012-08-02Name : SuSE Update for kernel openSUSE-SU-2012:0236-1 (kernel)
File : nvt/gb_suse_2012_0236_1.nasl
2012-07-30Name : CentOS Update for kernel CESA-2011:0004 centos5 x86_64
File : nvt/gb_CESA-2011_0004_kernel_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for kernel CESA-2011:0162 centos4 x86_64
File : nvt/gb_CESA-2011_0162_kernel_centos4_x86_64.nasl
2012-07-30Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64
File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for kernel CESA-2011:0429 centos5 x86_64
File : nvt/gb_CESA-2011_0429_kernel_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for kernel CESA-2011:0833 centos5 x86_64
File : nvt/gb_CESA-2011_0833_kernel_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for kernel CESA-2011:0927 centos5 x86_64
File : nvt/gb_CESA-2011_0927_kernel_centos5_x86_64.nasl
2012-07-09Name : RedHat Update for kernel RHSA-2011:1189-01
File : nvt/gb_RHSA-2011_1189-01_kernel.nasl
2012-07-09Name : RedHat Update for kernel RHSA-2011:1350-01
File : nvt/gb_RHSA-2011_1350-01_kernel.nasl
2012-07-09Name : RedHat Update for kernel RHSA-2011:1465-01
File : nvt/gb_RHSA-2011_1465-01_kernel.nasl
2012-06-06Name : RedHat Update for kernel RHSA-2011:0421-01
File : nvt/gb_RHSA-2011_0421-01_kernel.nasl
2012-06-06Name : RedHat Update for kernel RHSA-2011:0498-01
File : nvt/gb_RHSA-2011_0498-01_kernel.nasl
2012-06-06Name : RedHat Update for Red Hat Enterprise Linux 6.1 kernel RHSA-2011:0542-01
File : nvt/gb_RHSA-2011_0542-01_Red_Hat_Enterprise_Linux_6.1_kernel.nasl
2012-06-06Name : RedHat Update for kernel RHSA-2011:0836-01
File : nvt/gb_RHSA-2011_0836-01_kernel.nasl
2012-06-05Name : RedHat Update for kernel RHSA-2011:0007-01
File : nvt/gb_RHSA-2011_0007-01_kernel.nasl
2012-03-16Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX...
File : nvt/gb_VMSA-2011-0012.nasl
2012-03-15Name : VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Ser...
File : nvt/gb_VMSA-2012-0001.nasl
2011-12-02Name : Fedora Update for kernel FEDORA-2011-16346
File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl
2011-11-11Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1
File : nvt/gb_ubuntu_USN_1256_1.nasl
2011-11-08Name : Fedora Update for kernel FEDORA-2011-15241
File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl
2011-10-31Name : Fedora Update for kernel FEDORA-2011-14747
File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl
2011-10-21Name : RedHat Update for kernel RHSA-2011:1386-01
File : nvt/gb_RHSA-2011_1386-01_kernel.nasl
2011-10-21Name : CentOS Update for kernel CESA-2011:1386 centos5 i386
File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl
2011-10-10Name : Fedora Update for kernel FEDORA-2011-12874
File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl
2011-09-30Name : Ubuntu Update for linux-ec2 USN-1216-1
File : nvt/gb_ubuntu_USN_1216_1.nasl
2011-09-30Name : Ubuntu Update for linux USN-1218-1
File : nvt/gb_ubuntu_USN_1218_1.nasl
2011-09-23Name : Ubuntu Update for linux-ti-omap4 USN-1212-1
File : nvt/gb_ubuntu_USN_1212_1.nasl
2011-09-16Name : Ubuntu Update for linux-ti-omap4 USN-1202-1
File : nvt/gb_ubuntu_USN_1202_1.nasl
2011-09-16Name : Ubuntu Update for linux-mvl-dove USN-1203-1
File : nvt/gb_ubuntu_USN_1203_1.nasl
2011-09-16Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1
File : nvt/gb_ubuntu_USN_1204_1.nasl
2011-09-16Name : Ubuntu Update for linux-mvl-dove USN-1208-1
File : nvt/gb_ubuntu_USN_1208_1.nasl
2011-08-27Name : Fedora Update for kernel FEDORA-2011-11103
File : nvt/gb_fedora_2011_11103_kernel_fc14.nasl
2011-08-24Name : Ubuntu Update for linux USN-1189-1
File : nvt/gb_ubuntu_USN_1189_1.nasl
2011-08-24Name : Ubuntu Update for linux USN-1193-1
File : nvt/gb_ubuntu_USN_1193_1.nasl
2011-08-12Name : Ubuntu Update for linux USN-1183-1
File : nvt/gb_ubuntu_USN_1183_1.nasl
2011-08-12Name : Ubuntu Update for linux USN-1186-1
File : nvt/gb_ubuntu_USN_1186_1.nasl
2011-08-12Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1
File : nvt/gb_ubuntu_USN_1187_1.nasl
2011-08-09Name : CentOS Update for kernel CESA-2011:0004 centos5 i386
File : nvt/gb_CESA-2011_0004_kernel_centos5_i386.nasl
2011-08-09Name : CentOS Update for kernel CESA-2011:0429 centos5 i386
File : nvt/gb_CESA-2011_0429_kernel_centos5_i386.nasl
2011-08-09Name : CentOS Update for kernel CESA-2011:0833 centos5 i386
File : nvt/gb_CESA-2011_0833_kernel_centos5_i386.nasl
2011-08-09Name : CentOS Update for kernel CESA-2011:0927 centos5 i386
File : nvt/gb_CESA-2011_0927_kernel_centos5_i386.nasl
2011-08-09Name : CentOS Update for kvm-83-164.el5_ CESA-2010:0898 centos5 i386
File : nvt/gb_CESA-2010_0898_kvm-83-164.el5__centos5_i386.nasl
2011-08-03Name : Debian Security Advisory DSA 2264-1 (linux-2.6)
File : nvt/deb_2264_1.nasl
2011-07-18Name : Ubuntu Update for linux-mvl-dove USN-1159-1
File : nvt/gb_ubuntu_USN_1159_1.nasl
2011-07-18Name : Ubuntu Update for linux-ec2 USN-1161-1
File : nvt/gb_ubuntu_USN_1161_1.nasl
2011-07-18Name : Ubuntu Update for linux USN-1167-1
File : nvt/gb_ubuntu_USN_1167_1.nasl
2011-07-18Name : Ubuntu Update for linux USN-1168-1
File : nvt/gb_ubuntu_USN_1168_1.nasl
2011-07-18Name : Ubuntu Update for linux USN-1170-1
File : nvt/gb_ubuntu_USN_1170_1.nasl
2011-07-18Name : RedHat Update for kernel RHSA-2011:0927-01
File : nvt/gb_RHSA-2011_0927-01_kernel.nasl
2011-07-12Name : Fedora Update for kernel FEDORA-2011-7823
File : nvt/gb_fedora_2011_7823_kernel_fc15.nasl
2011-07-08Name : Ubuntu Update for linux USN-1160-1
File : nvt/gb_ubuntu_USN_1160_1.nasl
2011-07-08Name : Ubuntu Update for linux-mvl-dove USN-1162-1
File : nvt/gb_ubuntu_USN_1162_1.nasl
2011-07-08Name : Ubuntu Update for linux-fsl-imx51 USN-1164-1
File : nvt/gb_ubuntu_USN_1164_1.nasl
2011-06-24Name : Fedora Update for kernel FEDORA-2011-6447
File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl
2011-06-20Name : Fedora Update for kernel FEDORA-2011-7551
File : nvt/gb_fedora_2011_7551_kernel_fc14.nasl
2011-06-10Name : Ubuntu Update for linux USN-1146-1
File : nvt/gb_ubuntu_USN_1146_1.nasl
2011-06-06Name : Ubuntu Update for linux USN-1141-1
File : nvt/gb_ubuntu_USN_1141_1.nasl
2011-06-06Name : RedHat Update for kernel RHSA-2011:0833-01
File : nvt/gb_RHSA-2011_0833-01_kernel.nasl
2011-06-03Name : Ubuntu Update for linux USN-1133-1
File : nvt/gb_ubuntu_USN_1133_1.nasl
2011-05-17Name : Fedora Update for kernel FEDORA-2011-6541
File : nvt/gb_fedora_2011_6541_kernel_fc14.nasl
2011-05-10Name : Ubuntu Update for linux-source-2.6.15 USN-1111-1
File : nvt/gb_ubuntu_USN_1111_1.nasl
2011-05-10Name : Ubuntu Update for linux-ti-omap4 USN-1119-1
File : nvt/gb_ubuntu_USN_1119_1.nasl
2011-05-06Name : SuSE Update for kernel SUSE-SA:2011:020
File : nvt/gb_suse_2011_020.nasl
2011-04-22Name : SuSE Update for kernel SUSE-SA:2011:017
File : nvt/gb_suse_2011_017.nasl
2011-04-19Name : RedHat Update for kernel RHSA-2011:0429-01
File : nvt/gb_RHSA-2011_0429-01_kernel.nasl
2011-04-11Name : Ubuntu Update for linux vulnerabilities USN-1105-1
File : nvt/gb_ubuntu_USN_1105_1.nasl
2011-04-01Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1
File : nvt/gb_ubuntu_USN_1092_1.nasl
2011-03-24Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1
File : nvt/gb_ubuntu_USN_1089_1.nasl
2011-03-24Name : Ubuntu Update for linux vulnerabilities USN-1090-1
File : nvt/gb_ubuntu_USN_1090_1.nasl
2011-03-15Name : Fedora Update for kernel FEDORA-2011-2134
File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl
2011-03-15Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1086-1
File : nvt/gb_ubuntu_USN_1086_1.nasl
2011-03-07Name : Ubuntu Update for linux vulnerabilities USN-1080-1
File : nvt/gb_ubuntu_USN_1080_1.nasl
2011-03-07Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2
File : nvt/gb_ubuntu_USN_1080_2.nasl
2011-03-07Name : Ubuntu Update for linux vulnerabilities USN-1081-1
File : nvt/gb_ubuntu_USN_1081_1.nasl
2011-03-07Name : Debian Security Advisory DSA 2153-1 (linux-2.6)
File : nvt/deb_2153_1.nasl
2011-02-28Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1
File : nvt/gb_ubuntu_USN_1071_1.nasl
2011-02-28Name : Ubuntu Update for linux vulnerabilities USN-1072-1
File : nvt/gb_ubuntu_USN_1072_1.nasl
2011-02-28Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1
File : nvt/gb_ubuntu_USN_1073_1.nasl
2011-02-18Name : Mandriva Update for kernel MDVSA-2011:029 (kernel)
File : nvt/gb_mandriva_MDVSA_2011_029.nasl
2011-02-18Name : RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01
File : nvt/gb_RHSA-2011_0263-01_Red_Hat_Enterprise_Linux_4.9_kernel.nasl
2011-02-16Name : SuSE Update for kernel SUSE-SA:2011:008
File : nvt/gb_suse_2011_008.nasl
2011-02-11Name : Fedora Update for kernel FEDORA-2011-1138
File : nvt/gb_fedora_2011_1138_kernel_fc14.nasl
2011-01-31Name : CentOS Update for kernel CESA-2011:0162 centos4 i386
File : nvt/gb_CESA-2011_0162_kernel_centos4_i386.nasl
2011-01-24Name : Debian Security Advisory DSA 2126-1 (linux-2.6)
File : nvt/deb_2126_1.nasl
2011-01-21Name : RedHat Update for kernel RHSA-2011:0162-01
File : nvt/gb_RHSA-2011_0162-01_kernel.nasl
2011-01-14Name : RedHat Update for Red Hat Enterprise Linux 5.6 kernel RHSA-2011:0017-01
File : nvt/gb_RHSA-2011_0017-01_Red_Hat_Enterprise_Linux_5.6_kernel.nasl
2011-01-11Name : RedHat Update for kernel RHSA-2011:0004-01
File : nvt/gb_RHSA-2011_0004-01_kernel.nasl
2011-01-11Name : SuSE Update for kernel SUSE-SA:2011:001
File : nvt/gb_suse_2011_001.nasl
2011-01-11Name : SuSE Update for kernel SUSE-SA:2011:002
File : nvt/gb_suse_2011_002.nasl
2010-12-28Name : Fedora Update for kernel FEDORA-2010-18983
File : nvt/gb_fedora_2010_18983_kernel_fc13.nasl
2010-12-23Name : Fedora Update for kernel FEDORA-2010-18506
File : nvt/gb_fedora_2010_18506_kernel_fc13.nasl
2010-12-09Name : Fedora Update for kernel FEDORA-2010-18432
File : nvt/gb_fedora_2010_18432_kernel_fc12.nasl
2010-12-09Name : Fedora Update for kernel FEDORA-2010-18493
File : nvt/gb_fedora_2010_18493_kernel_fc14.nasl
2010-12-02Name : Fedora Update for kernel FEDORA-2010-16826
File : nvt/gb_fedora_2010_16826_kernel_fc14.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
74650Linux Kernel sco_sock_getsockopt() Function Local Memory Disclosure
74643Linux Kernel dev_load() Function CAP_NET_ADMIN Capability Arbitrary Module Lo...
74642Linux Kernel do_replace() Function CAP_NET_ADMIN Capability Local Information...
74640Linux Kernel TPM Devices Arbitrary Kernel Memory Disclosure
74639Linux Kernel IrDA Module Peer name / attribute Handling Local Memory Corruption
73882Linux Kernel DCCP net/dccp/input.c dccp_rcv_state_process Function CLOSED End...
73872Linux Kernel fs/proc/array.c do_task_stat Function Local ASLR Protection Mech...
73298Linux Kernel on x86_64 net/econet/af_econet.c econet_sendmsg Function AUN Pac...
73297Linux Kernel IPv6 net/ipv6/netfilter/ip6_tables.c CAP_NET_ADMIN Missing Null ...
73296Linux Kernel IPv4 net/ipv4/netfilter/ip_tables.c CAP_NET_ADMIN Missing Null C...
73295Linux Kernel IPv4 net/ipv4/netfilter/arp_tables.c CAP_NET_ADMIN Missing Null ...
73293Linux Kernel net/ipv4/netfilter/ipt_CLUSTERIP.c clusterip_proc_write Function...
73291OpenBSD Kernel DRM Subsystem sys/dev/pci/drm/drm_irq.c drm_modeset_ctl Functi...
73290Linux Kernel DRM Subsystem drivers/gpu/drm/drm_irq.c drm_modeset_ctl Function...
73156Linux Kernel AudioScience HPI Driver sound/pci/asihpi/hpioctl.c asihpi_hpi_io...
73053Linux Kernel fs/eventpoll.c epoll Data Structure File Descriptor Local DoS
73049Linux Kernel fs/partitions/efi.c is_gpt_valid Function EFI GUID Partition Tab...
73048Linux Kernel drivers/scsi/mpt2sas/mpt2sas_ctl.c Multiple Function Memory Copy...
73047Linux Kernel drivers/scsi/mpt2sas/mpt2sas_ctl.c _ctl_do_mpt_command Function ...
73046Linux Kernel fs/partitions/osf.c osf_partition Function Partition Table Parsi...
73045Linux Kernel drivers/char/agp/generic.c agp_generic_remove_memory Function AG...
73043Linux Kernel drivers/char/agp/generic.c Multiple Function Memory Page Call Lo...
73042Linux Kernel drivers/char/agp/generic.c agp_generic_insert_memory Function AG...
73041Linux Kernel fs/nfs/nfs4proc.c __nfs4_proc_set_acl Function kmalloc NFSv4 ACL...
73040Linux Kernel net/can/raw.c raw_release Function Release Operation NULL Derefe...
73039Linux Kernel caiaq Native Instruments USB Audio sound/usb/caiaq/midi.c snd_us...
73038Linux Kernel caiaq Native Instruments USB Audio sound/usb/caiaq/audio.c snd_u...
73037Linux Kernel fs/partitions/ldm.c ldm_parse_vmdb Function LDM Partition Table ...
72996Linux Kernel fs/partitions/mac.c mac_partition Function Mac OS Partition Tabl...
72995Linux Kernel Radeon GPU Drivers AA Resolve Register Data Validation Local Mem...
72993Linux Kernel drivers/infiniband/core/uverbs_cmd.c ib_uverbs_poll_cq Function ...
71992Linux Kernel kernel/pid.c next_pidmap() Function Local DoS
71884Linux Kernel net/can/bcm.c bcm_release() Function NULL Dereference Local DoS
71662Linux Kernel OCFS2 File System Sparse Writes Arbitrary Memory Disclosure
71656Linux Kernel net/bluetooth/bnep/sock.c bnep_sock_ioctl() System Information L...
71653Linux Kernel rt_*sigqueueinfo() Functions SI_TKILL Signal Spoofing
71649Linux Kernel drivers/infiniband/core/uverbs_cmd.c ib_uverbs_poll_cq Function ...
71604Linux Kernel Generic Receive Offload (GRO) Functionality Malformed VLAN Frame...
71602Linux Kernel IO-Warrior USB Device iowarrior_write() Function Local Privilege...
71480Linux Kernel cm_work_handler() Function InfiniBand Request Handling DoS
71359Linux Kernel fs/partitions/ldm.c ldm_frag_add() LDM Partition Table Overflow
70950Linux Kernel fs/xfs/xfs_fsops.c xfs_fs_geometry() Local Memory Disclosure
70665Linux Kernel drivers/media/dvb/ttpci/av7110_ca.c dvb_ca_ioctl() Function Craf...
70375Linux Kernel net/rds/rdma.c rds_rdma_pages Function RDS Request iovec Struct ...
70290Linux Kernel net/tipc/socket.c get_name Function Local Stack Memory Disclosure
70269Linux Kernel net/econet/af_econet.c aun_incoming Function UDP AUN Packet Remo...
70240Linux Kernel sound/oss/soundcard.c load_mixer_volumes() Function SOUND_MIXER_...
70239Linux Kernel sound/oss/soundcard.c load_mixer_volumes() Function SOUND_MIXER_...
70229Linux Kernel Controller Area Network net/can/bcm.c bcm_connect Function Kerne...
70166Linux Kernel net/irda/af_irda.c irda_getsockopt() Integer Underflow Kernel Me...
69788Linux Kernel net/ipv4/inet_diag.c Netlink Message Crafted INET_DIAG_REQ_BYTEC...
69701Linux Kernel mm/mmap.c install_special_mapping() Function mmap_min_addr Local...
69578Linux Kernel kernel/exit.c the __exit_signal Function Thread Group Leader Rac...
69577Linux Kernel ipc/sem.c copy_semid_to_user Function semctl Call Local Memory D...
69526Linux Kernel drivers/media/video/ivtv/ivtvfb.c ivtvfb_ioctl Function FBIOGET_...
69524Linux Kernel drivers/char/nozomi.c ntty_ioctl_tiocgicount Function TIOCGICOUN...
69523Linux Kernel drivers/char/amiserial.c rs_ioctl Function TIOCGICOUNT IOCTL Cal...
69522Linux Kernel drivers/serial/serial_core.c uart_get_count Function TIOCGICOUNT...
69453Linux Kernel block/blk-map.c blk_rq_map_user_iov() Function Zero-length I/O R...
69162Linux Kernel net/packet/af_packet.c Multiple Function Stack Memory Disclosure
69161Linux Kernel net/ax25/af_ax25.c ax25_getname() Function Stack Memory Disclosure
69003Linux Kernel KVM Memory arch/x86/kvm/x86.c Multiple Function Memory Content D...
68872Linux Kernel i915 KVM Host Register Loading KVM_RUN IOCTL Local DoS

Information Assurance Vulnerability Management (IAVM)

DateDescription
2012-02-02IAVM : 2012-A-0020 - Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity : Category I - VMSKEY : V0031252
2011-10-27IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi
Severity : Category I - VMSKEY : V0030545

Nessus® Vulnerability Scanner

DateDescription
2016-03-04Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03Name : The remote VMware ESXi / ESX host is missing a security-related patch.
File : vmware_VMSA-2012-0001_remote.nasl - Type : ACT_GATHER_INFO
2015-05-20Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0812-1.nasl - Type : ACT_GATHER_INFO
2015-05-20Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2012-1391-1.nasl - Type : ACT_GATHER_INFO
2015-05-20Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2012-1708-1.nasl - Type : ACT_GATHER_INFO
2015-05-20Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO
2014-11-26Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO
2014-11-17Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-0439.nasl - Type : ACT_GATHER_INFO
2014-11-17Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-1090.nasl - Type : ACT_GATHER_INFO
2014-11-17Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-1408.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2012-1200.nasl - Type : ACT_GATHER_INFO
2014-07-22Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1253.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-101215.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-110726.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-111026.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-120104.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-110426.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-110726.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-111026.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-120104.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-26.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0421.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0429.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0498.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0833.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0836.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0927.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1189.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1156.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1350.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1465.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0898.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2010.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2014.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2015.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2016.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2019.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0998.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2033.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2037.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-2011.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0004.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0007.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0162.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0263.nasl - Type : ACT_GATHER_INFO
2013-06-29Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO
2013-03-08Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0883.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0898.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0998.nasl - Type : ACT_GATHER_INFO
2012-12-28Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_ofed-8386.nasl - Type : ACT_GATHER_INFO
2012-10-24Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-8324.nasl - Type : ACT_GATHER_INFO
2012-10-24Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-8325.nasl - Type : ACT_GATHER_INFO
2012-08-16Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1156.nasl - Type : ACT_GATHER_INFO
2012-08-16Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120814_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-15Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1156.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110407_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110412_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110510_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110519_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110531_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110715_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110823_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111005_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101110_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111020_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101206_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111122_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101220_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110104_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110118_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110216_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-05-17Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7261.nasl - Type : ACT_GATHER_INFO
2012-05-17Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7384.nasl - Type : ACT_GATHER_INFO
2012-05-17Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7515.nasl - Type : ACT_GATHER_INFO
2012-05-17Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7665.nasl - Type : ACT_GATHER_INFO
2012-05-17Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7729.nasl - Type : ACT_GATHER_INFO
2012-05-17Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7811.nasl - Type : ACT_GATHER_INFO
2012-05-17Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7915.nasl - Type : ACT_GATHER_INFO
2012-04-23Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12677.nasl - Type : ACT_GATHER_INFO
2012-01-31Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2012-0001.nasl - Type : ACT_GATHER_INFO
2012-01-24Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7918.nasl - Type : ACT_GATHER_INFO
2011-12-14Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-111202.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7516.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7666.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7812.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110823.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110824.nasl - Type : ACT_GATHER_INFO
2011-11-29Name : The remote Fedora host is missing a security update.
File : fedora_2011-16346.nasl - Type : ACT_GATHER_INFO
2011-11-23Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1465.nasl - Type : ACT_GATHER_INFO
2011-11-10Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1256-1.nasl - Type : ACT_GATHER_INFO
2011-11-07Name : The remote Fedora host is missing a security update.
File : fedora_2011-15241.nasl - Type : ACT_GATHER_INFO
2011-10-31Name : The remote Fedora host is missing a security update.
File : fedora_2011-14747.nasl - Type : ACT_GATHER_INFO
2011-10-24Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7734.nasl - Type : ACT_GATHER_INFO
2011-10-21Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2011-10-21Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2011-10-14Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO
2011-10-06Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1350.nasl - Type : ACT_GATHER_INFO
2011-09-30Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1218-1.nasl - Type : ACT_GATHER_INFO
2011-09-27Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1216-1.nasl - Type : ACT_GATHER_INFO
2011-09-26Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2310.nasl - Type : ACT_GATHER_INFO
2011-09-22Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1212-1.nasl - Type : ACT_GATHER_INFO
2011-09-15Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1208-1.nasl - Type : ACT_GATHER_INFO
2011-09-14Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1203-1.nasl - Type : ACT_GATHER_INFO
2011-09-14Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO
2011-09-14Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO
2011-08-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1189.nasl - Type : ACT_GATHER_INFO
2011-08-23Name : The remote Fedora host is missing a security update.
File : fedora_2011-11103.nasl - Type : ACT_GATHER_INFO
2011-08-20Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1189-1.nasl - Type : ACT_GATHER_INFO
2011-08-20Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1193-1.nasl - Type : ACT_GATHER_INFO
2011-08-09Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1186-1.nasl - Type : ACT_GATHER_INFO
2011-08-09Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO
2011-08-04Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1183-1.nasl - Type : ACT_GATHER_INFO
2011-07-26Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110718.nasl - Type : ACT_GATHER_INFO
2011-07-19Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO
2011-07-18Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1168-1.nasl - Type : ACT_GATHER_INFO
2011-07-18Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1170-1.nasl - Type : ACT_GATHER_INFO
2011-07-15Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO
2011-07-14Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1159-1.nasl - Type : ACT_GATHER_INFO
2011-07-14Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1161-1.nasl - Type : ACT_GATHER_INFO
2011-07-14Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO
2011-07-07Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1164-1.nasl - Type : ACT_GATHER_INFO
2011-07-06Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1162-1.nasl - Type : ACT_GATHER_INFO
2011-06-30Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7568.nasl - Type : ACT_GATHER_INFO
2011-06-29Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1160-1.nasl - Type : ACT_GATHER_INFO
2011-06-22Name : The remote Fedora host is missing a security update.
File : fedora_2011-6447.nasl - Type : ACT_GATHER_INFO
2011-06-20Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2264.nasl - Type : ACT_GATHER_INFO
2011-06-13Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1111-1.nasl - Type : ACT_GATHER_INFO
2011-06-13Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1119-1.nasl - Type : ACT_GATHER_INFO
2011-06-13Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1133-1.nasl - Type : ACT_GATHER_INFO
2011-06-13Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1141-1.nasl - Type : ACT_GATHER_INFO
2011-06-13Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1146-1.nasl - Type : ACT_GATHER_INFO
2011-06-10Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2240.nasl - Type : ACT_GATHER_INFO
2011-06-07Name : The remote Fedora host is missing a security update.
File : fedora_2011-7823.nasl - Type : ACT_GATHER_INFO
2011-06-02Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0836.nasl - Type : ACT_GATHER_INFO
2011-06-01Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO
2011-05-20Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0542.nasl - Type : ACT_GATHER_INFO
2011-05-11Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0498.nasl - Type : ACT_GATHER_INFO
2011-05-10Name : The remote Fedora host is missing a security update.
File : fedora_2011-6541.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-debug-101215.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-101202.nasl - Type : ACT_GATHER_INFO
2011-04-28Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110414.nasl - Type : ACT_GATHER_INFO
2011-04-28Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110415.nasl - Type : ACT_GATHER_INFO
2011-04-15Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO
2011-04-13Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO
2011-04-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0421.nasl - Type : ACT_GATHER_INFO
2011-04-06Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1105-1.nasl - Type : ACT_GATHER_INFO
2011-03-27Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1092-1.nasl - Type : ACT_GATHER_INFO
2011-03-25Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7381.nasl - Type : ACT_GATHER_INFO
2011-03-21Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1089-1.nasl - Type : ACT_GATHER_INFO
2011-03-21Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1090-1.nasl - Type : ACT_GATHER_INFO
2011-03-09Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1086-1.nasl - Type : ACT_GATHER_INFO
2011-03-09Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110228.nasl - Type : ACT_GATHER_INFO
2011-03-08Name : The remote Fedora host is missing a security update.
File : fedora_2011-2134.nasl - Type : ACT_GATHER_INFO
2011-03-03Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1080-2.nasl - Type : ACT_GATHER_INFO
2011-03-02Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1080-1.nasl - Type : ACT_GATHER_INFO
2011-03-02Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1081-1.nasl - Type : ACT_GATHER_INFO
2011-03-01Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1071-1.nasl - Type : ACT_GATHER_INFO
2011-03-01Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1072-1.nasl - Type : ACT_GATHER_INFO
2011-03-01Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1073-1.nasl - Type : ACT_GATHER_INFO
2011-02-17Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0263.nasl - Type : ACT_GATHER_INFO
2011-02-11Name : The remote Fedora host is missing a security update.
File : fedora_2011-1138.nasl - Type : ACT_GATHER_INFO
2011-02-11Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12672.nasl - Type : ACT_GATHER_INFO
2011-02-02Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1054-1.nasl - Type : ACT_GATHER_INFO
2011-01-31Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2153.nasl - Type : ACT_GATHER_INFO
2011-01-28Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO
2011-01-21Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-101102.nasl - Type : ACT_GATHER_INFO
2011-01-21Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110104.nasl - Type : ACT_GATHER_INFO
2011-01-21Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-ec2-101103.nasl - Type : ACT_GATHER_INFO
2011-01-19Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO
2011-01-14Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0017.nasl - Type : ACT_GATHER_INFO
2011-01-12Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0007.nasl - Type : ACT_GATHER_INFO
2011-01-11Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1041-1.nasl - Type : ACT_GATHER_INFO
2011-01-07Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0004.nasl - Type : ACT_GATHER_INFO
2011-01-05Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0004.nasl - Type : ACT_GATHER_INFO
2010-12-26Name : The remote Fedora host is missing a security update.
File : fedora_2010-18983.nasl - Type : ACT_GATHER_INFO
2010-12-14Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7257.nasl - Type : ACT_GATHER_INFO
2010-12-14Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0898.nasl - Type : ACT_GATHER_INFO
2010-12-08Name : The remote Fedora host is missing a security update.
File : fedora_2010-18506.nasl - Type : ACT_GATHER_INFO
2010-12-06Name : The remote Fedora host is missing a security update.
File : fedora_2010-18493.nasl - Type : ACT_GATHER_INFO
2010-12-02Name : The remote Fedora host is missing a security update.
File : fedora_2010-18432.nasl - Type : ACT_GATHER_INFO
2010-11-29Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2126.nasl - Type : ACT_GATHER_INFO
2010-11-18Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0842.nasl - Type : ACT_GATHER_INFO
2010-10-29Name : The remote Fedora host is missing a security update.
File : fedora_2010-16826.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2014-02-17 11:58:52
  • Multiple Updates
2013-06-08 17:22:56
  • Multiple Updates
2013-03-01 17:20:44
  • Multiple Updates