Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Linux kernel (OMAP4) vulnerabilities
Informations
Name USN-1212-1 First vendor Publication 2011-09-21
Vendor Ubuntu Last vendor Modification 2011-09-21
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.04

Summary:

Multiple kernel flaws have been fixed.

Software Description: - linux-ti-omap4: Linux kernel for OMAP4

Details:

Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file holes. A local attacker could exploit this to read uninitialized data from the disk, leading to a loss of privacy. (CVE-2011-0463)

Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. (CVE-2011-1017)

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities. (CVE-2011-1020)

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2011-1078)

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly check that device name strings were NULL terminated. A local attacker could exploit this to crash the system, leading to a denial of service, or leak contents of kernel stack memory, leading to a loss of privacy. (CVE-2011-1079)

Vasiliy Kulikov discovered that bridge network filtering did not check that name fields were NULL terminated. A local attacker could exploit this to leak contents of kernel stack memory, leading to a loss of privacy. (CVE-2011-1080)

Peter Huewe discovered that the TPM device did not correctly initialize memory. A local attacker could exploit this to read kernel heap memory contents, leading to a loss of privacy. (CVE-2011-1160)

Vasiliy Kulikov discovered that the netfilter code did not check certain strings copied from userspace. A local attacker with netfilter access could exploit this to read kernel memory or crash the system, leading to a denial of service. (CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-2534)

Vasiliy Kulikov discovered that the Acorn Universal Networking driver did not correctly initialize memory. A remote attacker could send specially crafted traffic to read kernel stack memory, leading to a loss of privacy. (CVE-2011-1173)

Dan Rosenberg discovered that the IRDA subsystem did not correctly check certain field sizes. If a system was using IRDA, a remote attacker could send specially crafted traffic to crash the system or gain root privileges. (CVE-2011-1180)

Julien Tinnes discovered that the kernel did not correctly validate the signal structure from tkill(). A local attacker could exploit this to send signals to arbitrary threads, possibly bypassing expected restrictions. (CVE-2011-1182)

Dan Rosenberg discovered that the X.25 Rose network stack did not correctly handle certain fields. If a system was running with Rose enabled, a remote attacker could send specially crafted traffic to gain root privileges. (CVE-2011-1493)

Dan Rosenberg discovered that MPT devices did not correctly validate certain values in ioctl calls. If these drivers were loaded, a local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. (CVE-2011-1494, CVE-2011-1495)

Timo Warns discovered that the GUID partition parsing routines did not correctly validate certain structures. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. (CVE-2011-1577)

Phil Oester discovered that the network bonding system did not correctly handle large queues. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2011-1581)

Tavis Ormandy discovered that the pidmap function did not correctly handle large requests. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-1593)

Oliver Hartkopp and Dave Jones discovered that the CAN network driver did not correctly validate certain socket structures. If this driver was loaded, a local attacker could crash the system, leading to a denial of service. (CVE-2011-1598, CVE-2011-1748)

Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl values. A local attacker with access to the video subsystem could exploit this to crash the system, leading to a denial of service, or possibly gain root privileges. (CVE-2011-1745, CVE-2011-2022)

Vasiliy Kulikov discovered that the AGP driver did not check the size of certain memory allocations. A local attacker with access to the video subsystem could exploit this to run the system out of memory, leading to a denial of service. (CVE-2011-1746)

Dan Rosenberg discovered that the DCCP stack did not correctly handle certain packet structures. A remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-1770)

Ben Greear discovered that CIFS did not correctly handle direct I/O. A local attacker with access to a CIFS partition could exploit this to crash the system, leading to a denial of service. (CVE-2011-1771)

Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly check the origin of mount points. A local attacker could exploit this to trick the system into unmounting arbitrary mount points, leading to a denial of service. (CVE-2011-1833)

Vasiliy Kulikov discovered that taskstats listeners were not correctly handled. A local attacker could expoit this to exhaust memory and CPU resources, leading to a denial of service. (CVE-2011-2484)

It was discovered that Bluetooth l2cap and rfcomm did not correctly initialize structures. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)

Sami Liedes discovered that ext4 did not correctly handle missing root inodes. A local attacker could trigger the mount of a specially crafted filesystem to cause the system to crash, leading to a denial of service. (CVE-2011-2493)

It was discovered that GFS2 did not correctly check block sizes. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2689)

Fernando Gont discovered that the IPv6 stack used predictable fragment identification numbers. A remote attacker could exploit this to exhaust network resources, leading to a denial of service. (CVE-2011-2699)

The performance counter subsystem did not correctly handle certain counters. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2918)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 11.04:
linux-image-2.6.38-1209-omap4 2.6.38-1209.15

After a standard system update you need to reboot your computer to make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1212-1
CVE-2011-0463, CVE-2011-1017, CVE-2011-1020, CVE-2011-1078,
CVE-2011-1079, CVE-2011-1080, CVE-2011-1160, CVE-2011-1170,
CVE-2011-1171, CVE-2011-1172, CVE-2011-1173, CVE-2011-1180,
CVE-2011-1182, CVE-2011-1493, CVE-2011-1494, CVE-2011-1495,
CVE-2011-1577, CVE-2011-1581, CVE-2011-1593, CVE-2011-1598,
CVE-2011-1745, CVE-2011-1746, CVE-2011-1748, CVE-2011-1770,
CVE-2011-1771, CVE-2011-1833, CVE-2011-2022, CVE-2011-2484,
CVE-2011-2492, CVE-2011-2493, CVE-2011-2534, CVE-2011-2689,
CVE-2011-2699, CVE-2011-2918

Package Information:
https://launchpad.net/ubuntu/+source/linux-ti-omap4/2.6.38-1209.15

Original Source

Url : http://www.ubuntu.com/usn/USN-1212-1

CWE : Common Weakness Enumeration

% Id Name
26 % CWE-200 Information Exposure
19 % CWE-20 Improper Input Validation
10 % CWE-476 NULL Pointer Dereference
6 % CWE-787 Out-of-bounds Write (CWE/SANS Top 25)
6 % CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
6 % CWE-190 Integer Overflow or Wraparound (CWE/SANS Top 25)
6 % CWE-189 Numeric Errors (CWE/SANS Top 25)
3 % CWE-399 Resource Management Errors
3 % CWE-362 Race Condition
3 % CWE-264 Permissions, Privileges, and Access Controls
3 % CWE-191 Integer Underflow (Wrap or Wraparound)
3 % CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25)
3 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:13013
 
Oval ID: oval:org.mitre.oval:def:13013
Title: DSA-2240-1 linux-2.6 -- privilege escalation/denial of service/information leak
Description: CVE-2010-3875 Vasiliy Kulikov discovered an issue in the Linux implementation of the Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to sensitive kernel memory. CVE-2011-0695 Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can exploit a race condition to cause a denial of service. CVE-2011-0711 Dan Rosenberg reported an issue in the XFS filesystem. Local users may obtain access to sensitive kernel memory. CVE-2011-0726 Kees Cook reported an issue in the /proc/pid/stat implementation. Local users could learn the text location of a process, defeating protections provided by address space layout randomization. CVE-2011-1016 Marek Olšák discovered an issue in the driver for ATI/AMD Radeon video chips. Local users could pass arbitrary values to video memory and the graphics translation table, resulting in denial of service or escalated privileges. On default Debian installations, this is exploitable only by members of the "video" group. CVE-2011-1078 Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users can obtain access to sensitive kernel memory. CVE-2011-1079 Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users with the CAP_NET_ADMIN capability can cause a denial of service. CVE-2011-1080 Vasiliy Kulikov discovered an issue in the Netfilter subsystem. Local users can obtain access to sensitive kernel memory. CVE-2011-1090 Neil Horman discovered a memory leak in the setacl call on NFSv4 filesystems. Local users can explot this to cause a denial of service. CVE-2011-1160 Peter Huewe reported an issue in the Linux kernel's support for TPM security chips. Local users with permission to open the device can gain access to sensitive kernel memory. CVE-2011-1163 Timo Warns reported an issue in the kernel support for Alpha OSF format disk partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted OSF partition. CVE-2011-1170 Vasiliy Kulikov reported an issue in the Netfilter arp table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1171 Vasiliy Kulikov reported an issue in the Netfilter IP table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1172 Vasiliy Kulikov reported an issue in the Netfilter IP6 table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory. CVE-2011-1173 Vasiliy Kulikov reported an issue in the Acorn Econet protocol implementation. Local users can obtain access to sensitive kernel memory on systems that use this rare hardware. CVE-2011-1180 Dan Rosenberg reported a buffer overflow in the Information Access Service of the IrDA protocol, used for Infrared devices. Remote attackers within IR device range can cause a denial of service or possibly gain elevated privileges. CVE-2011-1182 Julien Tinnes reported an issue in the rt_sigqueueinfo interface. Local users can generate signals with falsified source pid and uid information. CVE-2011-1476 Dan Rosenberg reported issues in the Open Sound System MIDI interface that allow local users to cause a denial of service. This issue does not affect official Debian Linux image packages as they no longer provide support for OSS. However, custom kernels built from Debians linux-source-2.6.32 may have enabled this configuration and would therefore be vulnerable. CVE-2011-1477 Dan Rosenberg reported issues in the Open Sound System driver for cards that include a Yamaha FM synthesizer chip. Local users can cause memory corruption resulting in a denial of service. This issue does not affect official Debian Linux image packages as they no longer provide support for OSS. However, custom kernels built from Debians linux-source-2.6.32 may have enabled this configuration and would therefore be vulnerable. CVE-2011-1478 Ryan Sweat reported an issue in the Generic Receive Offload support in the Linux networking subsystem. If an interface has GRO enabled and is running in promiscuous mode, remote users can cause a denial of service by sending packets on an unknown VLAN. CVE-2011-1493 Dan Rosenburg reported two issues in the Linux implementation of the Amateur Radio X.25 PLP protocol. A remote user can cause a denial of service by providing specially crafted facilities fields. CVE-2011-1494 Dan Rosenberg reported an issue in the /dev/mpt2ctl interface provided by the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can obtain elevated privileges by specially crafted ioctl calls. On default Debian installations this is not exploitable as this interface is only accessible to root. CVE-2011-1495 Dan Rosenberg reported two additional issues in the /dev/mpt2ctl interface provided by the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can obtain elevated privileges and ready arbitrary kernel memory by using specially crafted ioctl calls. On default Debian installations this is not exploitable as this interface is only accessible to root. CVE-2011-1585 Jeff Layton reported an issue in the Common Internet File System. Local users can bypass authentication requirements for shares that are already mounted by another user. CVE-2011-1593 Robert Swiecki reported a signednes issue in the next_pidmap function, which can be exploited my local users to cause a denial of service. CVE-2011-1598 Dave Jones reported an issue in the Broadcast Manager Controller Area Network protocol that may allow local users to cause a NULL pointer dereference, resulting in a denial of service. CVE-2011-1745 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the AGPIOC_BIND ioctl. On default Debian installations, this is exploitable only by users in the video group. CVE-2011-1746 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the agp_allocate_memory and agp_create_user_memory. On default Debian installations, this is exploitable only by users in the video group. CVE-2011-1748 Oliver Kartkopp reported an issue in the Controller Area Network raw socket implementation which permits ocal users to cause a NULL pointer dereference, resulting in a denial of service. CVE-2011-1759 Dan Rosenberg reported an issue in the support for executing "old ABI" binaries on ARM processors. Local users can obtain elevated privileges due to insufficient bounds checking in the semtimedop system call. CVE-2011-1767 Alexecy Dobriyan reported an issue in the GRE over IP implementation. Remote users can cause a denial of service by sending a packet during module initialisation. CVE-2011-1770 Dan Rosenberg reported an issue in the Datagram Congestion Control Protocol. Remote users can cause a denial of service or potentially obtain access to sensitive kernel memory. CVE-2011-1776 Timo Warns reported an issue in the Linux implementation for GUID partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted corrupted invalid partition table. CVE-2011-2022 Vasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the AGPIOC_UNBIND ioctl. On default Debian installations, this is exploitable only by users in the video group. This update also includes changes queued for the next point release of Debian 6.0, which also fix various non-security issues
Family: unix Class: patch
Reference(s): DSA-2240-1
CVE-2010-3875
CVE-2011-0695
CVE-2011-0711
CVE-2011-0726
CVE-2011-1016
CVE-2011-1078
CVE-2011-1079
CVE-2011-1080
CVE-2011-1090
CVE-2011-1160
CVE-2011-1163
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-1173
CVE-2011-1180
CVE-2011-1182
CVE-2011-1476
CVE-2011-1477
CVE-2011-1478
CVE-2011-1493
CVE-2011-1494
CVE-2011-1495
CVE-2011-1585
CVE-2011-1593
CVE-2011-1598
CVE-2011-1745
CVE-2011-1746
CVE-2011-1748
CVE-2011-1759
CVE-2011-1767
CVE-2011-1770
CVE-2011-1776
CVE-2011-2022
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13699
 
Oval ID: oval:org.mitre.oval:def:13699
Title: USN-1111-1 -- linux-source-2.6.15 vulnerabilities
Description: linux-source-2.6.15: Linux kernel Multiple flaws fixed in the Linux kernel.
Family: unix Class: patch
Reference(s): USN-1111-1
CVE-2010-4164
CVE-2010-4249
CVE-2010-4258
CVE-2010-4342
CVE-2010-4527
CVE-2010-4529
CVE-2011-0521
CVE-2011-0695
CVE-2011-1017
Version: 5
Platform(s): Ubuntu 6.06
Product(s): linux-source-2.6.15
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13824
 
Oval ID: oval:org.mitre.oval:def:13824
Title: USN-1170-1 -- linux vulnerabilities
Description: linux: Linux kernel Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1170-1
CVE-2010-4076
CVE-2010-4077
CVE-2010-4247
CVE-2010-4526
CVE-2011-0726
CVE-2011-1163
CVE-2011-1577
CVE-2011-1745
CVE-2011-2022
CVE-2011-1746
Version: 5
Platform(s): Ubuntu 8.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13906
 
Oval ID: oval:org.mitre.oval:def:13906
Title: USN-1183-1 -- linux vulnerabilities
Description: linux: Linux kernel Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1183-1
CVE-2010-4076
CVE-2010-4077
CVE-2011-1090
CVE-2011-1163
CVE-2011-1577
CVE-2011-1598
CVE-2011-1746
Version: 5
Platform(s): Ubuntu 10.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13909
 
Oval ID: oval:org.mitre.oval:def:13909
Title: USN-1164-1 -- linux-fsl-imx51 vulnerabilities
Description: linux-fsl-imx51: Linux kernel for IMX51 Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1164-1
CVE-2010-3865
CVE-2010-3873
CVE-2010-3874
CVE-2010-3875
CVE-2010-3876
CVE-2010-3877
CVE-2010-3880
CVE-2010-4080
CVE-2010-4081
CVE-2010-4082
CVE-2010-4083
CVE-2010-4157
CVE-2010-4164
CVE-2010-4248
CVE-2010-4258
CVE-2010-4342
CVE-2010-4346
CVE-2010-4527
CVE-2010-4529
CVE-2010-4565
CVE-2010-4655
CVE-2010-4656
CVE-2011-0463
CVE-2011-0521
CVE-2011-0695
CVE-2011-0711
CVE-2011-0712
CVE-2011-1017
CVE-2011-1182
CVE-2011-1494
CVE-2011-1495
CVE-2011-1593
CVE-2011-1745
CVE-2011-2022
CVE-2011-1746
CVE-2011-1748
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-fsl-imx51
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14116
 
Oval ID: oval:org.mitre.oval:def:14116
Title: USN-1146-1 -- linux vulnerabilities
Description: linux: Linux kernel Multiple flaws fixed in the Linux kernel.
Family: unix Class: patch
Reference(s): USN-1146-1
CVE-2010-4655
CVE-2010-4656
CVE-2011-0463
CVE-2011-0695
CVE-2011-0712
CVE-2011-1012
CVE-2011-1017
CVE-2011-1593
Version: 5
Platform(s): Ubuntu 8.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14810
 
Oval ID: oval:org.mitre.oval:def:14810
Title: USN-1186-1 -- Linux kernel vulnerabilities
Description: linux: Linux kernel Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1186-1
CVE-2010-4073
CVE-2010-4165
CVE-2010-4238
CVE-2010-4249
CVE-2010-4649
CVE-2011-1044
CVE-2011-0711
CVE-2011-1010
CVE-2011-1090
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-2534
CVE-2011-1173
CVE-2011-2484
Version: 5
Platform(s): Ubuntu 8.04
Product(s): Linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15138
 
Oval ID: oval:org.mitre.oval:def:15138
Title: USN-1187-1 -- Linux kernel (Maverick backport) vulnerabilities
Description: linux-lts-backport-maverick: Linux kernel backport from Maverick Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1187-1
CVE-2010-3698
CVE-2010-3865
CVE-2010-3875
CVE-2010-3876
CVE-2010-3877
CVE-2010-3880
CVE-2010-3881
CVE-2010-4075
CVE-2010-4076
CVE-2010-4077
CVE-2010-4079
CVE-2010-4083
CVE-2010-4163
CVE-2010-4668
CVE-2010-4248
CVE-2010-4342
CVE-2010-4346
CVE-2010-4527
CVE-2010-4529
CVE-2010-4565
CVE-2010-4649
CVE-2011-1044
CVE-2010-4656
CVE-2011-0463
CVE-2011-0521
CVE-2011-0695
CVE-2011-0711
CVE-2011-0712
CVE-2011-0726
CVE-2011-1010
CVE-2011-1012
CVE-2011-1013
CVE-2011-1016
CVE-2011-1017
CVE-2011-1019
CVE-2011-1078
CVE-2011-1079
CVE-2011-1080
CVE-2011-1082
CVE-2011-1090
CVE-2011-1093
CVE-2011-1160
CVE-2011-1163
CVE-2011-1169
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-2534
CVE-2011-1173
CVE-2011-1180
CVE-2011-1182
CVE-2011-1478
CVE-2011-1494
CVE-2011-1495
CVE-2011-1577
CVE-2011-1593
CVE-2011-1598
CVE-2011-1748
CVE-2011-1745
CVE-2011-2022
CVE-2011-1746
Version: 5
Platform(s): Ubuntu 10.04
Product(s): Linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15448
 
Oval ID: oval:org.mitre.oval:def:15448
Title: USN-1205-1 -- Linux kernel (Maverick backport) vulnerabilities
Description: linux-lts-backport-maverick: Linux kernel backport from Maverick Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1205-1
CVE-2011-1020
CVE-2011-1493
CVE-2011-1770
CVE-2011-2484
CVE-2011-2492
Version: 5
Platform(s): Ubuntu 10.04
Product(s): Linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19309
 
Oval ID: oval:org.mitre.oval:def:19309
Title: CRITICAL PATCH UPDATE JULY 2012
Description: The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.
Family: unix Class: vulnerability
Reference(s): CVE-2011-2699
Version: 3
Platform(s): Sun Solaris 10
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19700
 
Oval ID: oval:org.mitre.oval:def:19700
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1593
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19779
 
Oval ID: oval:org.mitre.oval:def:19779
Title: VMware vSphere and vCOps updates to third party libraries
Description: The add_del_listener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a crafted application.
Family: unix Class: vulnerability
Reference(s): CVE-2011-2484
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20192
 
Oval ID: oval:org.mitre.oval:def:20192
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space.
Family: unix Class: vulnerability
Reference(s): CVE-2011-2689
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20210
 
Oval ID: oval:org.mitre.oval:def:20210
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1170
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20234
 
Oval ID: oval:org.mitre.oval:def:20234
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via vectors related to calls that specify a large number of memory pages.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1746
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20325
 
Oval ID: oval:org.mitre.oval:def:20325
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1182
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20404
 
Oval ID: oval:org.mitre.oval:def:20404
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1495
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
VMWare ESX Server 3.5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20425
 
Oval ID: oval:org.mitre.oval:def:20425
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c.
Family: unix Class: vulnerability
Reference(s): CVE-2011-2492
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20431
 
Oval ID: oval:org.mitre.oval:def:20431
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1745
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20444
 
Oval ID: oval:org.mitre.oval:def:20444
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1172
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20530
 
Oval ID: oval:org.mitre.oval:def:20530
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1495
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20545
 
Oval ID: oval:org.mitre.oval:def:20545
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.
Family: unix Class: vulnerability
Reference(s): CVE-2011-2022
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20548
 
Oval ID: oval:org.mitre.oval:def:20548
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1171
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20567
 
Oval ID: oval:org.mitre.oval:def:20567
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1080
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20570
 
Oval ID: oval:org.mitre.oval:def:20570
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1494
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20573
 
Oval ID: oval:org.mitre.oval:def:20573
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1577
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20577
 
Oval ID: oval:org.mitre.oval:def:20577
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1494
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
VMWare ESX Server 3.5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20640
 
Oval ID: oval:org.mitre.oval:def:20640
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and system crash), via a BNEPCONNADD command.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1079
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20664
 
Oval ID: oval:org.mitre.oval:def:20664
Title: VMware vSphere and vCOps updates to third party libraries
Description: Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1833
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20695
 
Oval ID: oval:org.mitre.oval:def:20695
Title: VMware ESXi and ESX updates to third party library and ESX Service Console
Description: The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCO_CONNINFO option.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1078
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20720
 
Oval ID: oval:org.mitre.oval:def:20720
Title: VMware vSphere and vCOps updates to third party libraries
Description: The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.
Family: unix Class: vulnerability
Reference(s): CVE-2011-2699
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20728
 
Oval ID: oval:org.mitre.oval:def:20728
Title: VMware vSphere and vCOps updates to third party libraries
Description: The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1020
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21441
 
Oval ID: oval:org.mitre.oval:def:21441
Title: RHSA-2011:0836: kernel security and bug fix update (Important)
Description: The cifs_close function in fs/cifs/file.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact by setting the O_DIRECT flag during an attempt to open a file on a CIFS filesystem.
Family: unix Class: patch
Reference(s): RHSA-2011:0836-01
CVE-2010-3858
CVE-2011-1598
CVE-2011-1748
CVE-2011-1770
CVE-2011-1771
Version: 68
Platform(s): Red Hat Enterprise Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21647
 
Oval ID: oval:org.mitre.oval:def:21647
Title: RHSA-2011:0542: Red Hat Enterprise Linux 6.1 kernel security, bug fix and enhancement update (Important)
Description: The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default tx_queues setting is used, does not properly restrict queue indexes, which allows remote attackers to cause a denial of service (BUG and system crash) or possibly have unspecified other impact by sending network traffic.
Family: unix Class: patch
Reference(s): RHSA-2011:0542-01
CVE-2010-3881
CVE-2010-4251
CVE-2010-4805
CVE-2011-0999
CVE-2011-1010
CVE-2011-1023
CVE-2011-1082
CVE-2011-1090
CVE-2011-1163
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-1494
CVE-2011-1495
CVE-2011-1581
Version: 198
Platform(s): Red Hat Enterprise Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21896
 
Oval ID: oval:org.mitre.oval:def:21896
Title: RHSA-2011:0927: kernel security and bug fix update (Important)
Description: The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c.
Family: unix Class: patch
Reference(s): RHSA-2011:0927-01
CESA-2011:0927
CVE-2010-4649
CVE-2011-0695
CVE-2011-0711
CVE-2011-1044
CVE-2011-1182
CVE-2011-1573
CVE-2011-1576
CVE-2011-1593
CVE-2011-1745
CVE-2011-1746
CVE-2011-1776
CVE-2011-1936
CVE-2011-2022
CVE-2011-2213
CVE-2011-2492
Version: 198
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21936
 
Oval ID: oval:org.mitre.oval:def:21936
Title: RHSA-2011:1065: Red Hat Enterprise Linux 5.7 kernel security and bug fix update (Important)
Description: The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space.
Family: unix Class: patch
Reference(s): RHSA-2011:1065-01
CESA-2011:1065
CVE-2011-1780
CVE-2011-2525
CVE-2011-2689
Version: 42
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21992
 
Oval ID: oval:org.mitre.oval:def:21992
Title: RHSA-2011:1350: kernel security, bug fix, and enhancement update (Important)
Description: The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.
Family: unix Class: patch
Reference(s): RHSA-2011:1350-01
CVE-2011-1160
CVE-2011-1745
CVE-2011-1746
CVE-2011-1833
CVE-2011-2022
CVE-2011-2484
CVE-2011-2496
CVE-2011-2521
CVE-2011-2723
CVE-2011-2898
CVE-2011-2918
Version: 146
Platform(s): Red Hat Enterprise Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22877
 
Oval ID: oval:org.mitre.oval:def:22877
Title: ELSA-2011:1065: Oracle Linux 5.x.7 kernel security and bug fix update (Important)
Description: The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space.
Family: unix Class: patch
Reference(s): ELSA-2011:1065-01
CVE-2011-1780
CVE-2011-2525
CVE-2011-2689
Version: 17
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23330
 
Oval ID: oval:org.mitre.oval:def:23330
Title: ELSA-2011:0927: kernel security and bug fix update (Important)
Description: The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c.
Family: unix Class: patch
Reference(s): ELSA-2011:0927-01
CVE-2010-4649
CVE-2011-0695
CVE-2011-0711
CVE-2011-1044
CVE-2011-1182
CVE-2011-1573
CVE-2011-1576
CVE-2011-1593
CVE-2011-1745
CVE-2011-1746
CVE-2011-1776
CVE-2011-1936
CVE-2011-2022
CVE-2011-2213
CVE-2011-2492
Version: 65
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23616
 
Oval ID: oval:org.mitre.oval:def:23616
Title: ELSA-2011:0836: kernel security and bug fix update (Important)
Description: The cifs_close function in fs/cifs/file.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact by setting the O_DIRECT flag during an attempt to open a file on a CIFS filesystem.
Family: unix Class: patch
Reference(s): ELSA-2011:0836-01
CVE-2010-3858
CVE-2011-1598
CVE-2011-1748
CVE-2011-1770
CVE-2011-1771
Version: 25
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23620
 
Oval ID: oval:org.mitre.oval:def:23620
Title: ELSA-2011:1350: kernel security, bug fix, and enhancement update (Important)
Description: The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.
Family: unix Class: patch
Reference(s): ELSA-2011:1350-01
CVE-2011-1160
CVE-2011-1745
CVE-2011-1746
CVE-2011-1833
CVE-2011-2022
CVE-2011-2484
CVE-2011-2496
CVE-2011-2521
CVE-2011-2723
CVE-2011-2898
CVE-2011-2918
Version: 49
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23682
 
Oval ID: oval:org.mitre.oval:def:23682
Title: ELSA-2011:0542: Red Hat Enterprise Linux 6.1 kernel security, bug fix and enhancement update (Important)
Description: The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default tx_queues setting is used, does not properly restrict queue indexes, which allows remote attackers to cause a denial of service (BUG and system crash) or possibly have unspecified other impact by sending network traffic.
Family: unix Class: patch
Reference(s): ELSA-2011:0542-01
CVE-2010-3881
CVE-2010-4251
CVE-2010-4805
CVE-2011-0999
CVE-2011-1010
CVE-2011-1023
CVE-2011-1082
CVE-2011-1090
CVE-2011-1163
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-1494
CVE-2011-1495
CVE-2011-1581
Version: 65
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27470
 
Oval ID: oval:org.mitre.oval:def:27470
Title: DEPRECATED: ELSA-2011-0542 -- Oracle Linux 6.1 kernel security, bug fix and enhancement update (important)
Description: [2.6.32-131.0.15.el6] - [build] disable Werr for external modules (Aristeu Rozanski) [703504]
Family: unix Class: patch
Reference(s): ELSA-2011-0542
CVE-2010-3881
CVE-2010-4251
CVE-2010-4805
CVE-2011-0999
CVE-2011-1010
CVE-2011-1023
CVE-2011-1082
CVE-2011-1090
CVE-2011-1163
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-1494
CVE-2011-1495
CVE-2011-1581
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27518
 
Oval ID: oval:org.mitre.oval:def:27518
Title: ELSA-2011-2019 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update (important)
Description: [2.6.32-100.35.1.el6uek] - [net] dccp: handle invalid feature options length {CVE-2011-1770} - [net] can: add missing socket check in can/raw release {CVE-2011-1748} - [net] can: Add missing socket check in can/bcm release {CVE-2011-1598}
Family: unix Class: patch
Reference(s): ELSA-2011-2019
CVE-2011-1598
CVE-2011-1748
CVE-2011-1770
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27552
 
Oval ID: oval:org.mitre.oval:def:27552
Title: DEPRECATED: ELSA-2011-0836 -- kernel security and bug fix update (important)
Description: [2.6.32-131.2.1.el6] - [kernel] lib/vsprintf.c: add %pU to print UUID/GUIDs (Frantisek Hrbata) [704280 700299] - [scsi] megaraid_sas: Driver only report tape drive, JBOD and logic drives (Tomas Henzl) [704601 619422] [2.6.32-131.1.1.el6] - [net] dccp: handle invalid feature options length (Jiri Pirko) [703012 703013] {CVE-2011-1770} - [fs] cifs: check for private_data before trying to put it (Jeff Layton) [703017 702642] {CVE-2011-1771} - [net] can: add missing socket check in can/raw and can/bcm release (Jiri Pirko) [698482 698483] {CVE-2011-1748 CVE-2011-1598} - [netdrv] ixgbe: do not clear FCoE DDP error status for received ABTS (Andy Gospodarek) [704011 695966] - [netdrv] ixgbe: DCB remove ixgbe_fcoe_getapp routine (Andy Gospodarek) [704002 694358] - [fs] setup_arg_pages: diagnose excessive argument size (Oleg Nesterov) [645228 645229] {CVE-2010-3858} - [scsi] bfa: change tech-preview to cover all cases (Rob Evers) [704014 703251] - [scsi] bfa: driver version update (Rob Evers) [704282 703265] - [scsi] bfa: kdump fix (Rob Evers) [704282 703265] - [scsi] bfa: firmware download fix (Rob Evers) [704282 703265] - [netdrv] bna: fix memory leak during RX path cleanup (Ivan Vecera) [704000 698625] - [netdrv] bna: fix for clean fw re-initialization (Ivan Vecera) [704000 698625] - [scsi] ipr: improve interrupt service routine performance (Steve Best) [704009 696754]
Family: unix Class: patch
Reference(s): ELSA-2011-0836
CVE-2010-3858
CVE-2011-1598
CVE-2011-1748
CVE-2011-1770
CVE-2011-1771
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27708
 
Oval ID: oval:org.mitre.oval:def:27708
Title: DEPRECATED: ELSA-2011-1350 -- kernel security, bug fix, and enhancement update (important)
Description: [2.6.32-131.17.1.el6] - Revert: [net] ipv6: make fragment identifications less predictable (Jiri Pirko) [723432 723433] {CVE-2011-2699}
Family: unix Class: patch
Reference(s): ELSA-2011-1350
CVE-2011-1160
CVE-2011-1745
CVE-2011-1746
CVE-2011-1833
CVE-2011-2022
CVE-2011-2484
CVE-2011-2496
CVE-2011-2521
CVE-2011-2723
CVE-2011-2898
CVE-2011-2918
Version: 4
Platform(s): Oracle Linux 6
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27720
 
Oval ID: oval:org.mitre.oval:def:27720
Title: DEPRECATED: ELSA-2011-1065 -- Oracle Linux 5.7 kernel security and bug fix update (important)
Description: [2.6.18-274.el5] - [xen] svm: fix invlpg emulator regression (Paolo Bonzini) [719894]
Family: unix Class: patch
Reference(s): ELSA-2011-1065
CVE-2011-1780
CVE-2011-2525
CVE-2011-2689
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27793
 
Oval ID: oval:org.mitre.oval:def:27793
Title: ELSA-2011-2016 -- Unbreakable Enterprise kernel security fix update (important)
Description: A [2.6.32-100.28.17.el6] - [net] Extend prot->slab size when add sock extend fields. [2.6.32-100.28.16.el6] - kernel: Fix unlimited socket backlog DoS {CVE-2010-4251} - RDS: Fix congestion issues for loopback - rds: prevent BUG_ON triggering on congestion map updates {CVE-2011-1023} - epoll: prevent creating circular epoll structures {CVE-2011-1082} - fs: fix corrupted OSF partition table parsing {CVE-2011-1163} - fs: Increase OSF partition limit from 8 to 18 {CVE-2011-1163} - netfilter: arp_tables: fix infoleak to userspace {CVE-2011-1170} - netfilter: ip_tables: fix infoleak to userspace {CVE-2011-1171} - ipv6: netfilter: ip6_tables: fix infoleak to userspace {CVE-2011-1172} - [SCSI] mpt2sas: prevent heap overflows and unchecked reads {CVE-2011-1494, CVE-2011-1495}
Family: unix Class: patch
Reference(s): ELSA-2011-2016
CVE-2010-4251
CVE-2011-1023
CVE-2011-1082
CVE-2011-1163
CVE-2011-1170
CVE-2011-1171
CVE-2011-1172
CVE-2011-1494
CVE-2011-1495
Version: 5
Platform(s): Oracle Linux 5
Product(s): kernel-uek
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27865
 
Oval ID: oval:org.mitre.oval:def:27865
Title: DEPRECATED: ELSA-2011-0927 -- kernel security and bug fix update (important)
Description: [2.6.18-238.19.1.0.1.el5] - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - bonding: reread information about speed and duplex when interface goes up (John Haxby) [orabug 11890822] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [nfs] too many getattr and access calls after direct I/O [orabug 9348191] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497)
Family: unix Class: patch
Reference(s): ELSA-2011-0927
CVE-2010-4649
CVE-2011-0695
CVE-2011-0711
CVE-2011-1044
CVE-2011-1182
CVE-2011-1573
CVE-2011-1576
CVE-2011-1593
CVE-2011-1745
CVE-2011-1746
CVE-2011-1776
CVE-2011-1936
CVE-2011-2022
CVE-2011-2213
CVE-2011-2492
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27955
 
Oval ID: oval:org.mitre.oval:def:27955
Title: ELSA-2011-2038 -- Unbreakable Enterprise kernel security update (important)
Description: kernel-uek [2.6.32-300.4.1.el6uek] - [pci] intel-iommu: Default to non-coherent for domains unattached to iommus (Joe Jin) - [dm] do not forward ioctls from logical volumes to the underlying device (Joe Jin) {CVE-2011-4127} - [block] fail SCSI passthrough ioctls on partition devices (Joe Jin) {CVE-2011-4127} - [block] add and use scsi_blk_cmd_ioctl (Joe Jin) {CVE-2011-4127} - [net] gro: reset vlan_tci on reuse (Dan Carpenter) {CVE-2011-1576} - [net] rose: Add length checks to CALL_REQUEST parsing (Ben Hutchings) {CVE-2011-1493} - [net] rose_loopback_timer sets VC number <= ROSE_DEFAULT_MAXVC (Bernard Pidoux F6BVP) {CVE-2011-1493}
Family: unix Class: patch
Reference(s): ELSA-2011-2038
CVE-2011-1576
CVE-2011-4127
CVE-2011-1493
Version: 5
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): kernel-uek
ofa
kernel-uek-debug
kernel-uek-debug-devel
kernel-uek-devel
kernel-uek-doc
kernel-uek-firmware
kernel-uek-headers
mlnx_en
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Os 2
Os 2
Os 1505
Os 2
Os 1
Os 1
Os 1
Os 1
Os 1
Os 1

OpenVAS Exploits

Date Description
2013-09-18 Name : Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial ...
File : nvt/deb_2443_1.nasl
2012-08-31 Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries.
File : nvt/gb_VMSA-2012-0013.nasl
2012-08-17 Name : RedHat Update for kernel RHSA-2012:1156-01
File : nvt/gb_RHSA-2012_1156-01_kernel.nasl
2012-08-17 Name : CentOS Update for kernel CESA-2012:1156 centos6
File : nvt/gb_CESA-2012_1156_kernel_centos6.nasl
2012-08-02 Name : SuSE Update for kernel openSUSE-SU-2012:0206-1 (kernel)
File : nvt/gb_suse_2012_0206_1.nasl
2012-08-02 Name : SuSE Update for kernel openSUSE-SU-2012:0236-1 (kernel)
File : nvt/gb_suse_2012_0236_1.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0927 centos5 x86_64
File : nvt/gb_CESA-2011_0927_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:1065 centos5 x86_64
File : nvt/gb_CESA-2011_1065_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for ecryptfs-utils-75-5.el5_ CESA-2011:1241 centos5 x86_64
File : nvt/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:0833 centos5 x86_64
File : nvt/gb_CESA-2011_0833_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64
File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2012:0007 centos5
File : nvt/gb_CESA-2012_0007_kernel_centos5.nasl
2012-07-09 Name : RedHat Update for kernel RHSA-2011:1465-01
File : nvt/gb_RHSA-2011_1465-01_kernel.nasl
2012-07-09 Name : RedHat Update for Red Hat Enterprise Linux 6 kernel RHSA-2011:1530-03
File : nvt/gb_RHSA-2011_1530-03_Red_Hat_Enterprise_Linux_6_kernel.nasl
2012-07-09 Name : RedHat Update for kernel RHSA-2011:1350-01
File : nvt/gb_RHSA-2011_1350-01_kernel.nasl
2012-07-09 Name : RedHat Update for kernel RHSA-2011:1189-01
File : nvt/gb_RHSA-2011_1189-01_kernel.nasl
2012-06-06 Name : RedHat Update for Red Hat Enterprise Linux 6.1 kernel RHSA-2011:0542-01
File : nvt/gb_RHSA-2011_0542-01_Red_Hat_Enterprise_Linux_6.1_kernel.nasl
2012-06-06 Name : RedHat Update for kernel RHSA-2011:0498-01
File : nvt/gb_RHSA-2011_0498-01_kernel.nasl
2012-06-06 Name : RedHat Update for kernel RHSA-2011:0836-01
File : nvt/gb_RHSA-2011_0836-01_kernel.nasl
2012-03-19 Name : Fedora Update for ecryptfs-utils FEDORA-2011-10671
File : nvt/gb_fedora_2011_10671_ecryptfs-utils_fc16.nasl
2012-03-16 Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX...
File : nvt/gb_VMSA-2011-0012.nasl
2012-03-15 Name : VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Ser...
File : nvt/gb_VMSA-2012-0001.nasl
2012-01-13 Name : RedHat Update for kernel RHSA-2012:0007-01
File : nvt/gb_RHSA-2012_0007-01_kernel.nasl
2011-12-02 Name : Fedora Update for kernel FEDORA-2011-16346
File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl
2011-11-11 Name : Ubuntu Update for linux USN-1253-1
File : nvt/gb_ubuntu_USN_1253_1.nasl
2011-11-11 Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1
File : nvt/gb_ubuntu_USN_1256_1.nasl
2011-11-08 Name : Fedora Update for kernel FEDORA-2011-15241
File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl
2011-10-31 Name : Ubuntu Update for linux-mvl-dove USN-1245-1
File : nvt/gb_ubuntu_USN_1245_1.nasl
2011-10-31 Name : Ubuntu Update for linux-mvl-dove USN-1240-1
File : nvt/gb_ubuntu_USN_1240_1.nasl
2011-10-31 Name : Ubuntu Update for linux-ec2 USN-1239-1
File : nvt/gb_ubuntu_USN_1239_1.nasl
2011-10-31 Name : Fedora Update for kernel FEDORA-2011-14747
File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl
2011-10-21 Name : CentOS Update for kernel CESA-2011:1386 centos5 i386
File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl
2011-10-21 Name : RedHat Update for kernel RHSA-2011:1386-01
File : nvt/gb_RHSA-2011_1386-01_kernel.nasl
2011-10-14 Name : Ubuntu Update for linux USN-1227-1
File : nvt/gb_ubuntu_USN_1227_1.nasl
2011-10-10 Name : Ubuntu Update for linux USN-1225-1
File : nvt/gb_ubuntu_USN_1225_1.nasl
2011-10-10 Name : Fedora Update for kernel FEDORA-2011-12874
File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl
2011-09-30 Name : Ubuntu Update for linux-ec2 USN-1216-1
File : nvt/gb_ubuntu_USN_1216_1.nasl
2011-09-30 Name : Ubuntu Update for linux USN-1218-1
File : nvt/gb_ubuntu_USN_1218_1.nasl
2011-09-30 Name : Ubuntu Update for linux-lts-backport-maverick USN-1219-1
File : nvt/gb_ubuntu_USN_1219_1.nasl
2011-09-23 Name : Ubuntu Update for linux USN-1211-1
File : nvt/gb_ubuntu_USN_1211_1.nasl
2011-09-23 Name : CentOS Update for kernel CESA-2011:1065 centos5 i386
File : nvt/gb_CESA-2011_1065_kernel_centos5_i386.nasl
2011-09-23 Name : Ubuntu Update for linux-ti-omap4 USN-1212-1
File : nvt/gb_ubuntu_USN_1212_1.nasl
2011-09-23 Name : CentOS Update for ecryptfs-utils-75-5.el5_ CESA-2011:1241 centos5 i386
File : nvt/gb_CESA-2011_1241_ecryptfs-utils-75-5.el5__centos5_i386.nasl
2011-09-16 Name : Fedora Update for ecryptfs-utils FEDORA-2011-11979
File : nvt/gb_fedora_2011_11979_ecryptfs-utils_fc14.nasl
2011-09-16 Name : Fedora Update for ecryptfs-utils FEDORA-2011-11936
File : nvt/gb_fedora_2011_11936_ecryptfs-utils_fc15.nasl
2011-09-16 Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1
File : nvt/gb_ubuntu_USN_1204_1.nasl
2011-09-16 Name : Ubuntu Update for linux-mvl-dove USN-1203-1
File : nvt/gb_ubuntu_USN_1203_1.nasl
2011-09-16 Name : Ubuntu Update for linux-ti-omap4 USN-1202-1
File : nvt/gb_ubuntu_USN_1202_1.nasl
2011-09-16 Name : Ubuntu Update for linux USN-1201-1
File : nvt/gb_ubuntu_USN_1201_1.nasl
2011-09-16 Name : Ubuntu Update for linux-mvl-dove USN-1208-1
File : nvt/gb_ubuntu_USN_1208_1.nasl
2011-09-16 Name : Ubuntu Update for linux-lts-backport-maverick USN-1205-1
File : nvt/gb_ubuntu_USN_1205_1.nasl
2011-09-07 Name : Fedora Update for ecryptfs-utils FEDORA-2011-10718
File : nvt/gb_fedora_2011_10718_ecryptfs-utils_fc14.nasl
2011-09-07 Name : Fedora Update for ecryptfs-utils FEDORA-2011-10733
File : nvt/gb_fedora_2011_10733_ecryptfs-utils_fc15.nasl
2011-09-07 Name : RedHat Update for ecryptfs-utils RHSA-2011:1241-01
File : nvt/gb_RHSA-2011_1241-01_ecryptfs-utils.nasl
2011-08-27 Name : Fedora Update for kernel FEDORA-2011-11103
File : nvt/gb_fedora_2011_11103_kernel_fc14.nasl
2011-08-24 Name : Ubuntu Update for linux USN-1193-1
File : nvt/gb_ubuntu_USN_1193_1.nasl
2011-08-24 Name : Ubuntu Update for linux USN-1189-1
File : nvt/gb_ubuntu_USN_1189_1.nasl
2011-08-12 Name : Ubuntu Update for ecryptfs-utils USN-1188-1
File : nvt/gb_ubuntu_USN_1188_1.nasl
2011-08-12 Name : Ubuntu Update for linux USN-1183-1
File : nvt/gb_ubuntu_USN_1183_1.nasl
2011-08-12 Name : Ubuntu Update for linux USN-1186-1
File : nvt/gb_ubuntu_USN_1186_1.nasl
2011-08-12 Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1
File : nvt/gb_ubuntu_USN_1187_1.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2011:0833 centos5 i386
File : nvt/gb_CESA-2011_0833_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2011:0927 centos5 i386
File : nvt/gb_CESA-2011_0927_kernel_centos5_i386.nasl
2011-08-03 Name : Debian Security Advisory DSA 2264-1 (linux-2.6)
File : nvt/deb_2264_1.nasl
2011-07-22 Name : RedHat Update for Red Hat Enterprise Linux 5.7 kernel RHSA-2011:1065-01
File : nvt/gb_RHSA-2011_1065-01_Red_Hat_Enterprise_Linux_5.7_kernel.nasl
2011-07-18 Name : Ubuntu Update for linux USN-1168-1
File : nvt/gb_ubuntu_USN_1168_1.nasl
2011-07-18 Name : RedHat Update for kernel RHSA-2011:0927-01
File : nvt/gb_RHSA-2011_0927-01_kernel.nasl
2011-07-18 Name : Ubuntu Update for linux-mvl-dove USN-1159-1
File : nvt/gb_ubuntu_USN_1159_1.nasl
2011-07-18 Name : Ubuntu Update for linux-ec2 USN-1161-1
File : nvt/gb_ubuntu_USN_1161_1.nasl
2011-07-18 Name : Ubuntu Update for linux USN-1167-1
File : nvt/gb_ubuntu_USN_1167_1.nasl
2011-07-18 Name : Ubuntu Update for linux USN-1170-1
File : nvt/gb_ubuntu_USN_1170_1.nasl
2011-07-12 Name : Fedora Update for kernel FEDORA-2011-7823
File : nvt/gb_fedora_2011_7823_kernel_fc15.nasl
2011-07-08 Name : Ubuntu Update for linux USN-1160-1
File : nvt/gb_ubuntu_USN_1160_1.nasl
2011-07-08 Name : Ubuntu Update for linux-mvl-dove USN-1162-1
File : nvt/gb_ubuntu_USN_1162_1.nasl
2011-07-08 Name : Ubuntu Update for linux-fsl-imx51 USN-1164-1
File : nvt/gb_ubuntu_USN_1164_1.nasl
2011-06-24 Name : Fedora Update for kernel FEDORA-2011-6447
File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl
2011-06-20 Name : Fedora Update for kernel FEDORA-2011-7551
File : nvt/gb_fedora_2011_7551_kernel_fc14.nasl
2011-06-10 Name : Ubuntu Update for linux USN-1146-1
File : nvt/gb_ubuntu_USN_1146_1.nasl
2011-06-06 Name : Ubuntu Update for linux USN-1141-1
File : nvt/gb_ubuntu_USN_1141_1.nasl
2011-06-06 Name : RedHat Update for kernel RHSA-2011:0833-01
File : nvt/gb_RHSA-2011_0833-01_kernel.nasl
2011-05-17 Name : Fedora Update for kernel FEDORA-2011-6541
File : nvt/gb_fedora_2011_6541_kernel_fc14.nasl
2011-05-10 Name : Ubuntu Update for linux-source-2.6.15 USN-1111-1
File : nvt/gb_ubuntu_USN_1111_1.nasl
2011-05-06 Name : SuSE Update for kernel SUSE-SA:2011:020
File : nvt/gb_suse_2011_020.nasl
2011-04-22 Name : SuSE Update for kernel SUSE-SA:2011:017
File : nvt/gb_suse_2011_017.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
74879 Red Hat ecryptfs-utils mount.ecryptfs_private Arbitrary Directory Mount Local...

74678 Linux Kernel IPv6 Fragment Identification Prediction Weakness

74677 Linux Kernel Malformed EXT4 Filesystem Mounting Local DoS

74650 Linux Kernel sco_sock_getsockopt() Function Local Memory Disclosure

74645 Linux Kernel Common Internet File System (CIFS) Implementation cifs_close() F...

74642 Linux Kernel do_replace() Function CAP_NET_ADMIN Capability Local Information...

74640 Linux Kernel TPM Devices Arbitrary Kernel Memory Disclosure

74639 Linux Kernel IrDA Module Peer name / attribute Handling Local Memory Corruption

74636 Linux Kernel FAC_NATIONAL_DIGIS digipeater Handling Remote Heap Corruption

74624 Linux Kernel Event Overflows Local DoS

73802 Linux Kernel fs/gfs2/file.c GFS2 gfs2_fallocate() Function Local DoS

73460 Linux Kernel Bluetooth net/bluetooth/rfcomm/sock.c rfcomm_sock_getsockopt_old...

73459 Linux Kernel Bluetooth net/bluetooth/l2cap_sock.c l2cap_sock_getsockopt_old()...

73451 Linux Kernel kernel/taskstats.c add_del_listener Function Exit Handler Regist...

73449 Linux Kernel net/dccp/options.c dccp_parse_options Function DCCP Packet Remot...

73298 Linux Kernel on x86_64 net/econet/af_econet.c econet_sendmsg Function AUN Pac...

73297 Linux Kernel IPv6 net/ipv6/netfilter/ip6_tables.c CAP_NET_ADMIN Missing Null ...

73296 Linux Kernel IPv4 net/ipv4/netfilter/ip_tables.c CAP_NET_ADMIN Missing Null C...

73295 Linux Kernel IPv4 net/ipv4/netfilter/arp_tables.c CAP_NET_ADMIN Missing Null ...

73293 Linux Kernel net/ipv4/netfilter/ipt_CLUSTERIP.c clusterip_proc_write Function...

73054 Linux Kernel drivers/net/bonding/bond_main.c bond_select_queue Function Recei...

73049 Linux Kernel fs/partitions/efi.c is_gpt_valid Function EFI GUID Partition Tab...

73048 Linux Kernel drivers/scsi/mpt2sas/mpt2sas_ctl.c Multiple Function Memory Copy...

73047 Linux Kernel drivers/scsi/mpt2sas/mpt2sas_ctl.c _ctl_do_mpt_command Function ...

73045 Linux Kernel drivers/char/agp/generic.c agp_generic_remove_memory Function AG...

73043 Linux Kernel drivers/char/agp/generic.c Multiple Function Memory Page Call Lo...

73042 Linux Kernel drivers/char/agp/generic.c agp_generic_insert_memory Function AG...

73040 Linux Kernel net/can/raw.c raw_release Function Release Operation NULL Derefe...

71992 Linux Kernel kernel/pid.c next_pidmap() Function Local DoS

Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the next_pidmap() function in kernel/pid.c is exploited via a specially crafted 'getdents()' system call, resulting in a denial of service.
71884 Linux Kernel net/can/bcm.c bcm_release() Function NULL Dereference Local DoS

The Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered when a NULL pointer dereference error in the bcm_release() function to net/can/bcm.c occurs, and will result in loss of availability for the kernel.
71662 Linux Kernel OCFS2 File System Sparse Writes Arbitrary Memory Disclosure

71656 Linux Kernel net/bluetooth/bnep/sock.c bnep_sock_ioctl() System Information L...

71653 Linux Kernel rt_*sigqueueinfo() Functions SI_TKILL Signal Spoofing

71359 Linux Kernel fs/partitions/ldm.c ldm_frag_add() LDM Partition Table Overflow

Linux Kernel is prone to an overflow condition. The 'ldm_frag_add()' function in 'fs/partitions/ldm.c' fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted LDM partition table, a physically present attacker can potentially gain elevated privileges or obtain sensitive information.
71271 Linux Kernel /proc/<pid>/ Weak Permissions Issue

Linux Kernel contains a flaw related to the proc filesystem implementation failing to properly restrict access to the '/proc/<pid>/' directory during execution of a SUID program. This may allow a local attacker to cause a denial of service or obtain sensitive information.

Information Assurance Vulnerability Management (IAVM)

Date Description
2012-09-27 IAVM : 2012-A-0153 - Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity : Category I - VMSKEY : V0033884
2012-09-13 IAVM : 2012-A-0148 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity : Category I - VMSKEY : V0033794
2012-02-02 IAVM : 2012-A-0020 - Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity : Category I - VMSKEY : V0031252
2011-10-27 IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi
Severity : Category I - VMSKEY : V0030545

Nessus® Vulnerability Scanner

Date Description
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03 Name : The remote VMware ESXi / ESX host is missing a security-related patch.
File : vmware_VMSA-2012-0001_remote.nasl - Type : ACT_GATHER_INFO
2016-02-29 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2012-0013_remote.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0536-1.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0812-1.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-1090.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-1408.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2012-1200.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1253.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0333.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_ecryptfs-utils-110811.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-110726.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-111026.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-120104.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_ecryptfs-utils-110811.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-110426.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-110726.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-111026.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-120104.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-16.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-26.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0498.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0833.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0836.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0927.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1189.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1241.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1350.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1465.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2015.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2016.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2019.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2025.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2029.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2033.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2037.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2038.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0007.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1156.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0883.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0116.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0358.nasl - Type : ACT_GATHER_INFO
2012-08-31 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2012-0013.nasl - Type : ACT_GATHER_INFO
2012-08-16 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1156.nasl - Type : ACT_GATHER_INFO
2012-08-16 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120814_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1156.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110510_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110519_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110531_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110715_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110823_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110831_ecryptfs_utils_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111005_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111020_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111122_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111206_Scientific_Linux_6_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120110_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7515.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7665.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7729.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7811.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7915.nasl - Type : ACT_GATHER_INFO
2012-03-27 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2443.nasl - Type : ACT_GATHER_INFO
2012-02-07 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-120129.nasl - Type : ACT_GATHER_INFO
2012-02-07 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-120130.nasl - Type : ACT_GATHER_INFO
2012-01-31 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2012-0001.nasl - Type : ACT_GATHER_INFO
2012-01-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7918.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0007.nasl - Type : ACT_GATHER_INFO
2012-01-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0007.nasl - Type : ACT_GATHER_INFO
2011-12-14 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-111202.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110823.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110824.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7516.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7666.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7812.nasl - Type : ACT_GATHER_INFO
2011-12-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1530.nasl - Type : ACT_GATHER_INFO
2011-11-29 Name : The remote Fedora host is missing a security update.
File : fedora_2011-16346.nasl - Type : ACT_GATHER_INFO
2011-11-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1465.nasl - Type : ACT_GATHER_INFO
2011-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1256-1.nasl - Type : ACT_GATHER_INFO
2011-11-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1253-1.nasl - Type : ACT_GATHER_INFO
2011-11-07 Name : The remote Fedora host is missing a security update.
File : fedora_2011-15241.nasl - Type : ACT_GATHER_INFO
2011-10-31 Name : The remote Fedora host is missing a security update.
File : fedora_2011-14747.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1239-1.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1240-1.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1245-1.nasl - Type : ACT_GATHER_INFO
2011-10-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7734.nasl - Type : ACT_GATHER_INFO
2011-10-21 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2011-10-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2011-10-14 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO
2011-10-12 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1227-1.nasl - Type : ACT_GATHER_INFO
2011-10-10 Name : The remote Fedora host is missing a security update.
File : fedora_2011-12874.nasl - Type : ACT_GATHER_INFO
2011-10-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1350.nasl - Type : ACT_GATHER_INFO
2011-10-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1225-1.nasl - Type : ACT_GATHER_INFO
2011-09-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1218-1.nasl - Type : ACT_GATHER_INFO
2011-09-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1219-1.nasl - Type : ACT_GATHER_INFO
2011-09-27 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1216-1.nasl - Type : ACT_GATHER_INFO
2011-09-26 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2310.nasl - Type : ACT_GATHER_INFO
2011-09-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1065.nasl - Type : ACT_GATHER_INFO
2011-09-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1241.nasl - Type : ACT_GATHER_INFO
2011-09-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1211-1.nasl - Type : ACT_GATHER_INFO
2011-09-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1212-1.nasl - Type : ACT_GATHER_INFO
2011-09-15 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1208-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1201-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1203-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO
2011-09-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1205-1.nasl - Type : ACT_GATHER_INFO
2011-09-09 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2303.nasl - Type : ACT_GATHER_INFO
2011-09-07 Name : The remote Fedora host is missing a security update.
File : fedora_2011-10671.nasl - Type : ACT_GATHER_INFO
2011-09-06 Name : The remote Fedora host is missing a security update.
File : fedora_2011-10718.nasl - Type : ACT_GATHER_INFO
2011-09-06 Name : The remote Fedora host is missing a security update.
File : fedora_2011-10733.nasl - Type : ACT_GATHER_INFO
2011-09-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1241.nasl - Type : ACT_GATHER_INFO
2011-08-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1189.nasl - Type : ACT_GATHER_INFO
2011-08-23 Name : The remote Fedora host is missing a security update.
File : fedora_2011-11103.nasl - Type : ACT_GATHER_INFO
2011-08-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1189-1.nasl - Type : ACT_GATHER_INFO
2011-08-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1193-1.nasl - Type : ACT_GATHER_INFO
2011-08-12 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_ecryptfs-utils-110804.nasl - Type : ACT_GATHER_INFO
2011-08-10 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1188-1.nasl - Type : ACT_GATHER_INFO
2011-08-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1186-1.nasl - Type : ACT_GATHER_INFO
2011-08-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO
2011-08-04 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1183-1.nasl - Type : ACT_GATHER_INFO
2011-07-26 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110718.nasl - Type : ACT_GATHER_INFO
2011-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1065.nasl - Type : ACT_GATHER_INFO
2011-07-19 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO
2011-07-18 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1168-1.nasl - Type : ACT_GATHER_INFO
2011-07-18 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1170-1.nasl - Type : ACT_GATHER_INFO
2011-07-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0927.nasl - Type : ACT_GATHER_INFO
2011-07-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1159-1.nasl - Type : ACT_GATHER_INFO
2011-07-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1161-1.nasl - Type : ACT_GATHER_INFO
2011-07-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO
2011-07-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1164-1.nasl - Type : ACT_GATHER_INFO
2011-07-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1162-1.nasl - Type : ACT_GATHER_INFO
2011-06-30 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7568.nasl - Type : ACT_GATHER_INFO
2011-06-29 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1160-1.nasl - Type : ACT_GATHER_INFO
2011-06-22 Name : The remote Fedora host is missing a security update.
File : fedora_2011-6447.nasl - Type : ACT_GATHER_INFO
2011-06-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2264.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1111-1.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1141-1.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1146-1.nasl - Type : ACT_GATHER_INFO
2011-06-12 Name : The remote Fedora host is missing a security update.
File : fedora_2011-7551.nasl - Type : ACT_GATHER_INFO
2011-06-10 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2240.nasl - Type : ACT_GATHER_INFO
2011-06-07 Name : The remote Fedora host is missing a security update.
File : fedora_2011-7823.nasl - Type : ACT_GATHER_INFO
2011-06-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0836.nasl - Type : ACT_GATHER_INFO
2011-06-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO
2011-05-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0542.nasl - Type : ACT_GATHER_INFO
2011-05-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0498.nasl - Type : ACT_GATHER_INFO
2011-05-10 Name : The remote Fedora host is missing a security update.
File : fedora_2011-6541.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO
2011-04-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110414.nasl - Type : ACT_GATHER_INFO
2011-04-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110415.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-02-17 11:59:00
  • Multiple Updates
2013-06-08 17:22:58
  • Multiple Updates
2013-03-01 17:20:44
  • Multiple Updates