Executive Summary
Summary | |
---|---|
Title | Linux kernel vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-451-1 | First vendor Publication | 2007-04-10 |
Vendor | Ubuntu | Last vendor Modification | 2007-04-10 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 6.10: After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: The kernel key management code did not correctly handle key reuse. A local attacker could create many key requests, leading to a denial of service. (CVE-2007-0006) The kernel NFS code did not correctly validate NFSACL2 ACCESS requests. If a system was serving NFS mounts, a remote attacker could send a specially crafted packet, leading to a denial of service. (CVE-2007-0772) When dumping core, the kernel did not correctly handle PT_INTERP processes. A local attacker could create situations where they could read the contents of otherwise unreadable executable programs. (CVE-2007-0958) |
Original Source
Url : http://www.ubuntu.com/usn/USN-451-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-04-09 | Name : Mandriva Update for kernel MDKSA-2007:047 (kernel) File : nvt/gb_mandriva_MDKSA_2007_047.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDKSA-2007:060 (kernel) File : nvt/gb_mandriva_MDKSA_2007_060.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDKSA-2007:078 (kernel) File : nvt/gb_mandriva_MDKSA_2007_078.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.15/2.6.17 vulnerabilities USN-451-1 File : nvt/gb_ubuntu_USN_451_1.nasl |
2009-02-27 | Name : Fedora Update for kernel FEDORA-2007-225 File : nvt/gb_fedora_2007_225_kernel_fc5.nasl |
2009-02-27 | Name : Fedora Update for kernel FEDORA-2007-226 File : nvt/gb_fedora_2007_226_kernel_fc6.nasl |
2009-02-27 | Name : Fedora Update for kernel FEDORA-2007-277 File : nvt/gb_fedora_2007_277_kernel_fc5.nasl |
2009-02-27 | Name : Fedora Update for kernel FEDORA-2007-291 File : nvt/gb_fedora_2007_291_kernel_fc6.nasl |
2009-02-27 | Name : Fedora Update for kernel FEDORA-2007-336 File : nvt/gb_fedora_2007_336_kernel_fc5.nasl |
2009-02-27 | Name : Fedora Update for kernel FEDORA-2007-433 File : nvt/gb_fedora_2007_433_kernel_fc5.nasl |
2009-02-27 | Name : Fedora Update for kernel FEDORA-2007-483 File : nvt/gb_fedora_2007_483_kernel_fc5.nasl |
2009-02-27 | Name : Fedora Update for kernel FEDORA-2007-599 File : nvt/gb_fedora_2007_599_kernel_fc5.nasl |
2009-01-28 | Name : SuSE Update for kernel-bigsmp SUSE-SA:2007:018 File : nvt/gb_suse_2007_018.nasl |
2009-01-28 | Name : SuSE Update for kernel SUSE-SA:2007:021 File : nvt/gb_suse_2007_021.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1286-1 (linux-2.6) File : nvt/deb_1286_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1304-1 (kernel-source-2.6.8) File : nvt/deb_1304_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
35930 | Linux Kernel PT_INTERP Forced Core Dump Arbitrary Restricted Binary Access |
33032 | Linux Kernel Interpreter (PT_INTERP) Functionality Arbitrary Binary Read Access |
33022 | Linux Kernel Crafted NFSACL 2 ACCESS Request Remote DoS |
33021 | Linux Kernel key_alloc_serial() Function Key Serial Number Collision Avoidanc... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0488.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0085.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070625_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-451-1.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-2705.nasl - Type : ACT_GATHER_INFO |
2007-06-27 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0488.nasl - Type : ACT_GATHER_INFO |
2007-06-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0488.nasl - Type : ACT_GATHER_INFO |
2007-06-18 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1304.nasl - Type : ACT_GATHER_INFO |
2007-05-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0099.nasl - Type : ACT_GATHER_INFO |
2007-05-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1286.nasl - Type : ACT_GATHER_INFO |
2007-04-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-078.nasl - Type : ACT_GATHER_INFO |
2007-03-12 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-060.nasl - Type : ACT_GATHER_INFO |
2007-03-06 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-291.nasl - Type : ACT_GATHER_INFO |
2007-03-06 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-277.nasl - Type : ACT_GATHER_INFO |
2007-02-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0085.nasl - Type : ACT_GATHER_INFO |
2007-02-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0085.nasl - Type : ACT_GATHER_INFO |
2007-02-22 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-047.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:04:19 |
|