Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Linux kernel vulnerabilities
Informations
Name USN-966-1 First vendor Publication 2010-08-04
Vendor Ubuntu Last vendor Modification 2010-08-04
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 6.06 LTS:
linux-image-2.6.15-55-386 2.6.15-55.86
linux-image-2.6.15-55-686 2.6.15-55.86
linux-image-2.6.15-55-amd64-generic 2.6.15-55.86
linux-image-2.6.15-55-amd64-k8 2.6.15-55.86
linux-image-2.6.15-55-amd64-server 2.6.15-55.86
linux-image-2.6.15-55-amd64-xeon 2.6.15-55.86
linux-image-2.6.15-55-hppa32 2.6.15-55.86
linux-image-2.6.15-55-hppa32-smp 2.6.15-55.86
linux-image-2.6.15-55-hppa64 2.6.15-55.86
linux-image-2.6.15-55-hppa64-smp 2.6.15-55.86
linux-image-2.6.15-55-itanium 2.6.15-55.86
linux-image-2.6.15-55-itanium-smp 2.6.15-55.86
linux-image-2.6.15-55-k7 2.6.15-55.86
linux-image-2.6.15-55-mckinley 2.6.15-55.86
linux-image-2.6.15-55-mckinley-smp 2.6.15-55.86
linux-image-2.6.15-55-powerpc 2.6.15-55.86
linux-image-2.6.15-55-powerpc-smp 2.6.15-55.86
linux-image-2.6.15-55-powerpc64-smp 2.6.15-55.86
linux-image-2.6.15-55-server 2.6.15-55.86
linux-image-2.6.15-55-server-bigiron 2.6.15-55.86
linux-image-2.6.15-55-sparc64 2.6.15-55.86
linux-image-2.6.15-55-sparc64-smp 2.6.15-55.86

Ubuntu 8.04 LTS:
linux-image-2.6.24-28-386 2.6.24-28.73
linux-image-2.6.24-28-generic 2.6.24-28.73
linux-image-2.6.24-28-hppa32 2.6.24-28.73
linux-image-2.6.24-28-hppa64 2.6.24-28.73
linux-image-2.6.24-28-itanium 2.6.24-28.73
linux-image-2.6.24-28-lpia 2.6.24-28.73
linux-image-2.6.24-28-lpiacompat 2.6.24-28.73
linux-image-2.6.24-28-mckinley 2.6.24-28.73
linux-image-2.6.24-28-openvz 2.6.24-28.73
linux-image-2.6.24-28-powerpc 2.6.24-28.73
linux-image-2.6.24-28-powerpc-smp 2.6.24-28.73
linux-image-2.6.24-28-powerpc64-smp 2.6.24-28.73
linux-image-2.6.24-28-rt 2.6.24-28.73
linux-image-2.6.24-28-server 2.6.24-28.73
linux-image-2.6.24-28-sparc64 2.6.24-28.73
linux-image-2.6.24-28-sparc64-smp 2.6.24-28.73
linux-image-2.6.24-28-virtual 2.6.24-28.73
linux-image-2.6.24-28-xen 2.6.24-28.73

Ubuntu 9.04:
linux-image-2.6.28-19-generic 2.6.28-19.62
linux-image-2.6.28-19-imx51 2.6.28-19.62
linux-image-2.6.28-19-iop32x 2.6.28-19.62
linux-image-2.6.28-19-ixp4xx 2.6.28-19.62
linux-image-2.6.28-19-lpia 2.6.28-19.62
linux-image-2.6.28-19-server 2.6.28-19.62
linux-image-2.6.28-19-versatile 2.6.28-19.62
linux-image-2.6.28-19-virtual 2.6.28-19.62

Ubuntu 9.10:
linux-image-2.6.31-214-dove 2.6.31-214.29
linux-image-2.6.31-214-dove-z0 2.6.31-214.29
linux-image-2.6.31-22-386 2.6.31-22.61
linux-image-2.6.31-22-generic 2.6.31-22.61
linux-image-2.6.31-22-generic-pae 2.6.31-22.61
linux-image-2.6.31-22-ia64 2.6.31-22.61
linux-image-2.6.31-22-lpia 2.6.31-22.61
linux-image-2.6.31-22-powerpc 2.6.31-22.61
linux-image-2.6.31-22-powerpc-smp 2.6.31-22.61
linux-image-2.6.31-22-powerpc64-smp 2.6.31-22.61
linux-image-2.6.31-22-server 2.6.31-22.61
linux-image-2.6.31-22-sparc64 2.6.31-22.61
linux-image-2.6.31-22-sparc64-smp 2.6.31-22.61
linux-image-2.6.31-22-virtual 2.6.31-22.61
linux-image-2.6.31-307-ec2 2.6.31-307.16

Ubuntu 10.04 LTS:
linux-image-2.6.32-207-dove 2.6.32-207.21
linux-image-2.6.32-24-386 2.6.32-24.39
linux-image-2.6.32-24-generic 2.6.32-24.39
linux-image-2.6.32-24-generic-pae 2.6.32-24.39
linux-image-2.6.32-24-ia64 2.6.32-24.39
linux-image-2.6.32-24-lpia 2.6.32-24.39
linux-image-2.6.32-24-powerpc 2.6.32-24.39
linux-image-2.6.32-24-powerpc-smp 2.6.32-24.39
linux-image-2.6.32-24-powerpc64-smp 2.6.32-24.39
linux-image-2.6.32-24-preempt 2.6.32-24.39
linux-image-2.6.32-24-server 2.6.32-24.39
linux-image-2.6.32-24-sparc64 2.6.32-24.39
linux-image-2.6.32-24-sparc64-smp 2.6.32-24.39
linux-image-2.6.32-24-versatile 2.6.32-24.39
linux-image-2.6.32-24-virtual 2.6.32-24.39
linux-image-2.6.32-308-ec2 2.6.32-308.14
linux-image-2.6.33-502-omap 2.6.33-502.9

After a standard system update you need to reboot your computer to make all the necessary changes.

Details follow:

Junjiro R. Okajima discovered that knfsd did not correctly handle strict overcommit. A local attacker could exploit this to crash knfsd, leading to a denial of service. (Only Ubuntu 6.06 LTS and 8.04 LTS were affected.) (CVE-2008-7256, CVE-2010-1643)

Chris Guo, Jukka Taimisto, and Olli Jarva discovered that SCTP did not correctly handle invalid parameters. A remote attacker could send specially crafted traffic that could crash the system, leading to a denial of service. (CVE-2010-1173)

Mario Mikocevic discovered that GFS2 did not correctly handle certain quota structures. A local attacker could exploit this to crash the system, leading to a denial of service. (Ubuntu 6.06 LTS was not affected.) (CVE-2010-1436)

Toshiyuki Okajima discovered that the kernel keyring did not correctly handle dead keyrings. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-1437)

Brad Spengler discovered that Sparc did not correctly implement non-executable stacks. This made userspace applications vulnerable to exploits that would have been otherwise blocked due to non-executable memory protections. (Ubuntu 10.04 LTS was not affected.) (CVE-2010-1451)

Dan Rosenberg discovered that the btrfs clone function did not correctly validate permissions. A local attacker could exploit this to read sensitive information, leading to a loss of privacy. (Only Ubuntu 9.10 was affected.) (CVE-2010-1636)

Dan Rosenberg discovered that GFS2 set_flags function did not correctly validate permissions. A local attacker could exploit this to gain access to files, leading to a loss of privacy and potential privilege escalation. (Ubuntu 6.06 LTS was not affected.) (CVE-2010-1641)

Shi Weihua discovered that btrfs xattr_set_acl function did not correctly validate permissions. A local attacker could exploit this to gain access to files, leading to a loss of privacy and potential privilege escalation. (Only Ubuntu 9.10 and 10.04 LTS were affected.) (CVE-2010-2071)

Andre Osterhues discovered that eCryptfs did not correctly calculate hash values. A local attacker with certain uids could exploit this to crash the system or potentially gain root privileges. (Ubuntu 6.06 LTS was not affected.) (CVE-2010-2492)

Original Source

Url : http://www.ubuntu.com/usn/USN-966-1

CWE : Common Weakness Enumeration

% Id Name
22 % CWE-264 Permissions, Privileges, and Access Controls
11 % CWE-787 Out-of-bounds Write (CWE/SANS Top 25)
11 % CWE-416 Use After Free
11 % CWE-399 Resource Management Errors
11 % CWE-362 Race Condition
11 % CWE-200 Information Exposure
11 % CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25)
11 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10652
 
Oval ID: oval:org.mitre.oval:def:10652
Title: gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2_quota struct occupies two separate pages, which allows local users to cause a denial of service (kernel panic) via certain manipulations that cause an out-of-bounds write, as demonstrated by writing from an ext3 file system to a gfs2 file system.
Description: gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2_quota struct occupies two separate pages, which allows local users to cause a denial of service (kernel panic) via certain manipulations that cause an out-of-bounds write, as demonstrated by writing from an ext3 file system to a gfs2 file system.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1436
 Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11416
 
Oval ID: oval:org.mitre.oval:def:11416
Title: The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data.
Description: The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1173
 Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13587
 
Oval ID: oval:org.mitre.oval:def:13587
Title: DSA-2053-1 linux-2.6 -- privilege escalation/denial of service/information leak
Description: CVE-2009-4537 Fabian Yamaguchi reported a missing check for Ethernet frames larger than the MTU in the r8169 driver. This may allow users on the local network to crash a system, resulting in a denial of service. CVE-2010-0727 Sachin Prabhu reported an issue in the GFS2 filesystem. Local users can trigger a BUG altering the permissions on a locked file, resulting in a denial of service. CVE-2010-1083 Linus Torvalds reported an issue in the USB subsystem, which may allow local users to obtain portions of sensitive kernel memory. CVE-2010-1084 Neil Brown reported an issue in the Bluetooth subsystem that may permit remote attackers to overwrite memory through the creation of large numbers of sockets, resulting in a denial of service. CVE-2010-1086 Ang Way Chuang reported an issue in the DVB subsystem for Digital TV adapters. By creating a specially-encoded MPEG2-TS frame, a remote attacker could cause the receiver to enter an endless loop, resulting in a denial of service. CVE-2010-1087 Trond Myklebust reported an issue in the NFS filesystem. A local user may cause an oops by sending a fatal signal during a file truncation operation, resulting in a denial of service. CVE-2010-1088 Al Viro reported an issue where automount symlinks may not be followed when LOOKUP_FOLLOW is not set. This has an unknown security impact. CVE-2010-1162 Catalin Marinas reported an issue in the tty subsystem that allows local attackers to cause a kernel memory leak, possibly resulting in a denial of service. CVE-2010-1173 Chris Guo from Nokia China and Jukka Taimisto and Olli Jarva from Codenomicon Ltd reported an issue in the SCTP subsystem that allows a remote attacker to cause a denial of service using a malformed init package. CVE-2010-1187 Neil Hormon reported an issue in the TIPC subsystem. Local users can cause a denial of service by way of a NULL pointer dereference by sending datagrams through AF_TIPC before entering network mode. CVE-2010-1437 Toshiyuki Okajima reported a race condition in the keyring subsystem. Local users can cause memory corruption via keyctl commands that access a keyring in the process of being deleted, resulting in a denial of service. CVE-2010-1446 Wufei reported an issue with kgdb on the PowerPC architecture, allowing local users to write to kernel memory. Note: this issue does not affect binary kernels provided by Debian. The fix is provided for the benefit of users who build their own kernels from Debian source. CVE-2010-1451 Brad Spengler reported an issue on the SPARC architecture that allows local users to execute non-executable pages. This update also includes fixes a regression introduced by a previous update. See the referenced Debian bug page for details. For the stable distribution, these problems have been fixed in version 2.6.26-22lenny1. We recommend that you upgrade your linux-2.6 and user-mode-linux packages. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 5.0 user-mode-linux 2.6.26-1um-2+22lenny1
Family: unix Class: patch
Reference(s): DSA-2053-1
CVE-2009-4537
CVE-2010-0727
CVE-2010-1083
CVE-2010-1084
CVE-2010-1086
CVE-2010-1087
CVE-2010-1088
CVE-2010-1162
CVE-2010-1173
CVE-2010-1187
CVE-2010-1437
CVE-2010-1446
CVE-2010-1451
 Version: 5
Platform(s): Debian GNU/Linux 5.0
 Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19780
 
Oval ID: oval:org.mitre.oval:def:19780
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1437
 Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19844
 
Oval ID: oval:org.mitre.oval:def:19844
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1641
 Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20153
 
Oval ID: oval:org.mitre.oval:def:20153
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors.
Family: unix Class: vulnerability
Reference(s): CVE-2010-2492
 Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20502
 
Oval ID: oval:org.mitre.oval:def:20502
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2_quota struct occupies two separate pages, which allows local users to cause a denial of service (kernel panic) via certain manipulations that cause an out-of-bounds write, as demonstrated by writing from an ext3 file system to a gfs2 file system.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1436
 Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20536
 
Oval ID: oval:org.mitre.oval:def:20536
Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1173
 Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21967
 
Oval ID: oval:org.mitre.oval:def:21967
Title: RHSA-2010:0504: kernel security and bug fix update (Important)
Description: The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.
Family: unix Class: patch
Reference(s): RHSA-2010:0504-01
CESA-2010:0504
CVE-2010-0291
CVE-2010-0622
CVE-2010-1087
CVE-2010-1088
CVE-2010-1173
CVE-2010-1187
CVE-2010-1436
CVE-2010-1437
CVE-2010-1641
 Version: 120
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22795
 
Oval ID: oval:org.mitre.oval:def:22795
Title: ELSA-2010:0504: kernel security and bug fix update (Important)
Description: The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.
Family: unix Class: patch
Reference(s): ELSA-2010:0504-01
CVE-2010-0291
CVE-2010-0622
CVE-2010-1087
CVE-2010-1088
CVE-2010-1173
CVE-2010-1187
CVE-2010-1436
CVE-2010-1437
CVE-2010-1641
 Version: 41
Platform(s): Oracle Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28120
 
Oval ID: oval:org.mitre.oval:def:28120
Title: DEPRECATED: ELSA-2010-0504 -- kernel security and bug fix update (important)
Description: [2.6.18-194.8.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enahance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919]
Family: unix Class: patch
Reference(s): ELSA-2010-0504
CVE-2010-0291
CVE-2010-0622
CVE-2010-1087
CVE-2010-1088
CVE-2010-1173
CVE-2010-1187
CVE-2010-1436
CVE-2010-1437
CVE-2010-1641
 Version: 4
Platform(s): Oracle Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9715
 
Oval ID: oval:org.mitre.oval:def:9715
Title: Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function.
Description: Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1437
 Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9916
 
Oval ID: oval:org.mitre.oval:def:9916
Title: The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.
Description: The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1641
 Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 3
Application 3
Application 4
Application 3
Application 3
Application 2
Application 1
Os 1
Os 1317
Os 1
Os 1
Os 1
Os 1
Os 2

ExploitDB Exploits

id Description
2010-08-09 Linux Kernel <= 2.6.33.3 SCTP INIT Remote DoS

OpenVAS Exploits

Date Description
2012-06-05 Name : RedHat Update for kernel RHSA-2011:0007-01
File : nvt/gb_RHSA-2011_0007-01_kernel.nasl
2012-03-16 Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe...
File : nvt/gb_VMSA-2011-0003.nasl
2012-03-16 Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX...
File : nvt/gb_VMSA-2011-0012.nasl
2012-03-15 Name : VMSA-2010-0016 VMware ESXi and ESX third party updates for Service Console an...
File : nvt/gb_VMSA-2010-0016.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2010:0504 centos5 i386
File : nvt/gb_CESA-2010_0504_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2010:0723 centos5 i386
File : nvt/gb_CESA-2010_0723_kernel_centos5_i386.nasl
2011-06-24 Name : Fedora Update for kernel FEDORA-2011-6447
File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl
2011-04-22 Name : SuSE Update for kernel SUSE-SA:2011:017
File : nvt/gb_suse_2011_017.nasl
2011-03-15 Name : Fedora Update for kernel FEDORA-2011-2134
File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl
2010-12-28 Name : Fedora Update for kernel FEDORA-2010-18983
File : nvt/gb_fedora_2010_18983_kernel_fc13.nasl
2010-12-23 Name : Fedora Update for kernel FEDORA-2010-18506
File : nvt/gb_fedora_2010_18506_kernel_fc13.nasl
2010-12-09 Name : Fedora Update for kernel FEDORA-2010-18432
File : nvt/gb_fedora_2010_18432_kernel_fc12.nasl
2010-10-19 Name : Mandriva Update for kernel MDVSA-2010:198 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_198.nasl
2010-10-10 Name : Debian Security Advisory DSA 2110-1 (linux-2.6)
File : nvt/deb_2110_1.nasl
2010-10-01 Name : RedHat Update for kernel RHSA-2010:0723-01
File : nvt/gb_RHSA-2010_0723-01_kernel.nasl
2010-10-01 Name : SuSE Update for kernel SUSE-SA:2010:046
File : nvt/gb_suse_2010_046.nasl
2010-09-27 Name : Mandriva Update for kernel MDVSA-2010:172 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_172.nasl
2010-09-27 Name : Mandriva Update for kernel MDVSA-2010:188 (kernel)
File : nvt/gb_mandriva_MDVSA_2010_188.nasl
2010-09-22 Name : Fedora Update for kernel FEDORA-2010-14878
File : nvt/gb_fedora_2010_14878_kernel_fc12.nasl
2010-09-22 Name : Fedora Update for kernel FEDORA-2010-14890
File : nvt/gb_fedora_2010_14890_kernel_fc13.nasl
2010-09-10 Name : Fedora Update for kernel FEDORA-2010-14235
File : nvt/gb_fedora_2010_14235_kernel_fc13.nasl
2010-09-07 Name : Fedora Update for kernel FEDORA-2010-13903
File : nvt/gb_fedora_2010_13903_kernel_fc12.nasl
2010-08-30 Name : Fedora Update for kernel FEDORA-2010-13110
File : nvt/gb_fedora_2010_13110_kernel_fc12.nasl
2010-08-30 Name : Fedora Update for kernel FEDORA-2010-13058
File : nvt/gb_fedora_2010_13058_kernel_fc13.nasl
2010-08-30 Name : CentOS Update for kernel CESA-2010:0474 centos4 i386
File : nvt/gb_CESA-2010_0474_kernel_centos4_i386.nasl
2010-08-06 Name : Fedora Update for kernel FEDORA-2010-11462
File : nvt/gb_fedora_2010_11462_kernel_fc13.nasl
2010-08-06 Name : Fedora Update for kernel FEDORA-2010-11412
File : nvt/gb_fedora_2010_11412_kernel_fc12.nasl
2010-08-06 Name : Ubuntu Update for Linux kernel vulnerabilities USN-966-1
File : nvt/gb_ubuntu_USN_966_1.nasl
2010-07-23 Name : SuSE Update for kernel SUSE-SA:2010:031
File : nvt/gb_suse_2010_031.nasl
2010-07-16 Name : Fedora Update for kernel FEDORA-2010-10880
File : nvt/gb_fedora_2010_10880_kernel_fc12.nasl
2010-07-12 Name : Fedora Update for kernel FEDORA-2010-10876
File : nvt/gb_fedora_2010_10876_kernel_fc13.nasl
2010-07-02 Name : RedHat Update for kernel RHSA-2010:0504-01
File : nvt/gb_RHSA-2010_0504-01_kernel.nasl
2010-06-18 Name : Fedora Update for kernel FEDORA-2010-9209
File : nvt/gb_fedora_2010_9209_kernel_fc12.nasl
2010-06-18 Name : RedHat Update for kernel RHSA-2010:0474-01
File : nvt/gb_RHSA-2010_0474-01_kernel.nasl
2010-06-07 Name : Fedora Update for kernel FEDORA-2010-9183
File : nvt/gb_fedora_2010_9183_kernel_fc13.nasl
2010-06-03 Name : Debian Security Advisory DSA 2053-1 (linux-2.6)
File : nvt/deb_2053_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
67893 Linux Kernel eCryptfs Subsystem fs/ecryptfs/messaging.c ecryptfs_uid_hash Mac...
65535 Linux Kernel btrfs fs/btrfs/acl.c btrfs_xattr_set_acl Function Arbitrary ACL ...
65244 Linux Kernel fs/btrfs/ioctl.c btrfs_ioctl_clone Function Write-only File Desc...
65136 Linux Kernel mm/shmem.c knfsd shmemfs Object Export DoS
65066 Linux Kernel fs/gfs2/file.c do_gfs2_set_flags Function SETFLAGS IOCTL Request...
64865 Linux Kernel gfs2 gfs2_quota Struct Out-of-bounds Write Local DoS
64631 Linux Kernel on SPARC arch/sparc/kernel/tsb.S TSB I-TLB Non-executable Stack ...
64557 Linux Kernel net/sctp/sm_make_chunk.c sctp_process_unk_param Function SCTPChu...
64549 Linux Kernel security/keys/keyring.c find_keyring_by_name Function Race Condi...

Information Assurance Vulnerability Management (IAVM)

Date Description
2011-10-27 IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi
Severity : Category I - VMSKEY : V0030545
2011-05-12 IAVM : 2011-A-0066 - Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0027158

Snort® IPS/IDS

Date Description
2014-01-10 Linux kernel sctp_process_unk_param SCTPChunkInit buffer overflow attempt
RuleID : 16724 - Revision : 7 - Type : OS-LINUX

Nessus® Vulnerability Scanner

Date Description
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0003_remote.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0007.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0723.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0504.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0474.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0723.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100701_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100615_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7384.nasl - Type : ACT_GATHER_INFO
2011-10-14 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO
2011-03-25 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7381.nasl - Type : ACT_GATHER_INFO
2011-02-14 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0003.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100721.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100618.nasl - Type : ACT_GATHER_INFO
2011-01-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0007.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-100709.nasl - Type : ACT_GATHER_INFO
2010-11-16 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2010-0016.nasl - Type : ACT_GATHER_INFO
2010-10-08 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-198.nasl - Type : ACT_GATHER_INFO
2010-10-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0723.nasl - Type : ACT_GATHER_INFO
2010-09-24 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-100921.nasl - Type : ACT_GATHER_INFO
2010-09-24 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-188.nasl - Type : ACT_GATHER_INFO
2010-09-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2110.nasl - Type : ACT_GATHER_INFO
2010-09-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-172.nasl - Type : ACT_GATHER_INFO
2010-08-24 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0474.nasl - Type : ACT_GATHER_INFO
2010-08-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-966-1.nasl - Type : ACT_GATHER_INFO
2010-07-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0504.nasl - Type : ACT_GATHER_INFO
2010-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-100709.nasl - Type : ACT_GATHER_INFO
2010-07-14 Name : The remote Fedora host is missing a security update.
File : fedora_2010-10880.nasl - Type : ACT_GATHER_INFO
2010-07-13 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0504.nasl - Type : ACT_GATHER_INFO
2010-07-09 Name : The remote Fedora host is missing a security update.
File : fedora_2010-10876.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-9209.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-9183.nasl - Type : ACT_GATHER_INFO
2010-06-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0474.nasl - Type : ACT_GATHER_INFO
2010-05-26 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2053.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 12:06:58
  • Multiple Updates