Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title ESX 3.5 third party update for Service Console kernel
Informations
Name VMSA-2010-0010 First vendor Publication 2010-06-24
Vendor VMware Last vendor Modification 2010-06-24
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

a. Service Console update for COS kernel

The service console package kernel is updated to version 2.4.21-63.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-5029, CVE-2008-5300, CVE-2009-1337, CVE-2009-1385, CVE-2009-1895, CVE-2009-2848, CVE-2009-3002, and CVE-2009-3547 to the security issues fixed in kernel-2.4.21-63.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-2698, CVE-2009-2692 to the security issues fixed in kernel-2.4.21-60.

Original Source

Url : http://www.vmware.com/security/advisories/VMSA-2010-0010.html

CWE : Common Weakness Enumeration

% Id Name
20 % CWE-476 NULL Pointer Dereference
10 % CWE-672 Operation on a Resource after Expiration or Release
10 % CWE-399 Resource Management Errors
10 % CWE-362 Race Condition
10 % CWE-269 Improper Privilege Management
10 % CWE-264 Permissions, Privileges, and Access Controls
10 % CWE-200 Information Exposure
10 % CWE-189 Numeric Errors (CWE/SANS Top 25)
10 % CWE-16 Configuration

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10283
 
Oval ID: oval:org.mitre.oval:def:10283
Title: Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.
Description: Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5300
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10919
 
Oval ID: oval:org.mitre.oval:def:10919
Title: Service Console update for COS kernel
Description: The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1337
 Version: 3
Platform(s): VMWare ESX Server 3.5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11206
 
Oval ID: oval:org.mitre.oval:def:11206
Title: The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.
Description: The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1337
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11412
 
Oval ID: oval:org.mitre.oval:def:11412
Title: Service Console update for COS kernel
Description: The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2848
 Version: 3
Platform(s): VMWare ESX Server 3.5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11427
 
Oval ID: oval:org.mitre.oval:def:11427
Title: Service Console update for COS kernel
Description: Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5300
 Version: 3
Platform(s): VMWare ESX Server 3.5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11513
 
Oval ID: oval:org.mitre.oval:def:11513
Title: Service Console update for COS kernel
Description: Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3547
 Version: 3
Platform(s): VMWare ESX Server 3.5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11514
 
Oval ID: oval:org.mitre.oval:def:11514
Title: Service Console update for COS kernel
Description: The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2698
 Version: 3
Platform(s): VMWare ESX Server 3.5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11526
 
Oval ID: oval:org.mitre.oval:def:11526
Title: Service Console update for COS kernel
Description: The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2692
 Version: 3
Platform(s): VMWare ESX Server 3.5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11591
 
Oval ID: oval:org.mitre.oval:def:11591
Title: The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
Description: The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2692
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11598
 
Oval ID: oval:org.mitre.oval:def:11598
Title: Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.
Description: Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1385
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11611
 
Oval ID: oval:org.mitre.oval:def:11611
Title: The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to the atalk_getname function in net/appletalk/ddp.c; (2) an AF_IRDA socket, related to the irda_getname function in net/irda/af_irda.c; (3) an AF_ECONET socket, related to the econet_getname function in net/econet/af_econet.c; (4) an AF_NETROM socket, related to the nr_getname function in net/netrom/af_netrom.c; (5) an AF_ROSE socket, related to the rose_getname function in net/rose/af_rose.c; or (6) a raw CAN socket, related to the raw_getname function in net/can/raw.c.
Description: The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to the atalk_getname function in net/appletalk/ddp.c; (2) an AF_IRDA socket, related to the irda_getname function in net/irda/af_irda.c; (3) an AF_ECONET socket, related to the econet_getname function in net/econet/af_econet.c; (4) an AF_NETROM socket, related to the nr_getname function in net/netrom/af_netrom.c; (5) an AF_ROSE socket, related to the rose_getname function in net/rose/af_rose.c; or (6) a raw CAN socket, related to the raw_getname function in net/can/raw.c.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3002
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11681
 
Oval ID: oval:org.mitre.oval:def:11681
Title: Service Console update for COS kernel
Description: Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1385
 Version: 3
Platform(s): VMWare ESX Server 3.5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11694
 
Oval ID: oval:org.mitre.oval:def:11694
Title: Service Console update for COS kernel
Description: The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5029
 Version: 3
Platform(s): VMWare ESX Server 3.5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11741
 
Oval ID: oval:org.mitre.oval:def:11741
Title: Service Console update for COS kernel
Description: The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to the atalk_getname function in net/appletalk/ddp.c; (2) an AF_IRDA socket, related to the irda_getname function in net/irda/af_irda.c; (3) an AF_ECONET socket, related to the econet_getname function in net/econet/af_econet.c; (4) an AF_NETROM socket, related to the nr_getname function in net/netrom/af_netrom.c; (5) an AF_ROSE socket, related to the rose_getname function in net/rose/af_rose.c; or (6) a raw CAN socket, related to the raw_getname function in net/can/raw.c.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3002
 Version: 3
Platform(s): VMWare ESX Server 3.5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11768
 
Oval ID: oval:org.mitre.oval:def:11768
Title: Service Console update for COS kernel
Description: The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to (1) conduct NULL pointer dereference attacks, (2) bypass the mmap_min_addr protection mechanism, or (3) defeat address space layout randomization (ASLR).
Family: unix Class: vulnerability
Reference(s): CVE-2009-1895
 Version: 3
Platform(s): VMWare ESX Server 3.5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13563
 
Oval ID: oval:org.mitre.oval:def:13563
Title: DSA-1862-1 linux-2.6 -- privilege escalation
Description: A vulnerability has been discovered in the Linux kernel that may lead to privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problem: CVE-2009-2692 Tavis Ormandy and Julien Tinnes discovered an issue with how the sendpage function is initialised in the proto_ops structure. Local users can exploit this vulnerability to gain elevated privileges. For the stable distribution, this problem has been fixed in version 2.6.26-17lenny2. For the oldstable distribution, this problem will be fixed in updates to linux-2.6 and linux-2.6.24. We recommend that you upgrade your linux-2.6 and user-mode-linux packages. Note: Debian carefully tracks all known security issues across every linux kernel package in all releases under active security support. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or "leap-frog" fashion.
Family: unix Class: patch
Reference(s): DSA-1862-1
CVE-2009-2692
 Version: 5
Platform(s): Debian GNU/Linux 5.0
 Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13630
 
Oval ID: oval:org.mitre.oval:def:13630
Title: DSA-1864-1 linux-2.6.24 -- privilege escalation
Description: A vulnerability has been discovered in the Linux kernel that may lead to privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problem: CVE-2009-2692 Tavis Ormandy and Julien Tinnes discovered an issue with how the sendpage function is initialised in the proto_ops structure. Local users can exploit this vulnerability to gain elevated privileges. For the oldstable distribution, this problem has been fixed in version 2.6.24-6~etchnhalf.8etch3. We recommend that you upgrade your linux-2.6.24 packages. Note: Debian "etch" includes linux kernel packages based upon both the 2.6.18 and 2.6.24 linux releases. All known security issues are carefully tracked against both packages and both packages will receive security updates until security support for Debian "etch" concludes. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, lower severity 2.6.18 and 2.6.24 updates will typically release in a staggered or "leap-frog" fashion.
Family: unix Class: patch
Reference(s): DSA-1864-1
CVE-2009-2692
 Version: 5
Platform(s): Debian GNU/Linux 4.0
 Product(s): linux-2.6.24
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13654
 
Oval ID: oval:org.mitre.oval:def:13654
Title: DSA-1865-1 linux-2.6 -- denial of service/privilege escalation
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1385 Neil Horman discovered a missing fix from the e1000 network driver. A remote user may cause a denial of service by way of a kernel panic triggered by specially crafted frame sizes. CVE-2009-1389 Michael Tokarev discovered an issue in the r8169 network driver. Remote users on the same LAN may cause a denial of service by way of a kernel panic triggered by receiving a large size frame. CVE-2009-1630 Frank Filz discovered that local users may be able to execute files without execute permission when accessed via an nfs4 mount. CVE-2009-1633 Jeff Layton and Suresh Jayaraman fixed several buffer overflows in the CIFS filesystem which allow remote servers to cause memory corruption. CVE-2009-2692 Tavis Ormandy and Julien Tinnes discovered an issue with how the sendpage function is initialised in the proto_ops structure. Local users can exploit this vulnerability to gain elevated privileges. For the oldstable distribution, this problem has been fixed in version 2.6.18.dfsg.1-24etch3. We recommend that you upgrade your linux-2.6, fai-kernels, and user-mode-linux packages. Note: Debian carefully tracks all known security issues across every linux kernel package in all releases under active security support. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or "leap-frog" fashion.
Family: unix Class: patch
Reference(s): DSA-1865-1
CVE-2009-1385
CVE-2009-1389
CVE-2009-1630
CVE-2009-1633
CVE-2009-2692
 Version: 7
Platform(s): Debian GNU/Linux 4.0
 Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19922
 
Oval ID: oval:org.mitre.oval:def:19922
Title: DSA-1681-1 linux-2.6.24 - several vulnerabilities
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
Family: unix Class: patch
Reference(s): DSA-1681-1
CVE-2008-3528
CVE-2008-4554
CVE-2008-4576
CVE-2008-4618
CVE-2008-4933
CVE-2008-4934
CVE-2008-5025
CVE-2008-5029
CVE-2008-5134
CVE-2008-5182
CVE-2008-5300
 Version: 5
Platform(s): Debian GNU/Linux 4.0
 Product(s): linux-2.6.24
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19979
 
Oval ID: oval:org.mitre.oval:def:19979
Title: DSA-1687-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
Family: unix Class: patch
Reference(s): DSA-1687-1
CVE-2008-3527
CVE-2008-3528
CVE-2008-4554
CVE-2008-4576
CVE-2008-4933
CVE-2008-4934
CVE-2008-5025
CVE-2008-5029
CVE-2008-5079
CVE-2008-5182
CVE-2008-5300
 Version: 7
Platform(s): Debian GNU/Linux 4.0
 Product(s): fai-kernels
linux-2.6
user-mode-linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21793
 
Oval ID: oval:org.mitre.oval:def:21793
Title: ELSA-2009:0225: Oracle Linux 5.x.3 kernel security and bug fix update (Important)
Description: Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.
Family: unix Class: patch
Reference(s): ELSA-2009:0225-03
CVE-2008-5029
CVE-2008-5079
CVE-2008-5182
CVE-2008-5300
 Version: 21
Platform(s): Oracle Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21973
 
Oval ID: oval:org.mitre.oval:def:21973
Title: ELSA-2009:1243: Oracle Linux 5.x.4 kernel security and bug fix update (Important)
Description: The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.
Family: unix Class: patch
Reference(s): ELSA-2009:1243-03
CVE-2009-0745
CVE-2009-0746
CVE-2009-0747
CVE-2009-0748
CVE-2009-2847
CVE-2009-2848
 Version: 29
Platform(s): Oracle Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22460
 
Oval ID: oval:org.mitre.oval:def:22460
Title: ELSA-2009:1222: kernel security and bug fix update (Important)
Description: The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
Family: unix Class: patch
Reference(s): ELSA-2009:1222-02
CVE-2009-2692
CVE-2009-2698
 Version: 13
Platform(s): Oracle Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22879
 
Oval ID: oval:org.mitre.oval:def:22879
Title: ELSA-2009:0473: kernel security and bug fix update (Important)
Description: The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.
Family: unix Class: patch
Reference(s): ELSA-2009:0473-01
CVE-2008-4307
CVE-2009-0787
CVE-2009-0834
CVE-2009-1336
CVE-2009-1337
 Version: 25
Platform(s): Oracle Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28627
 
Oval ID: oval:org.mitre.oval:def:28627
Title: RHSA-2009:1222 -- kernel security and bug fix update (Important)
Description: Updated kernel packages that fix two security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system.
Family: unix Class: patch
Reference(s): RHSA-2009:1222
CESA-2009:1222-CentOS 5
CVE-2009-2692
CVE-2009-2698
 Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29153
 
Oval ID: oval:org.mitre.oval:def:29153
Title: RHSA-2009:1243 -- Red Hat Enterprise Linux 5.4 kernel security and bug fix update (Important)
Description: Updated kernel packages that fix security issues, address several hundred bugs and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 5. This is the fourth regular update. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system.
Family: unix Class: patch
Reference(s): RHSA-2009:1243
CESA-2009:1243-CentOS 5
CVE-2009-0745
CVE-2009-0746
CVE-2009-0747
CVE-2009-0748
CVE-2009-2847
CVE-2009-2848
 Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29343
 
Oval ID: oval:org.mitre.oval:def:29343
Title: RHSA-2009:0225 -- Red Hat Enterprise Linux 5.3 kernel security and bug fix update (Important)
Description: Updated kernel packages that fix three security issues, address several hundred bugs and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 5. This is the third regular update. This update has been rated as having important security impact by the Red Hat Security Response Team.
Family: unix Class: patch
Reference(s): RHSA-2009:0225
CVE-2008-5029
CVE-2008-5079
CVE-2008-5182
CVE-2008-5300
 Version: 3
Platform(s): Red Hat Enterprise Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29446
 
Oval ID: oval:org.mitre.oval:def:29446
Title: RHSA-2009:0473 -- kernel security and bug fix update (Important)
Description: Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system.
Family: unix Class: patch
Reference(s): RHSA-2009:0473
CESA-2009:0473-CentOS 5
CVE-2008-4307
CVE-2009-0787
CVE-2009-0834
CVE-2009-1336
CVE-2009-1337
 Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
 Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7608
 
Oval ID: oval:org.mitre.oval:def:7608
Title: Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability
Description: Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3547
 Version: 5
Platform(s): VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7826
 
Oval ID: oval:org.mitre.oval:def:7826
Title: VMware kernel personality subsystem vulnerability
Description: The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to (1) conduct NULL pointer dereference attacks, (2) bypass the mmap_min_addr protection mechanism, or (3) defeat address space layout randomization (ASLR).
Family: unix Class: vulnerability
Reference(s): CVE-2009-1895
 Version: 4
Platform(s): VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7970
 
Oval ID: oval:org.mitre.oval:def:7970
Title: DSA-1862 linux-2.6 -- privilege escalation
Description: A vulnerability has been discovered in the Linux kernel that may lead to privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problem: Tavis Ormandy and Julien Tinnes discovered an issue with how the sendpage function is initialised in the proto_ops structure. Local users can exploit this vulnerability to gain elevated privileges.
Family: unix Class: patch
Reference(s): DSA-1862
CVE-2009-2692
 Version: 3
Platform(s): Debian GNU/Linux 5.0
 Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7980
 
Oval ID: oval:org.mitre.oval:def:7980
Title: DSA-1681 linux-2.6.24 -- denial of service/privilege escalation
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: Eugene Teo reported a local DoS issue in the ext2 and ext3 filesystems. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to output error messages in an infinite loop. Milos Szeredi reported that the usage of splice() on files opened with O_APPEND allows users to write to the file at arbitrary offsets, enabling a bypass of possible assumed semantics of the O_APPEND flag. Vlad Yasevich reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel oops. Wei Yongjun reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel panic. Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to overrun a buffer, resulting in a system oops or memory corruption. Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that results in a kernel oops due to an unchecked return value. Eric Sesterhenn reported a local DoS issue in the hfs filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a filesystem with a corrupted catalog name length, resulting in a system oops or memory corruption. Andrea Bittau reported a DoS issue in the unix socket subsystem that allows a local user to cause memory corruption, resulting in a kernel panic. Johannes Berg reported a remote DoS issue in the libertas wireless driver, which can be triggered by a specially crafted beacon/probe response. Al Viro reported race conditions in the inotify subsystem that may allow local users to acquire elevated privileges. Dann Frazier reported a DoS condition that allows local users to cause the out of memory handler to kill off privileged processes or trigger soft lockups due to a starvation issue in the unix socket subsystem.
Family: unix Class: patch
Reference(s): DSA-1681
CVE-2008-3528
CVE-2008-4554
CVE-2008-4576
CVE-2008-4618
CVE-2008-4933
CVE-2008-4934
CVE-2008-5025
CVE-2008-5029
CVE-2008-5134
CVE-2008-5182
CVE-2008-5300
 Version: 3
Platform(s): Debian GNU/Linux 4.0
 Product(s): linux-2.6.24
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7993
 
Oval ID: oval:org.mitre.oval:def:7993
Title: DSA-1865 linux-2.6 -- denial of service/privilege escalation
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: Neil Horman discovered a missing fix from the e1000 network driver. A remote user may cause a denial of service by way of a kernel panic triggered by specially crafted frame sizes. Michael Tokarev discovered an issue in the r8169 network driver. Remote users on the same LAN may cause a denial of service by way of a kernel panic triggered by receiving a large size frame. Frank Filz discovered that local users may be able to execute files without execute permission when accessed via an nfs4 mount. Jeff Layton and Suresh Jayaraman fixed several buffer overflows in the CIFS filesystem which allow remote servers to cause memory corruption. Tavis Ormandy and Julien Tinnes discovered an issue with how the sendpage function is initialised in the proto_ops structure. Local users can exploit this vulnerability to gain elevated privileges.
Family: unix Class: patch
Reference(s): DSA-1865
CVE-2009-1385
CVE-2009-1389
CVE-2009-1630
CVE-2009-1633
CVE-2009-2692
 Version: 5
Platform(s): Debian GNU/Linux 4.0
 Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8131
 
Oval ID: oval:org.mitre.oval:def:8131
Title: DSA-1864 linux-2.6.24 -- privilege escalation
Description: A vulnerability has been discovered in the Linux kernel that may lead to privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problem: Tavis Ormandy and Julien Tinnes discovered an issue with how the sendpage function is initialised in the proto_ops structure. Local users can exploit this vulnerability to gain elevated privileges.
Family: unix Class: patch
Reference(s): DSA-1864
CVE-2009-2692
 Version: 3
Platform(s): Debian GNU/Linux 4.0
 Product(s): linux-2.6.24
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8144
 
Oval ID: oval:org.mitre.oval:def:8144
Title: DSA-1687 linux-2.6 -- denial of service/privilege escalation
Description: Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: Tavis Ormandy reported a local DoS and potential privilege escalation in the Virtual Dynamic Shared Objects (vDSO) implementation. Eugene Teo reported a local DoS issue in the ext2 and ext3 filesystems. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to output error messages in an infinite loop. Milos Szeredi reported that the usage of splice() on files opened with O_APPEND allows users to write to the file at arbitrary offsets, enabling a bypass of possible assumed semantics of the O_APPEND flag. Vlad Yasevich reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel oops. Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to overrun a buffer, resulting in a system oops or memory corruption. Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that results in a kernel oops due to an unchecked return value. Eric Sesterhenn reported a local DoS issue in the hfs filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a filesystem with a corrupted catalog name length, resulting in a system oops or memory corruption. Andrea Bittau reported a DoS issue in the unix socket subsystem that allows a local user to cause memory corruption, resulting in a kernel panic. Hugo Dias reported a DoS condition in the ATM subsystem that can be triggered by a local user by calling the svc_listen function twice on the same socket and reading /proc/net/atm/*vc. Al Viro reported race conditions in the inotify subsystem that may allow local users to acquire elevated privileges. Dann Frazier reported a DoS condition that allows local users to cause the out of memory handler to kill off privileged processes or trigger soft lockups due to a starvation issue in the unix socket subsystem.
Family: unix Class: patch
Reference(s): DSA-1687
CVE-2008-3527
CVE-2008-3528
CVE-2008-4554
CVE-2008-4576
CVE-2008-4933
CVE-2008-4934
CVE-2008-5025
CVE-2008-5029
CVE-2008-5079
CVE-2008-5182
CVE-2008-5300
 Version: 5
Platform(s): Debian GNU/Linux 4.0
 Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8295
 
Oval ID: oval:org.mitre.oval:def:8295
Title: VMware kernel exit_notify function vulnerability
Description: The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1337
 Version: 4
Platform(s): VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8340
 
Oval ID: oval:org.mitre.oval:def:8340
Title: VMware kernel integer underflow vulnerability in e1000_clean_rx_irq function
Description: Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.
Family: unix Class: vulnerability
Reference(s): CVE-2009-1385
 Version: 4
Platform(s): VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8557
 
Oval ID: oval:org.mitre.oval:def:8557
Title: VMware kernel udp_sendmsg function vulnerability
Description: The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2698
 Version: 4
Platform(s): VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8598
 
Oval ID: oval:org.mitre.oval:def:8598
Title: VMware kernel execve function vulnerability
Description: The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2848
 Version: 4
Platform(s): VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8657
 
Oval ID: oval:org.mitre.oval:def:8657
Title: VMware kernel NULL pointer dereference vulnerability
Description: The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2692
 Version: 4
Platform(s): VMWare ESX Server 4.0
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9142
 
Oval ID: oval:org.mitre.oval:def:9142
Title: The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
Description: The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2698
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9327
 
Oval ID: oval:org.mitre.oval:def:9327
Title: Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
Description: Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3547
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9453
 
Oval ID: oval:org.mitre.oval:def:9453
Title: The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to (1) conduct NULL pointer dereference attacks, (2) bypass the mmap_min_addr protection mechanism, or (3) defeat address space layout randomization (ASLR).
Description: The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to (1) conduct NULL pointer dereference attacks, (2) bypass the mmap_min_addr protection mechanism, or (3) defeat address space layout randomization (ASLR).
Family: unix Class: vulnerability
Reference(s): CVE-2009-1895
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9558
 
Oval ID: oval:org.mitre.oval:def:9558
Title: The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.
Description: The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.
Family: unix Class: vulnerability
Reference(s): CVE-2008-5029
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9766
 
Oval ID: oval:org.mitre.oval:def:9766
Title: The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current-clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.
Description: The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2848
 Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 22
Application 2
Application 1
Application 1
Application 1
Application 1
Os 7
Os 2
Os 2
Os 1198
Os 1
Os 2
Os 3
Os 3
Os 3
Os 1
Os 3
Os 1
Os 1
Os 2
Os 1
Os 1
Os 1
Os 1

ExploitDB Exploits

id Description
2009-09-02 Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit
2009-09-02 Linux Kernel < 2.6.19 udp_sendmsg Local Root Exploit (x86/x64)
2009-08-31 Linux Kernel < 2.6.31-rc7 AF_IRDA 29-Byte Stack Disclosure Exploit
2009-08-31 Linux Kernel 2.6 < 2.6.19 (32bit) ip_append_data() ring0 Root Exploit
2009-08-24 Linux Kernel 2.4/2.6 - sock_sendpage() ring0 Root Exploit (simple ver)
2009-08-18 Linux Kernel 2.x sock_sendpage() Local Root Exploit (Android Edition)

OpenVAS Exploits

Date Description
2012-04-16 Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates
File : nvt/gb_VMSA-2010-0009.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:0014 centos4 i386
File : nvt/gb_CESA-2009_0014_kernel_centos4_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:0473 centos5 i386
File : nvt/gb_CESA-2009_0473_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:1193 centos5 i386
File : nvt/gb_CESA-2009_1193_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:1222 centos5 i386
File : nvt/gb_CESA-2009_1222_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:1223 centos4 i386
File : nvt/gb_CESA-2009_1223_kernel_centos4_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:1233 centos3 i386
File : nvt/gb_CESA-2009_1233_kernel_centos3_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:1243 centos5 i386
File : nvt/gb_CESA-2009_1243_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:1438 centos4 i386
File : nvt/gb_CESA-2009_1438_kernel_centos4_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:1541 centos4 i386
File : nvt/gb_CESA-2009_1541_kernel_centos4_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:1548 centos5 i386
File : nvt/gb_CESA-2009_1548_kernel_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kernel CESA-2009:1550 centos3 i386
File : nvt/gb_CESA-2009_1550_kernel_centos3_i386.nasl
2010-03-02 Name : Fedora Update for kernel FEDORA-2010-0919
File : nvt/gb_fedora_2010_0919_kernel_fc11.nasl
2010-03-02 Name : Fedora Update for kernel FEDORA-2010-1500
File : nvt/gb_fedora_2010_1500_kernel_fc11.nasl
2010-03-02 Name : Fedora Update for kernel FEDORA-2010-1804
File : nvt/gb_fedora_2010_1804_kernel_fc11.nasl
2010-02-19 Name : SuSE Update for kernel SUSE-SA:2010:012
File : nvt/gb_suse_2010_012.nasl
2010-01-15 Name : SuSE Update for kernel SUSE-SA:2010:001
File : nvt/gb_suse_2010_001.nasl
2009-12-30 Name : Fedora Core 11 FEDORA-2009-13694 (kernel)
File : nvt/fcore_2009_13694.nasl
2009-12-14 Name : Fedora Core 10 FEDORA-2009-13098 (kernel)
File : nvt/fcore_2009_13098.nasl
2009-12-10 Name : Fedora Core 11 FEDORA-2009-12786 (kernel)
File : nvt/fcore_2009_12786.nasl
2009-12-10 Name : SuSE Security Advisory SUSE-SA:2009:060 (kernel)
File : nvt/suse_sa_2009_060.nasl
2009-12-03 Name : SLES11: Security update for Linux kernel
File : nvt/sles11_ext4dev-kmp-def4.nasl
2009-11-23 Name : Mandriva Security Advisory MDVSA-2009:301 (kernel)
File : nvt/mdksa_2009_301.nasl
2009-11-17 Name : SLES10: Security update for Linux kernel
File : nvt/sles10_kernel9.nasl
2009-11-17 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5062456.nasl
2009-11-11 Name : RedHat Security Advisory RHSA-2009:1540
File : nvt/RHSA_2009_1540.nasl
2009-11-11 Name : RedHat Security Advisory RHSA-2009:1541
File : nvt/RHSA_2009_1541.nasl
2009-11-11 Name : RedHat Security Advisory RHSA-2009:1548
File : nvt/RHSA_2009_1548.nasl
2009-11-11 Name : RedHat Security Advisory RHSA-2009:1550
File : nvt/RHSA_2009_1550.nasl
2009-11-11 Name : Debian Security Advisory DSA 1927-1 (linux-2.6)
File : nvt/deb_1927_1.nasl
2009-11-11 Name : Debian Security Advisory DSA 1928-1 (linux-2.6.24)
File : nvt/deb_1928_1.nasl
2009-11-11 Name : Debian Security Advisory DSA 1929-1 (linux-2.6)
File : nvt/deb_1929_1.nasl
2009-11-11 Name : Fedora Core 11 FEDORA-2009-11032 (kernel)
File : nvt/fcore_2009_11032.nasl
2009-11-11 Name : Fedora Core 10 FEDORA-2009-11038 (kernel)
File : nvt/fcore_2009_11038.nasl
2009-11-11 Name : Mandriva Security Advisory MDVSA-2009:289 (kernel)
File : nvt/mdksa_2009_289.nasl
2009-11-11 Name : CentOS Security Advisory CESA-2009:1541 (kernel)
File : nvt/ovcesa2009_1541.nasl
2009-11-11 Name : CentOS Security Advisory CESA-2009:1548 (kernel)
File : nvt/ovcesa2009_1548.nasl
2009-11-11 Name : CentOS Security Advisory CESA-2009:1550 (kernel)
File : nvt/ovcesa2009_1550.nasl
2009-11-11 Name : SLES11: Security update for Linux kernel
File : nvt/sles11_ext4dev-kmp-def3.nasl
2009-11-11 Name : SuSE Security Advisory SUSE-SA:2009:051 (kernel)
File : nvt/suse_sa_2009_051.nasl
2009-10-27 Name : Debian Security Advisory DSA 1915-1 (linux-2.6)
File : nvt/deb_1915_1.nasl
2009-10-19 Name : Fedora Core 10 FEDORA-2009-10525 (kernel)
File : nvt/fcore_2009_10525.nasl
2009-10-13 Name : SLES10: Security update for Linux kernel
File : nvt/sles10_kernel2.nasl
2009-10-13 Name : SLES10: Security update for Linux kernel
File : nvt/sles10_kernel4.nasl
2009-10-13 Name : SLES10: Security update for Linux kernel
File : nvt/sles10_kernel5.nasl
2009-10-13 Name : SLES10: Security update for the Linux kernel
File : nvt/sles10_kernel8.nasl
2009-10-11 Name : SLES11: Security update for the Linux kernel
File : nvt/sles11_ext4dev-kmp-def0.nasl
2009-10-11 Name : SLES11: Security update for Linux kernel
File : nvt/sles11_ext4dev-kmp-def1.nasl
2009-10-11 Name : SLES11: Security update for Linux kernel
File : nvt/sles11_ext4dev-kmp-def2.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5039274.nasl
2009-10-10 Name : SLES9: Security update for the Linux kernel
File : nvt/sles9p5051763.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5055991.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5056729.nasl
2009-10-06 Name : Fedora Core 10 FEDORA-2009-10165 (kernel)
File : nvt/fcore_2009_10165.nasl
2009-09-28 Name : RedHat Security Advisory RHSA-2009:1457
File : nvt/RHSA_2009_1457.nasl
2009-09-21 Name : Mandrake Security Advisory MDVSA-2009:233 (kernel)
File : nvt/mdksa_2009_233.nasl
2009-09-21 Name : CentOS Security Advisory CESA-2009:1243 (kernel)
File : nvt/ovcesa2009_1243.nasl
2009-09-21 Name : CentOS Security Advisory CESA-2009:1438 (kernel)
File : nvt/ovcesa2009_1438.nasl
2009-09-21 Name : SuSE Security Summary SUSE-SR:2009:015
File : nvt/suse_sr_2009_015.nasl
2009-09-15 Name : RedHat Security Advisory RHSA-2009:1438
File : nvt/RHSA_2009_1438.nasl
2009-09-09 Name : RedHat Security Advisory RHSA-2009:1239
File : nvt/RHSA_2009_1239.nasl
2009-09-09 Name : RedHat Security Advisory RHSA-2009:1243
File : nvt/RHSA_2009_1243.nasl
2009-09-02 Name : RedHat Security Advisory RHSA-2009:1222
File : nvt/RHSA_2009_1222.nasl
2009-09-02 Name : RedHat Security Advisory RHSA-2009:1223
File : nvt/RHSA_2009_1223.nasl
2009-09-02 Name : RedHat Security Advisory RHSA-2009:1233
File : nvt/RHSA_2009_1233.nasl
2009-09-02 Name : Debian Security Advisory DSA 1862-1 (linux-2.6)
File : nvt/deb_1862_1.nasl
2009-09-02 Name : Debian Security Advisory DSA 1864-1 (linux-2.6.24)
File : nvt/deb_1864_1.nasl
2009-09-02 Name : Debian Security Advisory DSA 1865-1 (linux-2.6)
File : nvt/deb_1865_1.nasl
2009-09-02 Name : Debian Security Advisory DSA 1872-1 (linux-2.6)
File : nvt/deb_1872_1.nasl
2009-09-02 Name : Fedora Core 10 FEDORA-2009-8647 (kernel)
File : nvt/fcore_2009_8647.nasl
2009-09-02 Name : Fedora Core 11 FEDORA-2009-8649 (kernel)
File : nvt/fcore_2009_8649.nasl
2009-09-02 Name : Fedora Core 11 FEDORA-2009-8684 (kernel)
File : nvt/fcore_2009_8684.nasl
2009-09-02 Name : Fedora Core 11 FEDORA-2009-9044 (kernel)
File : nvt/fcore_2009_9044.nasl
2009-09-02 Name : Mandrake Security Advisory MDVSA-2009:205 (kernel)
File : nvt/mdksa_2009_205.nasl
2009-09-02 Name : CentOS Security Advisory CESA-2009:1222 (kernel)
File : nvt/ovcesa2009_1222.nasl
2009-09-02 Name : CentOS Security Advisory CESA-2009:1223 (kernel)
File : nvt/ovcesa2009_1223.nasl
2009-09-02 Name : CentOS Security Advisory CESA-2009:1233 (kernel)
File : nvt/ovcesa2009_1233.nasl
2009-09-02 Name : SuSE Security Advisory SUSE-SA:2009:045 (kernel)
File : nvt/suse_sa_2009_045.nasl
2009-08-17 Name : RedHat Security Advisory RHSA-2009:1193
File : nvt/RHSA_2009_1193.nasl
2009-08-17 Name : Debian Security Advisory DSA 1844-1 (linux-2.6.24)
File : nvt/deb_1844_1.nasl
2009-08-17 Name : Debian Security Advisory DSA 1845-1 (linux-2.6)
File : nvt/deb_1845_1.nasl
2009-08-17 Name : Fedora Core 11 FEDORA-2009-8144 (kernel)
File : nvt/fcore_2009_8144.nasl
2009-08-17 Name : Fedora Core 10 FEDORA-2009-8264 (kernel)
File : nvt/fcore_2009_8264.nasl
2009-08-17 Name : CentOS Security Advisory CESA-2009:1193 (kernel)
File : nvt/ovcesa2009_1193.nasl
2009-07-29 Name : RedHat Security Advisory RHSA-2009:1157
File : nvt/RHSA_2009_1157.nasl
2009-07-29 Name : SuSE Security Advisory SUSE-SA:2009:038 (kernel)
File : nvt/suse_sa_2009_038.nasl
2009-07-15 Name : Mandrake Security Advisory MDVSA-2009:148 (kernel)
File : nvt/mdksa_2009_148.nasl
2009-07-06 Name : RedHat Security Advisory RHSA-2009:1132
File : nvt/RHSA_2009_1132.nasl
2009-06-30 Name : Fedora Core 11 FEDORA-2009-6768 (kernel)
File : nvt/fcore_2009_6768.nasl
2009-06-30 Name : Fedora Core 9 FEDORA-2009-6846 (kernel)
File : nvt/fcore_2009_6846.nasl
2009-06-30 Name : Fedora Core 10 FEDORA-2009-6883 (kernel)
File : nvt/fcore_2009_6883.nasl
2009-06-23 Name : Mandrake Security Advisory MDVSA-2009:135 (kernel)
File : nvt/mdksa_2009_135.nasl
2009-06-09 Name : SuSE Security Advisory SUSE-SA:2009:030 (kernel)
File : nvt/suse_sa_2009_030.nasl
2009-06-09 Name : SuSE Security Advisory SUSE-SA:2009:031 (kernel)
File : nvt/suse_sa_2009_031.nasl
2009-06-09 Name : SuSE Security Advisory SUSE-SA:2009:032 (kernel)
File : nvt/suse_sa_2009_032.nasl
2009-06-05 Name : RedHat Security Advisory RHSA-2009:1077
File : nvt/RHSA_2009_1077.nasl
2009-06-05 Name : Fedora Core 10 FEDORA-2009-5356 (kernel)
File : nvt/fcore_2009_5356.nasl
2009-06-05 Name : Mandrake Security Advisory MDVSA-2009:119 (kernel)
File : nvt/mdksa_2009_119.nasl
2009-06-05 Name : Ubuntu USN-698-3 (nagios2)
File : nvt/ubuntu_698_3.nasl
2009-06-05 Name : Ubuntu USN-776-2 (kvm)
File : nvt/ubuntu_776_2.nasl
2009-05-25 Name : Debian Security Advisory DSA 1800-1 (linux-2.6)
File : nvt/deb_1800_1.nasl
2009-05-20 Name : RedHat Security Advisory RHSA-2009:1024
File : nvt/RHSA_2009_1024.nasl
2009-05-11 Name : RedHat Security Advisory RHSA-2009:0473
File : nvt/RHSA_2009_0473.nasl
2009-05-11 Name : Debian Security Advisory DSA 1794-1 (linux-2.6)
File : nvt/deb_1794_1.nasl
2009-05-11 Name : CentOS Security Advisory CESA-2009:0473 (kernel)
File : nvt/ovcesa2009_0473.nasl
2009-05-05 Name : RedHat Security Advisory RHSA-2009:0451
File : nvt/RHSA_2009_0451.nasl
2009-05-05 Name : Debian Security Advisory DSA 1787-1 (linux-2.6.24)
File : nvt/deb_1787_1.nasl
2009-04-09 Name : Mandriva Update for kernel MDVSA-2008:234 (kernel)
File : nvt/gb_mandriva_MDVSA_2008_234.nasl
2009-03-23 Name : Ubuntu Update for linux, linux-source-2.6.15/22 vulnerabilities USN-679-1
File : nvt/gb_ubuntu_USN_679_1.nasl
2009-03-02 Name : RedHat Security Advisory RHSA-2009:0021
File : nvt/RHSA_2009_0021.nasl
2009-02-13 Name : Fedora Update for kernel FEDORA-2008-11593
File : nvt/gb_fedora_2008_11593_kernel_fc10.nasl
2009-02-13 Name : Fedora Update for kernel FEDORA-2008-11618
File : nvt/gb_fedora_2008_11618_kernel_fc9.nasl
2009-02-10 Name : RedHat Security Advisory RHSA-2009:0053
File : nvt/RHSA_2009_0053.nasl
2009-02-02 Name : Mandrake Security Advisory MDVSA-2009:032 (kernel)
File : nvt/mdksa_2009_032.nasl
2009-02-02 Name : Ubuntu USN-715-1 (linux)
File : nvt/ubuntu_715_1.nasl
2009-01-26 Name : RedHat Security Advisory RHSA-2009:0009
File : nvt/RHSA_2009_0009.nasl
2009-01-26 Name : RedHat Security Advisory RHSA-2009:0225
File : nvt/RHSA_2009_0225.nasl
2009-01-26 Name : SuSE Security Advisory SUSE-SA:2009:004 (kernel)
File : nvt/suse_sa_2009_004.nasl
2009-01-20 Name : RedHat Security Advisory RHSA-2009:0014
File : nvt/RHSA_2009_0014.nasl
2009-01-20 Name : CentOS Security Advisory CESA-2009:0014 (kernel)
File : nvt/ovcesa2009_0014.nasl
2009-01-20 Name : SuSE Security Advisory SUSE-SA:2009:003 (kernel-debug)
File : nvt/suse_sa_2009_003.nasl
2008-12-23 Name : Debian Security Advisory DSA 1687-1 (linux-2.6)
File : nvt/deb_1687_1.nasl
2008-12-10 Name : Debian Security Advisory DSA 1681-1 (linux-2.6.24)
File : nvt/deb_1681_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2009-230-01 kernel
File : nvt/esoft_slk_ssa_2009_230_01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
59654 Linux Kernel fs/pipe.c Multiple Function Locking Error NULL Dereference Local...

Linux Kernel 2.6.x contains a flaw that may allow a local denial of service or privilege escalation. The issue is triggered within the "pipe_rdwr_open()", "pipe_write_open()", and "pipe_read_open()" functions in "fs/pipe.c". This can be exploited to cause a NULL pointer deference by performing certain pipe operations.
57462 Linux Kernel net/ipv*/udp.c MSG_MORE Flag Local Privilege Escalation
57428 Linux Kernel proto_ops .getname Function Arbitrary Kernel Memory Disclosure
57264 Linux Kernel execve Function current->clear_child_tid Pointer Handling Loc...
56992 Linux Kernel Multiple Protocol proto_ops() Initialization NULL Dereference Lo...

Linux kernel contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the kernel fails to initialize all function pointers for socket operations in proto_ops structures, allowing local users to trigger a null pointer dereference. This flaw may lead to a loss of integrity.
55807 Linux Kernel PER_CLEAR_ON_SETID Mask Local Security Restriction Bypass
54892 Linux Kernel e1000 drivers/net/e1000/e1000_main.c e1000_clean_rx_irq Function...
53629 Linux Kernel kernel/exit.c exit_notify() Function CAP_KILL Capability Local P...
50272 Linux Kernel sendmsg() Socket Operation Garbage Collector Local DoS
49946 Linux Kernel net/core/scm.c __scm_destroy Function SCM_RIGHTS Message Handlin...

Nessus® Vulnerability Scanner

Date Description
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0004_remote.nasl - Type : ACT_GATHER_INFO
2016-03-08 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2010-0009_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03 Name : The remote host is missing a security-related patch.
File : vmware_VMSA-2009-0016_remote.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2009-0009.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2009-0017.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2009-0023.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2009-0033.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0014.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0473.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1132.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1193.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1222.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1223.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1233.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1438.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1541.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1548.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1541.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1548.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2013-03-06 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091103_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0021.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1077.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1457.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1466.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1469.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1587.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1588.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1672.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0079.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090114_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090210_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090507_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090630_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090808_kernel_for_SL_5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090824_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090827_kernel_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091103_kernel_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091103_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5927.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-6236.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-6437.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-6460.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-6636.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-090708.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-119.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-148.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-329.nasl - Type : ACT_GATHER_INFO
2010-06-28 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0010.nasl - Type : ACT_GATHER_INFO
2010-06-01 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2010-0009.nasl - Type : ACT_GATHER_INFO
2010-03-05 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0004.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1844.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1845.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1862.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1864.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1865.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1872.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1915.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1927.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1928.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1929.nasl - Type : ACT_GATHER_INFO
2010-02-16 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_kernel-100203.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-0014.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-0473.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1193.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1222.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1243.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1438.nasl - Type : ACT_GATHER_INFO
2010-01-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_kernel-091218.nasl - Type : ACT_GATHER_INFO
2009-12-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-864-1.nasl - Type : ACT_GATHER_INFO
2009-12-03 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-091123.nasl - Type : ACT_GATHER_INFO
2009-12-01 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-091123.nasl - Type : ACT_GATHER_INFO
2009-11-23 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2009-0016.nasl - Type : ACT_GATHER_INFO
2009-11-16 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12541.nasl - Type : ACT_GATHER_INFO
2009-11-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-6632.nasl - Type : ACT_GATHER_INFO
2009-11-06 Name : The remote Fedora host is missing a security update.
File : fedora_2009-11032.nasl - Type : ACT_GATHER_INFO
2009-11-06 Name : The remote Fedora host is missing a security update.
File : fedora_2009-11038.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1541.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1548.nasl - Type : ACT_GATHER_INFO
2009-11-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO
2009-11-03 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-091015.nasl - Type : ACT_GATHER_INFO
2009-11-02 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-091016.nasl - Type : ACT_GATHER_INFO
2009-10-28 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-289.nasl - Type : ACT_GATHER_INFO
2009-10-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-852-1.nasl - Type : ACT_GATHER_INFO
2009-10-06 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-6440.nasl - Type : ACT_GATHER_INFO
2009-10-05 Name : The remote Fedora host is missing a security update.
File : fedora_2009-10165.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12487.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-090527.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-090704.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-090709.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-090816.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-5924.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-6237.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-6439.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-6453.nasl - Type : ACT_GATHER_INFO
2009-09-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1438.nasl - Type : ACT_GATHER_INFO
2009-09-15 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-233.nasl - Type : ACT_GATHER_INFO
2009-09-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1243.nasl - Type : ACT_GATHER_INFO
2009-08-31 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1233.nasl - Type : ACT_GATHER_INFO
2009-08-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1233.nasl - Type : ACT_GATHER_INFO
2009-08-27 Name : The remote Fedora host is missing a security update.
File : fedora_2009-9044.nasl - Type : ACT_GATHER_INFO
2009-08-27 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_kernel-090814.nasl - Type : ACT_GATHER_INFO
2009-08-27 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-090816.nasl - Type : ACT_GATHER_INFO
2009-08-25 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1223.nasl - Type : ACT_GATHER_INFO
2009-08-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1222.nasl - Type : ACT_GATHER_INFO
2009-08-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1223.nasl - Type : ACT_GATHER_INFO
2009-08-20 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-230-01.nasl - Type : ACT_GATHER_INFO
2009-08-20 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-205.nasl - Type : ACT_GATHER_INFO
2009-08-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-819-1.nasl - Type : ACT_GATHER_INFO
2009-08-18 Name : The remote Fedora host is missing a security update.
File : fedora_2009-8647.nasl - Type : ACT_GATHER_INFO
2009-08-18 Name : The remote Fedora host is missing a security update.
File : fedora_2009-8649.nasl - Type : ACT_GATHER_INFO
2009-08-05 Name : The remote Fedora host is missing a security update.
File : fedora_2009-8144.nasl - Type : ACT_GATHER_INFO
2009-08-05 Name : The remote Fedora host is missing a security update.
File : fedora_2009-8264.nasl - Type : ACT_GATHER_INFO
2009-08-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1193.nasl - Type : ACT_GATHER_INFO
2009-07-29 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-807-1.nasl - Type : ACT_GATHER_INFO
2009-07-24 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-090709.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_kernel-090114.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_kernel-090602.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kernel-090527.nasl - Type : ACT_GATHER_INFO
2009-07-02 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-793-1.nasl - Type : ACT_GATHER_INFO
2009-07-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1132.nasl - Type : ACT_GATHER_INFO
2009-06-25 Name : The remote Fedora host is missing a security update.
File : fedora_2009-6768.nasl - Type : ACT_GATHER_INFO
2009-06-25 Name : The remote Fedora host is missing a security update.
File : fedora_2009-6846.nasl - Type : ACT_GATHER_INFO
2009-06-25 Name : The remote Fedora host is missing a security update.
File : fedora_2009-6883.nasl - Type : ACT_GATHER_INFO
2009-06-18 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-135.nasl - Type : ACT_GATHER_INFO
2009-06-09 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-6274.nasl - Type : ACT_GATHER_INFO
2009-05-26 Name : The remote Fedora host is missing a security update.
File : fedora_2009-5356.nasl - Type : ACT_GATHER_INFO
2009-05-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1024.nasl - Type : ACT_GATHER_INFO
2009-05-18 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1800.nasl - Type : ACT_GATHER_INFO
2009-05-11 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1794.nasl - Type : ACT_GATHER_INFO
2009-05-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0473.nasl - Type : ACT_GATHER_INFO
2009-05-04 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1787.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Fedora host is missing a security update.
File : fedora_2008-11593.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-234.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-032.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-679-1.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-714-1.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-715-1.nasl - Type : ACT_GATHER_INFO
2009-01-22 Name : The remote openSUSE host is missing a security update.
File : suse_kernel-5920.nasl - Type : ACT_GATHER_INFO
2009-01-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0225.nasl - Type : ACT_GATHER_INFO
2009-01-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0014.nasl - Type : ACT_GATHER_INFO
2008-12-26 Name : The remote Fedora host is missing a security update.
File : fedora_2008-11618.nasl - Type : ACT_GATHER_INFO
2008-12-16 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1687.nasl - Type : ACT_GATHER_INFO
2008-12-05 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1681.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 12:07:16
  • Multiple Updates