Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | VMware ESXi and ESX updates to third party libraries and ESX Service Console |
| Informations | |||
|---|---|---|---|
| Name | VMSA-2011-0012 | First vendor Publication | 2011-10-12 |
| Vendor | VMware | Last vendor Modification | 2012-03-08 |
| Severity (Vendor) | N/A | Revision | 3 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:S/C:C/I:C/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 7.9 | Attack Range | Network |
| Cvss Impact Score | 9.2 | Attack Complexity | Medium |
| Cvss Expoit Score | 6.8 | Authentication | Requires single instance |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| a. ESX third party update for Service Console kernel This update takes the console OS kernel package to kernel-2.6.18-238.9.1 which resolves multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1083, CVE-2010-2492, CVE-2010-2798, CVE-2010-2938, CVE-2010-2942, CVE-2010-2943, CVE-2010-3015, CVE-2010-3066, CVE-2010-3067, CVE-2010-3078, CVE-2010-3086, CVE-2010-3296, CVE-2010-3432, CVE-2010-3442, CVE-2010-3477, CVE-2010-3699, CVE-2010-3858, CVE-2010-3859, CVE-2010-3865, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-3904, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4081, CVE-2010-4083, CVE-2010-4157, CVE-2010-4158, CVE-2010-4161, CVE-2010-4238, CVE-2010-4242, CVE-2010-4243, CVE-2010-4247, CVE-2010-4248, CVE-2010-4249, CVE-2010-4251, CVE-2010-4255, CVE-2010-4263, CVE-2010-4343, CVE-2010-4346, CVE-2010-4526, CVE-2010-4655, CVE-2011-0521, CVE-2011-0710, CVE-2011-1010, CVE-2011-1090 and CVE-2011-1478 to these issues. b. ESX third party update for Service Console krb5 RPMs This patch updates the krb5-libs and krb5-workstation RPMs of the console OS to version 1.6.1-55.el5_6.1, which resolves multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1323, CVE-2011-0281, and CVE-2011-0282 to these issues. c. ESXi and ESX update to third party component glibc The glibc third-party library is updated to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-0296, CVE-2011-0536, CVE-2011-1071, CVE-2011-1095, CVE-2011-1658, and CVE-2011-1659 to these issues. d. ESX update to third party drivers mptsas, mpt2sas, and mptspi The mptsas, mpt2sas, and mptspi drivers are updated which addresses multiple security issues in the mpt2sas driver. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-1494 and CVE-2011-1495 to these issues. |
Original Source
| Url : http://www.vmware.com/security/advisories/VMSA-2011-0012.html |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 18 % | CWE-200 | Information Exposure |
| 14 % | CWE-399 | Resource Management Errors |
| 8 % | CWE-476 | NULL Pointer Dereference |
| 8 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 8 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
| 8 % | CWE-20 | Improper Input Validation |
| 6 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 6 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
| 4 % | CWE-665 | Improper Initialization |
| 4 % | CWE-362 | Race Condition |
| 4 % | CWE-310 | Cryptographic Issues |
| 4 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
| 2 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
| 2 % | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory Leak') |
| 2 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:10831 | |||
| Oval ID: | oval:org.mitre.oval:def:10831 | ||
| Title: | The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensitive information (kernel memory). | ||
| Description: | The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensitive information (kernel memory). | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-1083 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12121 | |||
| Oval ID: | oval:org.mitre.oval:def:12121 | ||
| Title: | HP-UX Running Kerberos, Remote Unauthorized Modification. | ||
| Description: | MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-1323 | Version: | 12 |
| Platform(s): | HP-UX 11 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12131 | |||
| Oval ID: | oval:org.mitre.oval:def:12131 | ||
| Title: | DSA-2129-1 krb5 -- checksum verification weakness | ||
| Description: | A vulnerability has been found in krb5, the MIT implementation of Kerberos. MIT krb5 clients incorrectly accept an unkeyed checksums in the SAM-2 preauthentication challenge: An unauthenticated remote attacker could alter a SAM-2 challenge, affecting the prompt text seen by the user or the kind of response sent to the KDC. Under some circumstances, this can negate the incremental security benefit of using a single-use authentication mechanism token. MIT krb5 incorrectly accepts RFC 3961 key-derivation checksums using RC4 keys when verifying KRB-SAFE messages: An unauthenticated remote attacker has a 1/256 chance of forging KRB-SAFE messages in an application protocol if the targeted pre-existing session uses an RC4 session key. Few application protocols use KRB-SAFE messages. The Common Vulnerabilities and Exposures project has assigned CVE-2010-1323 to these issues. For the stable distribution, these problems have been fixed in version 1.6.dfsg.4~beta1-5lenny6. The builds for the mips architecture are not included in this advisory. They will be released as soon as they are available. For the testing distribution and the unstable distribution, these problem have been fixed in version 1.8.3+dfsg-3. We recommend that you upgrade your krb5 packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2129-1 CVE-2010-1323 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | krb5 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12272 | |||
| Oval ID: | oval:org.mitre.oval:def:12272 | ||
| Title: | VMSA-2011-0010 VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1095 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.0 VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:12770 | |||
| Oval ID: | oval:org.mitre.oval:def:12770 | ||
| Title: | USN-1074-1 -- linux-fsl-imx51 vulnerabilities | ||
| Description: | Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packats. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. James Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service. Neil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges. David Howells discovered that DNS resolution in CIFS could be spoofed. A local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9.10 was affected. Bob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Sergey Vlasov discovered that JFS did not correctly handle certain extended attributes. A local attacker could bypass namespace access rules, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Ubuntu 10.10 was not affected. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Toshiyuki Okajima discovered that ext4 did not correctly check certain parameters. A local attacker could exploit this to crash the system or overwrite the last block of large files. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1074-1 CVE-2009-4895 CVE-2010-2066 CVE-2010-2226 CVE-2010-2240 CVE-2010-2248 CVE-2010-2478 CVE-2010-3084 CVE-2010-2495 CVE-2010-2521 CVE-2010-2524 CVE-2010-2538 CVE-2010-2798 CVE-2010-2803 CVE-2010-2942 CVE-2010-3477 CVE-2010-2943 CVE-2010-2946 CVE-2010-2954 CVE-2010-2955 CVE-2010-2959 CVE-2010-2962 CVE-2010-2963 CVE-2010-3015 CVE-2010-3067 CVE-2010-3078 CVE-2010-3079 CVE-2010-3080 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3448 CVE-2010-3698 CVE-2010-3705 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-3858 CVE-2010-3861 CVE-2010-3904 CVE-2010-4072 CVE-2010-4073 CVE-2010-4074 CVE-2010-4078 CVE-2010-4079 CVE-2010-4165 CVE-2010-4169 CVE-2010-4249 | Version: | 5 |
| Platform(s): | Ubuntu 9.10 | Product(s): | linux-fsl-imx51 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:12853 | |||
| Oval ID: | oval:org.mitre.oval:def:12853 | ||
| Title: | VMSA-2011-0010 VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1071 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.0 VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:12874 | |||
| Oval ID: | oval:org.mitre.oval:def:12874 | ||
| Title: | DSA-2153-1 linux-2.6 -- privilege escalation/denial of service/information leak | ||
| Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0435 Gleb Napatov reported an issue in the KVM subsystem that allows virtual machines to cause a denial of service of the host machine by executing mov to/from DR instructions. CVE-2010-3699 Keir Fraser provided a fix for an issue in the Xen subsystem. A guest can cause a denial of service on the host by retaining a leaked reference to a device. This can result in a zombie domain, xenwatch process hangs, and xm command failures. CVE-2010-4158 Dan Rosenberg discovered an issue in the socket filters subsystem, allowing local unprivileged users to obtain the contents of sensitive kernel memory. CVE-2010-4162 Dan Rosenberg discovered an overflow issue in the block I/O subsystem that allows local users to map large numbers of pages, resulting in a denial of service due to invocation of the out of memory killer. CVE-2010-4163 Dan Rosenberg discovered an issue in the block I/O subsystem. Due to improper validation of iov segments, local users can trigger a kernel panic resulting in a denial of service. CVE-2010-4242 Alan Cox reported an issue in the Bluetooth subsystem. Local users with sufficient permission to access HCI UART devices can cause a denial of service due to a missing check for an existing tty write operation. CVE-2010-4243 Brad Spengler reported a denial-of-service issue in the kernel memory accounting system. By passing large argv/envp values to exec, local users can cause the out of memory killer to kill processes owned by other users. CVE-2010-4248 Oleg Nesterov reported an issue in the POSIX CPU timers subsystem. Local users can cause a denial of service due to incorrect assumptions about thread group leader behavior. CVE-2010-4249 Vegard Nossum reported an issue with the UNIX socket garbage collector. Local users can consume all of LOWMEM and decrease system performance by overloading the system with inflight sockets. CVE-2010-4258 Nelson Elhage reported an issue in Linux oops handling. Local users may be able to obtain elevated privileges if they are able to trigger an oops with a process" fs set to KERNEL_DS. CVE-2010-4342 Nelson Elhage reported an issue in the econet protocol. Remote attackers can cause a denial of service by sending an Acorn Universal Networking packet over UDP. CVE-2010-4346 Tavis Ormandy discovered an issue in the install_special_mapping routine which allows local users to bypass the mmap_min_addr security restriction. Combined with an otherwise low severity local denial of service vulnerability, a local user could obtain elevated privileges. CVE-2010-4526 Eugene Teo reported a race condition in the Linux SCTP implementation. Remote users can cause a denial of service by transmitting an ICMP unreachable message to a locked socket. CVE-2010-4527 Dan Rosenberg reported two issues in the OSS soundcard driver. Local users with access to the device may contain access to sensitive kernel memory or cause a buffer overflow, potentially leading to an escalation of privileges. CVE-2010-4529 Dan Rosenberg reported an issue in the Linux kernel IrDA socket implementation on non-x86 architectures. Local users may be able to gain access to sensitive kernel memory via a specially crafted IRLMP_ENUMDEVICES getsockopt call. CVE-2010-4565 Dan Rosenberg reported an issue in the Linux CAN protocol implementation. Local users can obtain the address of a kernel heap object which might help facilitate system exploitation. CVE-2010-4649 Dan Carpenter reported an issue in the uverb handling of the InfiniBand subsystem. A potential buffer overflow may allow local users to cause a denial of service by passing in a large cmd.ne value. CVE-2010-4656 Kees Cook reported an issue in the driver for I/O-Warrior USB devices. Local users with access to these devices maybe able to overrun kernel buffers, resulting in a denial of service or privilege escalation. CVE-2010-4668 Dan Rosenberg reported an issue in the block subsystem. A local user can cause a denial of service by submitting certain 0-length I/O requests. CVE-2011-0521 Dan Carpenter reported an issue in the DVB driver for AV7110 cards. Local users can pass a negative info->num value, corrupting kernel memory and causing a denial of service. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2153-1 CVE-2010-0435 CVE-2010-3699 CVE-2010-4158 CVE-2010-4162 CVE-2010-4163 CVE-2010-4242 CVE-2010-4243 CVE-2010-4248 CVE-2010-4249 CVE-2010-4258 CVE-2010-4342 CVE-2010-4346 CVE-2010-4526 CVE-2010-4527 CVE-2010-4529 CVE-2010-4565 CVE-2010-4649 CVE-2010-4656 CVE-2010-4668 CVE-2011-0521 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | linux-2.6 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:13086 | |||
| Oval ID: | oval:org.mitre.oval:def:13086 | ||
| Title: | VMSA-2011-0010 VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-0536 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:13363 | |||
| Oval ID: | oval:org.mitre.oval:def:13363 | ||
| Title: | USN-1074-2 -- linux-fsl-imx51 vulnerabilities | ||
| Description: | USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04. Original advisory details: Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packats. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. James Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service. Neil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges. David Howells discovered that DNS resolution in CIFS could be spoofed. A local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9.10 was affected. Bob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Eric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Sergey Vlasov discovered that JFS did not correctly handle certain extended attributes. A local attacker could bypass namespace access rules, leading to a loss of privacy. Tavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. Brad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. Ubuntu 10.10 was not affected. Kees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. Toshiyuki Okajima discovered that ext4 did not correctly check certain parameters. A local attacker could exploit this to crash the system or overwrite the last block of large files. Tavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. Tavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. Dan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. Thomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Dan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. Dan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Dave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-1074-2 CVE-2010-3904 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-3301 CVE-2010-3081 CVE-2009-4895 CVE-2010-2066 CVE-2010-2226 CVE-2010-2248 CVE-2010-2478 CVE-2010-3084 CVE-2010-2495 CVE-2010-2521 CVE-2010-2524 CVE-2010-2538 CVE-2010-2798 CVE-2010-2942 CVE-2010-3477 CVE-2010-2943 CVE-2010-2946 CVE-2010-2954 CVE-2010-2955 CVE-2010-2962 CVE-2010-2963 CVE-2010-3015 CVE-2010-3067 CVE-2010-3078 CVE-2010-3079 CVE-2010-3080 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3448 CVE-2010-3698 CVE-2010-3705 CVE-2010-3858 CVE-2010-3861 CVE-2010-4072 CVE-2010-4073 CVE-2010-4074 CVE-2010-4078 CVE-2010-4079 CVE-2010-4165 CVE-2010-4169 CVE-2010-4249 | Version: | 5 |
| Platform(s): | Ubuntu 10.04 | Product(s): | linux-fsl-imx51 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19610 | |||
| Oval ID: | oval:org.mitre.oval:def:19610 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-0521 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19613 | |||
| Oval ID: | oval:org.mitre.oval:def:19613 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-0536 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19627 | |||
| Oval ID: | oval:org.mitre.oval:def:19627 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1478 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19636 | |||
| Oval ID: | oval:org.mitre.oval:def:19636 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3858 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19654 | |||
| Oval ID: | oval:org.mitre.oval:def:19654 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-0536 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19882 | |||
| Oval ID: | oval:org.mitre.oval:def:19882 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The unparse implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (file descriptor exhaustion and daemon hang) via a principal name that triggers use of a backslash escape sequence, as demonstrated by a \n sequence. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-0281 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19888 | |||
| Oval ID: | oval:org.mitre.oval:def:19888 | ||
| Title: | VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console | ||
| Description: | MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-1323 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19899 | |||
| Oval ID: | oval:org.mitre.oval:def:19899 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1659 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19965 | |||
| Oval ID: | oval:org.mitre.oval:def:19965 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) subsystem in the Linux kernel before 2.6.34, when Single Root I/O Virtualization (SR-IOV) and promiscuous mode are enabled but no VLANs are registered, allows remote attackers to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via a VLAN tagged frame. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4263 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19982 | |||
| Oval ID: | oval:org.mitre.oval:def:19982 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4073 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20057 | |||
| Oval ID: | oval:org.mitre.oval:def:20057 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3442 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20098 | |||
| Oval ID: | oval:org.mitre.oval:def:20098 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3067 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20099 | |||
| Oval ID: | oval:org.mitre.oval:def:20099 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1095 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20124 | |||
| Oval ID: | oval:org.mitre.oval:def:20124 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure (VMCS) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when an Intel platform without Extended Page Tables (EPT) functionality is used, accesses VMCS fields without verifying hardware support for these fields, which allows local users to cause a denial of service (host OS crash) by requesting a VMCS dump for a fully virtualized Xen guest. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-2938 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20132 | |||
| Oval ID: | oval:org.mitre.oval:def:20132 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-1323 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20153 | |||
| Oval ID: | oval:org.mitre.oval:def:20153 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-2492 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20184 | |||
| Oval ID: | oval:org.mitre.oval:def:20184 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-2798 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20228 | |||
| Oval ID: | oval:org.mitre.oval:def:20228 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-2942 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20247 | |||
| Oval ID: | oval:org.mitre.oval:def:20247 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4255 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20279 | |||
| Oval ID: | oval:org.mitre.oval:def:20279 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat build of the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (deadlock and system hang) by sending UDP traffic to a socket that has a crafted socket filter, a related issue to CVE-2010-4158. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4161 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20281 | |||
| Oval ID: | oval:org.mitre.oval:def:20281 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Race condition in the __exit_signal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader in the de_thread function in fs/exec.c. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4248 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20304 | |||
| Oval ID: | oval:org.mitre.oval:def:20304 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability for an ethtool ioctl call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4655 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20307 | |||
| Oval ID: | oval:org.mitre.oval:def:20307 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4238 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20313 | |||
| Oval ID: | oval:org.mitre.oval:def:20313 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The __nfs4_proc_set_acl function in fs/nfs/nfs4proc.c in the Linux kernel before 2.6.38 stores NFSv4 ACL data in memory that is allocated by kmalloc but not properly freed, which allows local users to cause a denial of service (panic) via a crafted attempt to set an ACL. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1090 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20348 | |||
| Oval ID: | oval:org.mitre.oval:def:20348 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The install_special_mapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-language application. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4346 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20361 | |||
| Oval ID: | oval:org.mitre.oval:def:20361 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1071 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20372 | |||
| Oval ID: | oval:org.mitre.oval:def:20372 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | include/asm-x86/futex.h in the Linux kernel before 2.6.25 does not properly implement exception fixup, which allows local users to cause a denial of service (panic) via an invalid application that triggers a page fault. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3086 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20373 | |||
| Oval ID: | oval:org.mitre.oval:def:20373 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-2943 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20378 | |||
| Oval ID: | oval:org.mitre.oval:def:20378 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4158 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20379 | |||
| Oval ID: | oval:org.mitre.oval:def:20379 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3876 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20393 | |||
| Oval ID: | oval:org.mitre.oval:def:20393 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-0296 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20402 | |||
| Oval ID: | oval:org.mitre.oval:def:20402 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a (1) setuid or (2) setgid program with this RPATH value, and then executing the program with a crafted value for the LD_PRELOAD environment variable, a different vulnerability than CVE-2010-3847 and CVE-2011-0536. NOTE: it is not expected that any standard operating-system distribution would ship an applicable setuid or setgid program. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1658 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20404 | |||
| Oval ID: | oval:org.mitre.oval:def:20404 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1495 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20410 | |||
| Oval ID: | oval:org.mitre.oval:def:20410 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via a malformed Mac OS partition table. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1010 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20420 | |||
| Oval ID: | oval:org.mitre.oval:def:20420 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1071 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20421 | |||
| Oval ID: | oval:org.mitre.oval:def:20421 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4251 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20430 | |||
| Oval ID: | oval:org.mitre.oval:def:20430 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1659 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20436 | |||
| Oval ID: | oval:org.mitre.oval:def:20436 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4072 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20441 | |||
| Oval ID: | oval:org.mitre.oval:def:20441 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets (RDS) request, which triggers a buffer overflow. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3865 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20450 | |||
| Oval ID: | oval:org.mitre.oval:def:20450 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extents.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service (BUG and system crash) via a write operation on the last block of a large file, followed by a sync operation. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3015 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20452 | |||
| Oval ID: | oval:org.mitre.oval:def:20452 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3477 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20463 | |||
| Oval ID: | oval:org.mitre.oval:def:20463 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The io_submit_one function in fs/aio.c in the Linux kernel before 2.6.23 allows local users to cause a denial of service (NULL pointer dereference) via a crafted io_submit system call with an IOCB_FLAG_RESFD flag. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3066 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20464 | |||
| Oval ID: | oval:org.mitre.oval:def:20464 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3432 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20468 | |||
| Oval ID: | oval:org.mitre.oval:def:20468 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4247 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20477 | |||
| Oval ID: | oval:org.mitre.oval:def:20477 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-0282 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20480 | |||
| Oval ID: | oval:org.mitre.oval:def:20480 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service (NULL pointer dereference) via vectors related to the Bluetooth driver. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4242 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20490 | |||
| Oval ID: | oval:org.mitre.oval:def:20490 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3699 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20503 | |||
| Oval ID: | oval:org.mitre.oval:def:20503 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack memory by arrays representing the (1) arguments and (2) environment, which allows local users to cause a denial of service (memory consumption) via a crafted exec system call, aka an "OOM dodging issue," a related issue to CVE-2010-3858. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4243 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20509 | |||
| Oval ID: | oval:org.mitre.oval:def:20509 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3296 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20514 | |||
| Oval ID: | oval:org.mitre.oval:def:20514 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a (1) setuid or (2) setgid program with this RPATH value, and then executing the program with a crafted value for the LD_PRELOAD environment variable, a different vulnerability than CVE-2010-3847 and CVE-2011-0536. NOTE: it is not expected that any standard operating-system distribution would ship an applicable setuid or setgid program. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1658 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20517 | |||
| Oval ID: | oval:org.mitre.oval:def:20517 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4157 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20523 | |||
| Oval ID: | oval:org.mitre.oval:def:20523 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4075 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20530 | |||
| Oval ID: | oval:org.mitre.oval:def:20530 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1495 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20539 | |||
| Oval ID: | oval:org.mitre.oval:def:20539 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-0710 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20540 | |||
| Oval ID: | oval:org.mitre.oval:def:20540 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3904 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20553 | |||
| Oval ID: | oval:org.mitre.oval:def:20553 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3880 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20569 | |||
| Oval ID: | oval:org.mitre.oval:def:20569 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4080 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20570 | |||
| Oval ID: | oval:org.mitre.oval:def:20570 | ||
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console | ||
| Description: | Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1494 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20577 | |||
| Oval ID: | oval:org.mitre.oval:def:20577 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1494 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 VMWare ESX Server 3.5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20584 | |||
| Oval ID: | oval:org.mitre.oval:def:20584 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipc_msg_build function in net/tipc/msg.c and the verify_iovec function in net/core/iovec.c. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3859 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20586 | |||
| Oval ID: | oval:org.mitre.oval:def:20586 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-0296 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20592 | |||
| Oval ID: | oval:org.mitre.oval:def:20592 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3877 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20595 | |||
| Oval ID: | oval:org.mitre.oval:def:20595 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-3078 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20600 | |||
| Oval ID: | oval:org.mitre.oval:def:20600 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4343 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20611 | |||
| Oval ID: | oval:org.mitre.oval:def:20611 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4249 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20621 | |||
| Oval ID: | oval:org.mitre.oval:def:20621 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4081 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20627 | |||
| Oval ID: | oval:org.mitre.oval:def:20627 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4526 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20628 | |||
| Oval ID: | oval:org.mitre.oval:def:20628 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensitive information (kernel memory). | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-1083 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20638 | |||
| Oval ID: | oval:org.mitre.oval:def:20638 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2011-1095 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20936 | |||
| Oval ID: | oval:org.mitre.oval:def:20936 | ||
| Title: | RHSA-2011:0200: krb5 security update (Important) | ||
| Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:0200-01 CVE-2010-4022 CVE-2011-0281 CVE-2011-0282 | Version: | 42 |
| Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | krb5 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21331 | |||
| Oval ID: | oval:org.mitre.oval:def:21331 | ||
| Title: | RHSA-2011:0413: glibc security update (Important) | ||
| Description: | Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:0413-01 CVE-2011-0536 CVE-2011-1071 CVE-2011-1095 CVE-2011-1658 CVE-2011-1659 | Version: | 68 |
| Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21743 | |||
| Oval ID: | oval:org.mitre.oval:def:21743 | ||
| Title: | RHSA-2011:0163: kernel security and bug fix update (Important) | ||
| Description: | Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:0163-01 CESA-2011:0163 CVE-2010-4526 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21814 | |||
| Oval ID: | oval:org.mitre.oval:def:21814 | ||
| Title: | RHSA-2011:0199: krb5 security update (Important) | ||
| Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:0199-01 CESA-2011:0199 CVE-2011-0281 CVE-2011-0282 | Version: | 29 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | krb5 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21873 | |||
| Oval ID: | oval:org.mitre.oval:def:21873 | ||
| Title: | RHSA-2011:0412: glibc security update (Important) | ||
| Description: | Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2011:0412-01 CESA-2011:0412 CVE-2010-0296 CVE-2011-0536 CVE-2011-1071 CVE-2011-1095 CVE-2011-1658 CVE-2011-1659 | Version: | 81 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22159 | |||
| Oval ID: | oval:org.mitre.oval:def:22159 | ||
| Title: | RHSA-2010:0839: kernel security and bug fix update (Moderate) | ||
| Description: | The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0839-01 CESA-2010:0839 CVE-2010-3066 CVE-2010-3067 CVE-2010-3078 CVE-2010-3086 CVE-2010-3448 CVE-2010-3477 | Version: | 81 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22250 | |||
| Oval ID: | oval:org.mitre.oval:def:22250 | ||
| Title: | RHSA-2010:0926: krb5 security update (Moderate) | ||
| Description: | MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0926-01 CESA-2010:0926 CVE-2010-1323 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | krb5 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22659 | |||
| Oval ID: | oval:org.mitre.oval:def:22659 | ||
| Title: | ELSA-2011:0200: krb5 security update (Important) | ||
| Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011:0200-01 CVE-2010-4022 CVE-2011-0281 CVE-2011-0282 | Version: | 17 |
| Platform(s): | Oracle Linux 6 | Product(s): | krb5 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22784 | |||
| Oval ID: | oval:org.mitre.oval:def:22784 | ||
| Title: | ELSA-2010:0926: krb5 security update (Moderate) | ||
| Description: | MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that (1) are unkeyed or (2) use RC4 keys. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0926-01 CVE-2010-1323 | Version: | 6 |
| Platform(s): | Oracle Linux 5 | Product(s): | krb5 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23052 | |||
| Oval ID: | oval:org.mitre.oval:def:23052 | ||
| Title: | ELSA-2011:0412: glibc security update (Important) | ||
| Description: | Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011:0412-01 CVE-2010-0296 CVE-2011-0536 CVE-2011-1071 CVE-2011-1095 CVE-2011-1658 CVE-2011-1659 | Version: | 29 |
| Platform(s): | Oracle Linux 5 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23219 | |||
| Oval ID: | oval:org.mitre.oval:def:23219 | ||
| Title: | ELSA-2011:0199: krb5 security update (Important) | ||
| Description: | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service (NULL pointer dereference or buffer over-read, and daemon crash) via a crafted principal name. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011:0199-01 CVE-2011-0281 CVE-2011-0282 | Version: | 13 |
| Platform(s): | Oracle Linux 5 | Product(s): | krb5 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23373 | |||
| Oval ID: | oval:org.mitre.oval:def:23373 | ||
| Title: | ELSA-2011:0413: glibc security update (Important) | ||
| Description: | Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011:0413-01 CVE-2011-0536 CVE-2011-1071 CVE-2011-1095 CVE-2011-1658 CVE-2011-1659 | Version: | 25 |
| Platform(s): | Oracle Linux 6 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27240 | |||
| Oval ID: | oval:org.mitre.oval:def:27240 | ||
| Title: | ELSA-2010-2009 -- Oracle Linux 5 Unbreakable Enterprise kernel security fix update (important) | ||
| Description: | Following security bugs are fixed in this errata CVE-2010-3904 When copying data to userspace, the RDS protocol failed to verify that the user-provided address was a valid userspace address. A local unprivileged user could issue specially crafted socket calls to write arbitrary values into kernel memory and potentially escalate privileges to root. CVE-2010-3067 Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. CVE-2010-3477 The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942. kernel: [2.6.32-100.21.1.el5] - [rds] fix access issue with rds (Chris Mason) {CVE-2010-3904} - [fuse] linux-2.6.32-fuse-return-EGAIN-if-not-connected-bug-10154489.patch - [net] linux-2.6.32-net-sched-fix-kernel-leak-in-act_police.patch - [aio] linux-2.6.32-aio-check-for-multiplication-overflow-in-do_io_subm.patch ofa: [1.5.1-4.0.23] - Fix rds permissions checks during copies [1.5.1-4.0.21] - Update to BXOFED 1.5.1-1.3.6-5 | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010-2009 CVE-2010-3477 CVE-2010-3904 CVE-2010-3067 | Version: | 5 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-firmware kernel-headers ofa |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27432 | |||
| Oval ID: | oval:org.mitre.oval:def:27432 | ||
| Title: | DEPRECATED: ELSA-2011-0413 -- glibc security update (important) | ||
| Description: | [2.12-1.7.el6_0.5] - Avoid too much stack use in fnmatch (#681054, CVE-2011-1071) - Properly quote output of locale (#625893, CVE-2011-1095) - Don't leave empty element in rpath when skipping the first element, ignore rpath elements containing non-isolated use of when privileged (#667974, CVE-2011-0536) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0413 CVE-2011-0536 CVE-2011-1071 CVE-2011-1095 CVE-2011-1658 CVE-2011-1659 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27587 | |||
| Oval ID: | oval:org.mitre.oval:def:27587 | ||
| Title: | ELSA-2010-2008 -- Unbreakable enterprise kernel security update (important) | ||
| Description: | [2.6.32-100.20.1.el5] - [fs] xfs: return inode fork offset in bulkstat for fsr (Dave Chinner) - [fs] xfs: always use iget in bulkstat (Dave Chinner) {CVE-2010-2943} - [fs] xfs: validate untrusted inode numbers during lookup (Dave Chinner) {CVE-2 010-2943} - [fs] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED (Dave Chinner) {CVE-2 010-2943} - [net] net sched: fix some kernel memory leaks (Eric Dumazet) {CVE-2010-2942} - [fs] ocfs2: Don't walk off the end of fast symlinks (Joel Becker) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010-2008 CVE-2010-2942 CVE-2010-2943 | Version: | 5 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-firmware kernel-headers ofa |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27793 | |||
| Oval ID: | oval:org.mitre.oval:def:27793 | ||
| Title: | ELSA-2011-2016 -- Unbreakable Enterprise kernel security fix update (important) | ||
| Description: | A [2.6.32-100.28.17.el6] - [net] Extend prot->slab size when add sock extend fields. [2.6.32-100.28.16.el6] - kernel: Fix unlimited socket backlog DoS {CVE-2010-4251} - RDS: Fix congestion issues for loopback - rds: prevent BUG_ON triggering on congestion map updates {CVE-2011-1023} - epoll: prevent creating circular epoll structures {CVE-2011-1082} - fs: fix corrupted OSF partition table parsing {CVE-2011-1163} - fs: Increase OSF partition limit from 8 to 18 {CVE-2011-1163} - netfilter: arp_tables: fix infoleak to userspace {CVE-2011-1170} - netfilter: ip_tables: fix infoleak to userspace {CVE-2011-1171} - ipv6: netfilter: ip6_tables: fix infoleak to userspace {CVE-2011-1172} - [SCSI] mpt2sas: prevent heap overflows and unchecked reads {CVE-2011-1494, CVE-2011-1495} | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-2016 CVE-2010-4251 CVE-2011-1023 CVE-2011-1082 CVE-2011-1163 CVE-2011-1170 CVE-2011-1171 CVE-2011-1172 CVE-2011-1494 CVE-2011-1495 | Version: | 5 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel-uek ofa kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware kernel-uek-headers |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27874 | |||
| Oval ID: | oval:org.mitre.oval:def:27874 | ||
| Title: | DEPRECATED: ELSA-2010-0723 -- kernel security and bug fix update (important) | ||
| Description: | [2.6.18-194.17.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010-0723 CVE-2010-1083 CVE-2010-2492 CVE-2010-2798 CVE-2010-2938 CVE-2010-2942 CVE-2010-2943 CVE-2010-3015 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27918 | |||
| Oval ID: | oval:org.mitre.oval:def:27918 | ||
| Title: | DEPRECATED: ELSA-2011-0412 -- glibc security update (important) | ||
| Description: | [2.5-58.el5_6.2] - Avoid too much stack use in fnmatch (#681054, CVE-2011-1071) - Properly quote output of locale (#625893, CVE-2011-1095) - Don't leave empty element in rpath when skipping the first element, ignore rpath elements containing non-isolated use of when privileged (#667974, CVE-2011-0536) - Fix handling of newline in addmntent (#559579, CVE-2010-0296) [2.5-58.el5_6.1] - Don't ignore in libraries (#682991) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0412 CVE-2010-0296 CVE-2011-0536 CVE-2011-1071 CVE-2011-1095 CVE-2011-1658 CVE-2011-1659 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | glibc |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28005 | |||
| Oval ID: | oval:org.mitre.oval:def:28005 | ||
| Title: | ELSA-2011-2014 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update (important) | ||
| Description: | [2.6.32-100.28.11.el6] - fs/partitions: Validate map_count in Mac partition tables {CVE-2011-1010} - nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab (v3) {CVE-2011-1090} [2.6.32-100.28.10.el6] - Use cciss for some Smart Array controller for OL5 [orabug 11899706] - CVEs from RHSA-2011-0421 - install_special_mapping skips security_file_mmap check {CVE-2010-4346} - orinoco: fix TKIP countermeasure behaviour {CVE-2010-4648} - net: clear heap allocation for ethtool_get_regs() {CVE-2010-4655} - usb: iowarrior: don't trust report_size for buffer size {CVE-2010-4656} - [media] [v3,media] av7110: check for negative array offset {CVE-2011-0521} - RDMA/cma: Fix crash in request handlers {CVE-2011-0695} - IB/cm: Bump reference count on cm_id before invoking callback {CVE-2011-0695} - gro: reset skb_iif on reuse {CVE-2011-1478} | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-2014 CVE-2010-4346 CVE-2010-4648 CVE-2010-4655 CVE-2010-4656 CVE-2011-0521 CVE-2011-0695 CVE-2011-1010 CVE-2011-1090 CVE-2011-1478 | Version: | 5 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel-uek ofa kernel-uek-debug kernel-uek-debug-devel kernel-uek-devel kernel-uek-doc kernel-uek-firmware kernel-uek-headers |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28010 | |||
| Oval ID: | oval:org.mitre.oval:def:28010 | ||
| Title: | DEPRECATED: ELSA-2011-0200 -- krb5 security update (important) | ||
| Description: | [1.8.2-3.4] - add upstream patches to fix standalone kpropd exiting if the per-client child process exits with an error, and hang or crash in the KDC when using the LDAP kdb backend (CVE-2010-4022, CVE-2011-0281, CVE-2011-0282, #671101) [1.8.2-3.3] - pull up crypto changes made between 1.8.2 and 1.8.3 to fix upstream #6751, assumed to already be there for the next fix - incorporate candidate patch to fix various issues from MITKRB5-SA-2010-007 (CVE-2010-1323, CVE-2010-1324, CVE-2010-4020, #651962) [1.8.2-3.2] - fix reading of keyUsage extensions when attempting to select pkinit client certs (part of #644825, RT#6775) - fix selection of pkinit client certs when one or more don't include a subjectAltName extension (part of #644825, RT#6774) [1.8.2-3.1] - incorporate candidate patch to fix uninitialized pointer crash in the KDC (CVE-2010-1322, #636336) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0200 CVE-2010-4020 CVE-2010-4022 CVE-2010-1322 CVE-2010-1323 CVE-2010-1324 CVE-2011-0281 CVE-2011-0282 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | krb5 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28117 | |||
| Oval ID: | oval:org.mitre.oval:def:28117 | ||
| Title: | DEPRECATED: ELSA-2011-0004 -- kernel security, bug fix, and enhancement update (important) | ||
| Description: | [2.6.18-194.32.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - make xenkbd.abs_pointer=1 by default (John Haxby) [orabug 67188919] - fix filp_close() race (Joe Jin) [orabug 10335998] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0004 CVE-2010-3432 CVE-2010-3442 CVE-2010-3699 CVE-2010-3858 CVE-2010-3859 CVE-2010-3865 CVE-2010-3876 CVE-2010-3880 CVE-2010-4083 CVE-2010-4157 CVE-2010-4161 CVE-2010-4242 CVE-2010-4247 CVE-2010-4248 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28143 | |||
| Oval ID: | oval:org.mitre.oval:def:28143 | ||
| Title: | DEPRECATED: ELSA-2011-0163 -- kernel security and bug fix update (important) | ||
| Description: | [2.6.18-238.1.1.0.1.el5] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [nfs] too many getattr and access calls after direct I/O [orabug 9348191] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) [2.6.18-238.1.1.el5] - [scsi] megaraid: give FW more time to recover from reset (Tomas Henzl) [667141 665427] - [fs] gfs2: fix statfs error after gfs2_grow (Robert S Peterson) [666792 660661] - [mm] prevent file lock corruption using popen(3) (Larry Woodman) [667050 664931] - [net] sctp: fix panic from bad socket lock on icmp error (Neil Horman) [665476 665477] {CVE-2010-4526} | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0163 CVE-2010-4526 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28149 | |||
| Oval ID: | oval:org.mitre.oval:def:28149 | ||
| Title: | DEPRECATED: ELSA-2011-0199 -- krb5 security update (important) | ||
| Description: | - add upstream patch to fix hang or crash in the KDC when using the LDAP kdb backend (CVE-2011-0281, CVE-2011-0282, #671096) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0199 CVE-2011-0281 CVE-2011-0282 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | krb5 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28175 | |||
| Oval ID: | oval:org.mitre.oval:def:28175 | ||
| Title: | DEPRECATED: ELSA-2011-0429 -- kernel security and bug fix update (important) | ||
| Description: | [2.6.18-238.9.1.0.1.el5] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [nfs] too many getattr and access calls after direct I/O [orabug 9348191] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0429 CVE-2010-4346 CVE-2011-0521 CVE-2011-0710 CVE-2011-1010 CVE-2011-1090 CVE-2011-1478 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28178 | |||
| Oval ID: | oval:org.mitre.oval:def:28178 | ||
| Title: | DEPRECATED: ELSA-2011-0283 -- kernel security, bug fix, and enhancement update (moderate) | ||
| Description: | [2.6.32-71.18.1.el6] - [netdrv] ixgbe: make sure FCoE DDP user buffers are really released by the HW (Frantisek Hrbata) [674002 617193] - [netdrv] ixgbe: invalidate FCoE DDP context when no error status is available (Frantisek Hrbata) [674002 617193] - [netdrv] ixgbe: avoid doing FCoE DDP when adapter is DOWN or RESETTING (Frantisek Hrbata) [674002 617193] - [fcoe] libfc: remove tgt_flags from fc_fcp_pkt struct (Mike Christie) [666797 633915] - [fcoe] libfc: use rport timeout values for fcp recovery (Frantisek Hrbata) [666797 633915] - [fcoe] libfc: incorrect scsi host byte codes returned to scsi-ml (Mike Christie) [666797 633915] - [scsi] scsi_dh_alua: fix overflow in alua_rtpg port group id check (Mike Snitzer) [673978 670572] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0283 CVE-2010-4165 CVE-2010-4169 CVE-2010-4243 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28199 | |||
| Oval ID: | oval:org.mitre.oval:def:28199 | ||
| Title: | DEPRECATED: ELSA-2011-0017 -- Oracle Linux 5.6 kernel security and bug fix update (important) | ||
| Description: | This update fixes the following security issues: * A NULL pointer dereference flaw was found in the igb driver in the Linux kernel. If both the Single Root I/O Virtualization (SR-IOV) feature and promiscuous mode were enabled on an interface using igb, it could result in a denial of service when a tagged VLAN packet is received on that interface. (CVE-2010-4263, Important) * A missing sanity check was found in vbd_create() in the Xen hypervisor implementation. As CD-ROM drives are not supported by the blkback back-end driver, attempting to use a virtual CD-ROM drive with blkback could trigger a denial of service (crash) on the host system running the Xen hypervisor. (CVE-2010-4238, Moderate) * A flaw was found in the Linux kernel execve() system call implementation. A local, unprivileged user could cause large amounts of memory to be allocated but not visible to the OOM (Out of Memory) killer, triggering a denial of service. (CVE-2010-4243, Moderate) * A flaw was found in fixup_page_fault() in the Xen hypervisor implementation. If a 64-bit para-virtualized guest accessed a certain area of memory, it could cause a denial of service on the host system running the Xen hypervisor. (CVE-2010-4255, Moderate) * A missing initialization flaw was found in the bfa driver used by Brocade Fibre Channel Host Bus Adapters. A local, unprivileged user could use this flaw to cause a denial of service by reading a file in the "/sys/class/fc_host/host#/statistics/" directory. (CVE-2010-4343, Moderate) * Missing initialization flaws in the Linux kernel could lead to information leaks. (CVE-2010-3296, CVE-2010-3877, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4081, CVE-2010-4158, Low) | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0017 CVE-2010-3296 CVE-2010-3877 CVE-2010-4072 CVE-2010-4073 CVE-2010-4075 CVE-2010-4080 CVE-2010-4081 CVE-2010-4158 CVE-2010-4238 CVE-2010-4243 CVE-2010-4255 CVE-2010-4263 CVE-2010-4343 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28217 | |||
| Oval ID: | oval:org.mitre.oval:def:28217 | ||
| Title: | DEPRECATED: ELSA-2010-0792 -- kernel security update (important) | ||
| Description: | [2.6.18-194.17.4.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-194.17.4.el5] - [net] rds: fix local privilege escalation (Eugene Teo) [642897 642898] {CVE-2010-3904} | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010-0792 CVE-2010-3904 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
ExploitDB Exploits
| id | Description |
|---|---|
| 2011-09-05 | Linux Kernel < 2.6.36.2 Econet Privilege Escalation Exploit |
| 2010-10-19 | Linux RDS Protocol Local Privilege Escalation |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-08-02 | Name : SuSE Update for kernel openSUSE-SU-2012:0206-1 (kernel) File : nvt/gb_suse_2012_0206_1.nasl |
| 2012-08-02 | Name : SuSE Update for kernel openSUSE-SU-2012:0236-1 (kernel) File : nvt/gb_suse_2012_0236_1.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2010:0936 centos4 x86_64 File : nvt/gb_CESA-2010_0936_kernel_centos4_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0004 centos5 x86_64 File : nvt/gb_CESA-2011_0004_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0162 centos4 x86_64 File : nvt/gb_CESA-2011_0162_kernel_centos4_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0163 centos5 x86_64 File : nvt/gb_CESA-2011_0163_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for krb5-devel CESA-2011:0199 centos5 x86_64 File : nvt/gb_CESA-2011_0199_krb5-devel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0303 centos5 x86_64 File : nvt/gb_CESA-2011_0303_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for glibc CESA-2011:0412 centos5 x86_64 File : nvt/gb_CESA-2011_0412_glibc_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0429 centos5 x86_64 File : nvt/gb_CESA-2011_0429_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:0833 centos5 x86_64 File : nvt/gb_CESA-2011_0833_kernel_centos5_x86_64.nasl |
| 2012-07-30 | Name : CentOS Update for glibc CESA-2012:0125 centos4 File : nvt/gb_CESA-2012_0125_glibc_centos4.nasl |
| 2012-07-09 | Name : RedHat Update for kernel RHSA-2011:0283-01 File : nvt/gb_RHSA-2011_0283-01_kernel.nasl |
| 2012-06-15 | Name : Fedora Update for krb5 FEDORA-2012-8805 File : nvt/gb_fedora_2012_8805_krb5_fc15.nasl |
| 2012-06-06 | Name : RedHat Update for glibc RHSA-2011:0413-01 File : nvt/gb_RHSA-2011_0413-01_glibc.nasl |
| 2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0421-01 File : nvt/gb_RHSA-2011_0421-01_kernel.nasl |
| 2012-06-06 | Name : RedHat Update for Red Hat Enterprise Linux 6.1 kernel RHSA-2011:0542-01 File : nvt/gb_RHSA-2011_0542-01_Red_Hat_Enterprise_Linux_6.1_kernel.nasl |
| 2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0836-01 File : nvt/gb_RHSA-2011_0836-01_kernel.nasl |
| 2012-06-05 | Name : RedHat Update for kernel RHSA-2011:0007-01 File : nvt/gb_RHSA-2011_0007-01_kernel.nasl |
| 2012-06-05 | Name : RedHat Update for krb5 RHSA-2011:0200-01 File : nvt/gb_RHSA-2011_0200-01_krb5.nasl |
| 2012-03-16 | Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX... File : nvt/gb_VMSA-2011-0012.nasl |
| 2012-03-15 | Name : VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates ... File : nvt/gb_VMSA-2011-0007.nasl |
| 2012-03-15 | Name : VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Ser... File : nvt/gb_VMSA-2012-0001.nasl |
| 2012-03-12 | Name : Ubuntu Update for eglibc USN-1396-1 File : nvt/gb_ubuntu_USN_1396_1.nasl |
| 2012-02-21 | Name : RedHat Update for glibc RHSA-2012:0125-01 File : nvt/gb_RHSA-2012_0125-01_glibc.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-13 (mit-krb5) File : nvt/glsa_201201_13.nasl |
| 2012-02-01 | Name : Fedora Update for krb5 FEDORA-2011-16284 File : nvt/gb_fedora_2011_16284_krb5_fc15.nasl |
| 2011-12-02 | Name : Fedora Update for kernel FEDORA-2011-16346 File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl |
| 2011-11-28 | Name : Mandriva Update for glibc MDVSA-2011:178 (glibc) File : nvt/gb_mandriva_MDVSA_2011_178.nasl |
| 2011-11-18 | Name : Fedora Update for krb5 FEDORA-2011-14650 File : nvt/gb_fedora_2011_14650_krb5_fc14.nasl |
| 2011-11-18 | Name : Fedora Update for krb5 FEDORA-2011-14673 File : nvt/gb_fedora_2011_14673_krb5_fc15.nasl |
| 2011-11-11 | Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1 File : nvt/gb_ubuntu_USN_1256_1.nasl |
| 2011-11-08 | Name : Fedora Update for kernel FEDORA-2011-15241 File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl |
| 2011-10-31 | Name : Fedora Update for kernel FEDORA-2011-14747 File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl |
| 2011-10-10 | Name : Fedora Update for kernel FEDORA-2011-12874 File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux-ec2 USN-1216-1 File : nvt/gb_ubuntu_USN_1216_1.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux USN-1218-1 File : nvt/gb_ubuntu_USN_1218_1.nasl |
| 2011-09-23 | Name : RedHat Update for kernel RHSA-2011:1321-01 File : nvt/gb_RHSA-2011_1321-01_kernel.nasl |
| 2011-09-23 | Name : Ubuntu Update for linux-ti-omap4 USN-1212-1 File : nvt/gb_ubuntu_USN_1212_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1202-1 File : nvt/gb_ubuntu_USN_1202_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-mvl-dove USN-1203-1 File : nvt/gb_ubuntu_USN_1203_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1 File : nvt/gb_ubuntu_USN_1204_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-mvl-dove USN-1208-1 File : nvt/gb_ubuntu_USN_1208_1.nasl |
| 2011-08-27 | Name : Fedora Update for kernel FEDORA-2011-11103 File : nvt/gb_fedora_2011_11103_kernel_fc14.nasl |
| 2011-08-26 | Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001) File : nvt/secpod_macosx_su11-001.nasl |
| 2011-08-12 | Name : Ubuntu Update for linux USN-1183-1 File : nvt/gb_ubuntu_USN_1183_1.nasl |
| 2011-08-12 | Name : Ubuntu Update for linux USN-1186-1 File : nvt/gb_ubuntu_USN_1186_1.nasl |
| 2011-08-12 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1187-1 File : nvt/gb_ubuntu_USN_1187_1.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2010:0723 centos5 i386 File : nvt/gb_CESA-2010_0723_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2010:0792 centos5 i386 File : nvt/gb_CESA-2010_0792_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2010:0839 centos5 i386 File : nvt/gb_CESA-2010_0839_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for krb5-devel CESA-2010:0926 centos5 i386 File : nvt/gb_CESA-2010_0926_krb5-devel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2011:0004 centos5 i386 File : nvt/gb_CESA-2011_0004_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2011:0163 centos5 i386 File : nvt/gb_CESA-2011_0163_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for krb5-devel CESA-2011:0199 centos5 i386 File : nvt/gb_CESA-2011_0199_krb5-devel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2011:0303 centos5 i386 File : nvt/gb_CESA-2011_0303_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for glibc CESA-2011:0412 centos5 i386 File : nvt/gb_CESA-2011_0412_glibc_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2011:0429 centos5 i386 File : nvt/gb_CESA-2011_0429_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2011:0833 centos5 i386 File : nvt/gb_CESA-2011_0833_kernel_centos5_i386.nasl |
| 2011-08-03 | Name : Debian Security Advisory DSA 2264-1 (linux-2.6) File : nvt/deb_2264_1.nasl |
| 2011-07-18 | Name : Ubuntu Update for linux-mvl-dove USN-1159-1 File : nvt/gb_ubuntu_USN_1159_1.nasl |
| 2011-07-18 | Name : Ubuntu Update for linux-ec2 USN-1161-1 File : nvt/gb_ubuntu_USN_1161_1.nasl |
| 2011-07-18 | Name : Ubuntu Update for linux USN-1167-1 File : nvt/gb_ubuntu_USN_1167_1.nasl |
| 2011-07-18 | Name : Ubuntu Update for linux USN-1168-1 File : nvt/gb_ubuntu_USN_1168_1.nasl |
| 2011-07-18 | Name : Ubuntu Update for linux USN-1170-1 File : nvt/gb_ubuntu_USN_1170_1.nasl |
| 2011-07-08 | Name : Ubuntu Update for linux USN-1160-1 File : nvt/gb_ubuntu_USN_1160_1.nasl |
| 2011-07-08 | Name : Ubuntu Update for linux-mvl-dove USN-1162-1 File : nvt/gb_ubuntu_USN_1162_1.nasl |
| 2011-07-08 | Name : Ubuntu Update for linux-fsl-imx51 USN-1164-1 File : nvt/gb_ubuntu_USN_1164_1.nasl |
| 2011-06-24 | Name : Fedora Update for kernel FEDORA-2011-6447 File : nvt/gb_fedora_2011_6447_kernel_fc13.nasl |
| 2011-06-20 | Name : Fedora Update for kernel FEDORA-2011-7551 File : nvt/gb_fedora_2011_7551_kernel_fc14.nasl |
| 2011-06-10 | Name : Ubuntu Update for linux USN-1146-1 File : nvt/gb_ubuntu_USN_1146_1.nasl |
| 2011-06-06 | Name : RedHat Update for kernel RHSA-2011:0833-01 File : nvt/gb_RHSA-2011_0833-01_kernel.nasl |
| 2011-06-06 | Name : Ubuntu Update for linux USN-1141-1 File : nvt/gb_ubuntu_USN_1141_1.nasl |
| 2011-06-03 | Name : Ubuntu Update for linux USN-1133-1 File : nvt/gb_ubuntu_USN_1133_1.nasl |
| 2011-05-17 | Name : Fedora Update for kernel FEDORA-2011-6541 File : nvt/gb_fedora_2011_6541_kernel_fc14.nasl |
| 2011-05-12 | Name : FreeBSD Ports: krb5 File : nvt/freebsd_krb512.nasl |
| 2011-05-10 | Name : Ubuntu Update for linux-source-2.6.15 USN-1111-1 File : nvt/gb_ubuntu_USN_1111_1.nasl |
| 2011-05-10 | Name : Ubuntu Update for linux-ti-omap4 USN-1119-1 File : nvt/gb_ubuntu_USN_1119_1.nasl |
| 2011-05-06 | Name : SuSE Update for kernel SUSE-SA:2011:020 File : nvt/gb_suse_2011_020.nasl |
| 2011-05-05 | Name : Fedora Update for krb5 FEDORA-2011-5343 File : nvt/gb_fedora_2011_5343_krb5_fc13.nasl |
| 2011-05-05 | Name : Fedora Update for krb5 FEDORA-2011-5345 File : nvt/gb_fedora_2011_5345_krb5_fc14.nasl |
| 2011-04-22 | Name : SuSE Update for kernel SUSE-SA:2011:017 File : nvt/gb_suse_2011_017.nasl |
| 2011-04-19 | Name : RedHat Update for kernel RHSA-2011:0429-01 File : nvt/gb_RHSA-2011_0429-01_kernel.nasl |
| 2011-04-11 | Name : Ubuntu Update for linux vulnerabilities USN-1105-1 File : nvt/gb_ubuntu_USN_1105_1.nasl |
| 2011-04-06 | Name : RedHat Update for glibc RHSA-2011:0412-01 File : nvt/gb_RHSA-2011_0412-01_glibc.nasl |
| 2011-04-01 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1 File : nvt/gb_ubuntu_USN_1092_1.nasl |
| 2011-03-25 | Name : Fedora Update for krb5 FEDORA-2011-3462 File : nvt/gb_fedora_2011_3462_krb5_fc14.nasl |
| 2011-03-25 | Name : Fedora Update for krb5 FEDORA-2011-3464 File : nvt/gb_fedora_2011_3464_krb5_fc13.nasl |
| 2011-03-24 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1 File : nvt/gb_ubuntu_USN_1089_1.nasl |
| 2011-03-24 | Name : Ubuntu Update for linux vulnerabilities USN-1090-1 File : nvt/gb_ubuntu_USN_1090_1.nasl |
| 2011-03-15 | Name : Fedora Update for kernel FEDORA-2011-2134 File : nvt/gb_fedora_2011_2134_kernel_fc13.nasl |
| 2011-03-15 | Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1086-1 File : nvt/gb_ubuntu_USN_1086_1.nasl |
| 2011-03-09 | Name : Gentoo Security Advisory GLSA 201011-01 (glibc) File : nvt/glsa_201011_01.nasl |
| 2011-03-07 | Name : Debian Security Advisory DSA 2153-1 (linux-2.6) File : nvt/deb_2153_1.nasl |
| 2011-03-07 | Name : RedHat Update for kernel RHSA-2011:0303-01 File : nvt/gb_RHSA-2011_0303-01_kernel.nasl |
| 2011-03-07 | Name : Ubuntu Update for linux vulnerabilities USN-1080-1 File : nvt/gb_ubuntu_USN_1080_1.nasl |
| 2011-03-07 | Name : Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2 File : nvt/gb_ubuntu_USN_1080_2.nasl |
| 2011-03-07 | Name : Ubuntu Update for linux vulnerabilities USN-1081-1 File : nvt/gb_ubuntu_USN_1081_1.nasl |
| 2011-03-07 | Name : Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1 File : nvt/gb_ubuntu_USN_1083_1.nasl |
| 2011-02-28 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1 File : nvt/gb_ubuntu_USN_1071_1.nasl |
| 2011-02-28 | Name : Ubuntu Update for linux vulnerabilities USN-1072-1 File : nvt/gb_ubuntu_USN_1072_1.nasl |
| 2011-02-28 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1 File : nvt/gb_ubuntu_USN_1073_1.nasl |
| 2011-02-18 | Name : RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01 File : nvt/gb_RHSA-2011_0263-01_Red_Hat_Enterprise_Linux_4.9_kernel.nasl |
| 2011-02-18 | Name : Fedora Update for krb5 FEDORA-2011-1210 File : nvt/gb_fedora_2011_1210_krb5_fc13.nasl |
| 2011-02-18 | Name : Fedora Update for krb5 FEDORA-2011-1225 File : nvt/gb_fedora_2011_1225_krb5_fc14.nasl |
| 2011-02-18 | Name : Mandriva Update for kernel MDVSA-2011:029 (kernel) File : nvt/gb_mandriva_MDVSA_2011_029.nasl |
| 2011-02-16 | Name : SuSE Update for kernel SUSE-SA:2011:008 File : nvt/gb_suse_2011_008.nasl |
| 2011-02-16 | Name : Ubuntu Update for krb5 vulnerabilities USN-1062-1 File : nvt/gb_ubuntu_USN_1062_1.nasl |
| 2011-02-11 | Name : RedHat Update for krb5 RHSA-2011:0199-01 File : nvt/gb_RHSA-2011_0199-01_krb5.nasl |
| 2011-02-11 | Name : Fedora Update for kernel FEDORA-2011-1138 File : nvt/gb_fedora_2011_1138_kernel_fc14.nasl |
| 2011-02-11 | Name : Mandriva Update for krb5 MDVSA-2011:024 (krb5) File : nvt/gb_mandriva_MDVSA_2011_024.nasl |
| 2011-02-11 | Name : Mandriva Update for krb5 MDVSA-2011:025 (krb5) File : nvt/gb_mandriva_MDVSA_2011_025.nasl |
| 2011-02-04 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1054-1 File : nvt/gb_ubuntu_USN_1054_1.nasl |
| 2011-02-04 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1057-1 File : nvt/gb_ubuntu_USN_1057_1.nasl |
| 2011-01-31 | Name : CentOS Update for kernel CESA-2010:0936 centos4 i386 File : nvt/gb_CESA-2010_0936_kernel_centos4_i386.nasl |
| 2011-01-31 | Name : CentOS Update for kernel CESA-2011:0162 centos4 i386 File : nvt/gb_CESA-2011_0162_kernel_centos4_i386.nasl |
| 2011-01-24 | Name : Debian Security Advisory DSA 2126-1 (linux-2.6) File : nvt/deb_2126_1.nasl |
| 2011-01-24 | Name : FreeBSD Ports: krb5 File : nvt/freebsd_krb59.nasl |
| 2011-01-21 | Name : RedHat Update for kernel RHSA-2011:0162-01 File : nvt/gb_RHSA-2011_0162-01_kernel.nasl |
| 2011-01-21 | Name : RedHat Update for kernel RHSA-2011:0163-01 File : nvt/gb_RHSA-2011_0163-01_kernel.nasl |
| 2011-01-21 | Name : HP-UX Update for Kerberos HPSBUX02623 File : nvt/gb_hp_ux_HPSBUX02623.nasl |
| 2011-01-14 | Name : RedHat Update for Red Hat Enterprise Linux 5.6 kernel RHSA-2011:0017-01 File : nvt/gb_RHSA-2011_0017-01_Red_Hat_Enterprise_Linux_5.6_kernel.nasl |
| 2011-01-14 | Name : Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1041-1 File : nvt/gb_ubuntu_USN_1041_1.nasl |
| 2011-01-11 | Name : RedHat Update for kernel RHSA-2011:0004-01 File : nvt/gb_RHSA-2011_0004-01_kernel.nasl |
| 2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2010:039 File : nvt/gb_suse_2010_039.nasl |
| 2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2010:047 File : nvt/gb_suse_2010_047.nasl |
| 2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2011:001 File : nvt/gb_suse_2011_001.nasl |
| 2011-01-11 | Name : SuSE Update for kernel SUSE-SA:2011:002 File : nvt/gb_suse_2011_002.nasl |
| 2011-01-04 | Name : Mandriva Update for kernel MDVSA-2010:257 (kernel) File : nvt/gb_mandriva_MDVSA_2010_257.nasl |
| 2010-12-28 | Name : Fedora Update for kernel FEDORA-2010-18983 File : nvt/gb_fedora_2010_18983_kernel_fc13.nasl |
| 2010-12-23 | Name : Fedora Update for krb5 FEDORA-2010-18409 File : nvt/gb_fedora_2010_18409_krb5_fc14.nasl |
| 2010-12-23 | Name : Fedora Update for krb5 FEDORA-2010-18425 File : nvt/gb_fedora_2010_18425_krb5_fc13.nasl |
| 2010-12-23 | Name : Fedora Update for kernel FEDORA-2010-18506 File : nvt/gb_fedora_2010_18506_kernel_fc13.nasl |
| 2010-12-23 | Name : Ubuntu Update for krb5 vulnerabilities USN-1030-1 File : nvt/gb_ubuntu_USN_1030_1.nasl |
| 2010-12-09 | Name : CentOS Update for krb5-devel CESA-2010:0926 centos4 i386 File : nvt/gb_CESA-2010_0926_krb5-devel_centos4_i386.nasl |
| 2010-12-09 | Name : RedHat Update for krb5 RHSA-2010:0926-01 File : nvt/gb_RHSA-2010_0926-01_krb5.nasl |
| 2010-12-09 | Name : RedHat Update for kernel RHSA-2010:0936-01 File : nvt/gb_RHSA-2010_0936-01_kernel.nasl |
| 2010-12-09 | Name : Fedora Update for kernel FEDORA-2010-18432 File : nvt/gb_fedora_2010_18432_kernel_fc12.nasl |
| 2010-12-09 | Name : Fedora Update for kernel FEDORA-2010-18493 File : nvt/gb_fedora_2010_18493_kernel_fc14.nasl |
| 2010-12-09 | Name : Mandriva Update for krb5 MDVSA-2010:245 (krb5) File : nvt/gb_mandriva_MDVSA_2010_245.nasl |
| 2010-12-09 | Name : Mandriva Update for krb5 MDVSA-2010:246 (krb5) File : nvt/gb_mandriva_MDVSA_2010_246.nasl |
| 2010-12-09 | Name : Mandriva Update for kernel MDVSA-2010:247 (kernel) File : nvt/gb_mandriva_MDVSA_2010_247.nasl |
| 2010-12-02 | Name : Fedora Update for kernel FEDORA-2010-14832 File : nvt/gb_fedora_2010_14832_kernel_fc14.nasl |
| 2010-12-02 | Name : Fedora Update for kernel FEDORA-2010-16826 File : nvt/gb_fedora_2010_16826_kernel_fc14.nasl |
| 2010-11-16 | Name : RedHat Update for kernel RHSA-2010:0839-01 File : nvt/gb_RHSA-2010_0839-01_kernel.nasl |
| 2010-11-16 | Name : SuSE Update for glibc SUSE-SA:2010:052 File : nvt/gb_suse_2010_052.nasl |
| 2010-11-16 | Name : SuSE Update for kernel SUSE-SA:2010:053 File : nvt/gb_suse_2010_053.nasl |
| 2010-11-04 | Name : CentOS Update for kernel CESA-2010:0779 centos4 i386 File : nvt/gb_CESA-2010_0779_kernel_centos4_i386.nasl |
| 2010-11-04 | Name : RedHat Update for kernel RHSA-2010:0792-01 File : nvt/gb_RHSA-2010_0792-01_kernel.nasl |
| 2010-10-22 | Name : RedHat Update for kernel RHSA-2010:0779-01 File : nvt/gb_RHSA-2010_0779-01_kernel.nasl |
| 2010-10-22 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-1000-1 File : nvt/gb_ubuntu_USN_1000_1.nasl |
| 2010-10-19 | Name : Mandriva Update for kernel MDVSA-2010:198 (kernel) File : nvt/gb_mandriva_MDVSA_2010_198.nasl |
| 2010-10-10 | Name : Debian Security Advisory DSA 2094-1 (linux-2.6) File : nvt/deb_2094_1.nasl |
| 2010-10-10 | Name : Debian Security Advisory DSA 2110-1 (linux-2.6) File : nvt/deb_2110_1.nasl |
| 2010-10-01 | Name : RedHat Update for kernel RHSA-2010:0723-01 File : nvt/gb_RHSA-2010_0723-01_kernel.nasl |
| 2010-10-01 | Name : SuSE Update for kernel SUSE-SA:2010:046 File : nvt/gb_suse_2010_046.nasl |
| 2010-09-27 | Name : Mandriva Update for kernel MDVSA-2010:172 (kernel) File : nvt/gb_mandriva_MDVSA_2010_172.nasl |
| 2010-09-27 | Name : Mandriva Update for kernel MDVSA-2010:188 (kernel) File : nvt/gb_mandriva_MDVSA_2010_188.nasl |
| 2010-09-22 | Name : Fedora Update for kernel FEDORA-2010-14878 File : nvt/gb_fedora_2010_14878_kernel_fc12.nasl |
| 2010-09-22 | Name : Fedora Update for kernel FEDORA-2010-14890 File : nvt/gb_fedora_2010_14890_kernel_fc13.nasl |
| 2010-09-10 | Name : SuSE Update for kernel SUSE-SA:2010:036 File : nvt/gb_suse_2010_036.nasl |
| 2010-08-30 | Name : Fedora Update for kernel FEDORA-2010-13058 File : nvt/gb_fedora_2010_13058_kernel_fc13.nasl |
| 2010-08-30 | Name : Fedora Update for kernel FEDORA-2010-13110 File : nvt/gb_fedora_2010_13110_kernel_fc12.nasl |
| 2010-08-06 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-966-1 File : nvt/gb_ubuntu_USN_966_1.nasl |
| 2010-06-11 | Name : Mandriva Update for glibc MDVSA-2010:111 (glibc) File : nvt/gb_mandriva_MDVSA_2010_111.nasl |
| 2010-06-11 | Name : Mandriva Update for glibc MDVSA-2010:112 (glibc) File : nvt/gb_mandriva_MDVSA_2010_112.nasl |
| 2010-06-10 | Name : Debian Security Advisory DSA 2058-1 (glibc, eglibc) File : nvt/deb_2058_1.nasl |
| 2010-06-07 | Name : Ubuntu Update for Linux kernel vulnerabilities USN-947-1 File : nvt/gb_ubuntu_USN_947_1.nasl |
| 2010-06-07 | Name : Ubuntu Update for linux regression USN-947-2 File : nvt/gb_ubuntu_USN_947_2.nasl |
| 2010-06-03 | Name : Debian Security Advisory DSA 2053-1 (linux-2.6) File : nvt/deb_2053_1.nasl |
| 2010-05-28 | Name : Ubuntu Update for glibc, eglibc vulnerabilities USN-944-1 File : nvt/gb_ubuntu_USN_944_1.nasl |
| 2010-05-07 | Name : RedHat Update for kernel RHSA-2010:0394-01 File : nvt/gb_RHSA-2010_0394-01_kernel.nasl |
| 2010-04-06 | Name : Mandriva Update for initscripts MDVA-2010:111 (initscripts) File : nvt/gb_mandriva_MDVA_2010_111.nasl |
| 2010-04-06 | Name : Mandriva Update for kdebase4-workspace MDVA-2010:112 (kdebase4-workspace) File : nvt/gb_mandriva_MDVA_2010_112.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 75261 | GNU C Library ld.so $ORIGIN Dynamic String Token RPATH Local Privilege Escala... |
| 73407 | GNU C Library locale/programs/locale.c Output Quoting Localization Environmen... |
| 73048 | Linux Kernel drivers/scsi/mpt2sas/mpt2sas_ctl.c Multiple Function Memory Copy... |
| 73047 | Linux Kernel drivers/scsi/mpt2sas/mpt2sas_ctl.c _ctl_do_mpt_command Function ... |
| 73041 | Linux Kernel fs/nfs/nfs4proc.c __nfs4_proc_set_acl Function kmalloc NFSv4 ACL... |
| 72996 | Linux Kernel fs/partitions/mac.c mac_partition Function Mac OS Partition Tabl... |
| 72796 | GNU C Library fnmatch() Function UTF8 String Handling Stack Corruption A memory corruption flaw exists in glibc. fnmatch() fails to sanitize user-supplied UTF8 strings resulting in memory corruption, allowing a context-dependent attacker to execute arbitrary code. |
| 72100 | GNU C Library posix/fnmatch.c fnmatch() Function Overflow DoS |
| 71972 | Oracle Solaris Kerberos Checksum Acceptability Weakness KDC / KRB-SAFE Messag... Oracle Solaris contains a flaw in the Kerberos component related to the acceptability of checksums. This may allow a remote attacker to modify user-visible prompt text, modify a reponse to a KDC, or forge a KRB-SAFE message via unkeyed checksums or the use of RC4 keys. |
| 71660 | Linux Kernel net/core/sock.c Networking Subsystem Packet Handling Backlog Rem... |
| 71604 | Linux Kernel Generic Receive Offload (GRO) Functionality Malformed VLAN Frame... |
| 71601 | Linux Kernel ethtool IOCTL Handler ethtool_get_regs() Function Local Informat... |
| 71599 | Linux Kernel arch/s390/kernel/traps.c task_show_regs Function Arbitrary Proce... |
| 70909 | Kerberos KDC LDAP Backend Principal Name Handling DoS Kerberos contains a flaw that may allow a remote denial of service. The issue is triggered when the Key Distribution Center improperly processes certain principal names which causes a NULL pointer dereference error, when an LDAP backend is used, allowing a remote attacker to cause a denial of service via a crafted request. |
| 70908 | Kerberos KDC LDAP Backend Unparse Implementation DoS Kerberos contains a flaw that may allow a remote denial of service. The issue is triggered when the unparse implementation in the Key Distribution Center improperly processes certain principal names which trigger backslash escape sequences, when an LDAP backend is used, allowing a remote attacker to cause a denial of service via a crafted request. |
| 70665 | Linux Kernel drivers/media/dvb/ttpci/av7110_ca.c dvb_ca_ioctl() Function Craf... A memory corruption flaw exists in Linux Kernel. The 'dvb_ca_ioctl()' function in 'drivers/media/dvb/ttpci/av7110_ca.c' fails to sanitize user-supplied input, resulting in memory corruption. With a specially crafted IOTCL, a local attacker can execute arbitrary code. |
| 70660 | Linux Kernel on RHEL Xen vbd_create Function blkback Driver Virtual CD-ROM De... The 'vbd_create' function in Xen allows guest OS users to cause a denial of service when attempting to access a virtual CD-ROM through the blkback driver. |
| 70659 | Linux Kernel fs/exec.c Crafted Exec System Call OOM Dodging Local DoS Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when fs/exec.c fails to enable the OOM Killer to assess memory use representing the arguments and environment, allowing a local attacker to use a crafted exec system call to cause an 'OOM dodging issue' denial of service. |
| 70483 | Linux Kernel igb Subsystem drivers/net/igb/igb_main.c igb_receive_skb Functio... Linux Kernel contains a flaw that may allow a remote denial of service. The issue is triggered when the 'igb_receive_skb 'function in 'drivers/net/igb/igb_main.c' in the Intel Gigabit Ethernet subsystem has SR-IOV and promiscuous mode enabled without any VLANs registered. This may allow a remote attacker to cause a NULL pointer dereference and panic denial of service via a VLAN tagged frame. |
| 70477 | Linux Kernel include/asm-x86/futex.h Exception Fixup Page Fault Local DoS Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when include/asm-x86/futex.h fails to properly implement exception fixup, allowing a local user to cause a panic denial of service via an invalid application triggering a page fault. |
| 70380 | Linux Kernel Xen x do_block_io_op Function Production Request Index DoS Linux Kernel Xen contains a flaw that may allow a local denial of service. The issue is triggered when the 'do_block_io_op function' in 'drivers/xen/blkback/blkback.c' and 'drivers/xen/blktap/blktap.c' allow a guest OS user to cause an infinite loop or CPU consumption denial of service via a large production request index to the blkback or blktap-back-end drivers. |
| 70379 | Linux Kernel drivers/bluetooth/hci_ldisc.c hci_uart_tty_open Function NULL De... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'hci_uart_tty_open' function in 'drivers/bluetooth/hci_ldisc.c' fails to properly verify whether the tty has a write operation, allowing a local attacker to cause a NULL pointer dereference denial of service via vectors related to the Bluetooth driver. |
| 70378 | Linux Kernel Locked Socket ICMP Unreachable Message Race Condition Remote DoS Linux Kernel contains a flaw that may allow a remote denial of service. The issue is triggered when a race condition occurs, allowing a remote attacker to cause a panic denial of service via an ICMP unreachable message to an already locked socket, triggering last corruption. |
| 70375 | Linux Kernel net/rds/rdma.c rds_rdma_pages Function RDS Request iovec Struct ... Linux Kernel is prone to an overflow condition. The 'rds_rdma_pages' function in 'net/rds/rdma.c' fails to properly sanitize user-supplied input resulting in an integer overflow. With a specially crafted iovec struct in a reliable datagram sockets (RDS) request a local attacker can cause a denial of service. It is also possible, though not yet confirmed, that this vulnerability would allow the execution of arbitrary code. |
| 70290 | Linux Kernel net/tipc/socket.c get_name Function Local Stack Memory Disclosure Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'get_name' function in 'net/tipc/socket.c' fails to initialize a certain structure, which will disclose potentially sensitive kernel stack memory information to a local attacker. |
| 70264 | Linux Kernel on RHEL net/ipv4/udp.c udp_queue_rcv_skb Function Socket Filter ... Linux Kernel on RHEL contains a flaw that may allow a remote denial of service. The issue is triggered when the 'udp_queue_rcv_skb' function in 'net/ipv4/udp.c' allows attackers to send UDP traffic to a socket that has a crafted socket filter, causing a denial of service. |
| 70228 | Linux Kernel drivers/scsi/bfa/bfa_core.c fc_host Statistics File Read Operati... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when 'drivers/scsi/bfa/bfa_core.c' fails to initialize a certain port data structure, and will result in a denial of service via read operations on an fc_host statistics file. |
| 70226 | Linux Kernel TIPC Implementation Crafted sendmsg Call Integer Signedness Loca... Linux Kernel is prone to an integer signedness error that will allow an overflow condition. The TIPC implementation in the 'tipc_msg_build()' function in 'net/tipc/msg.c' fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted sendmsg call, a local attacker can potentially gain elevated privileges. |
| 69788 | Linux Kernel net/ipv4/inet_diag.c Netlink Message Crafted INET_DIAG_REQ_BYTEC... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when 'net/ipv4/inet_diag.c' fails to properly audit 'INET_DIAG' bytecode, allowing a local attacker to use a crafted 'INET_DIAG_REQ_BYTECODE' instruction in a netlink message containing multiple attribute elements to cause a denial of service via a kernel infinite loop. |
| 69701 | Linux Kernel mm/mmap.c install_special_mapping() Function mmap_min_addr Local... Linux Kernel contains a flaw related to the 'install_special_mapping()' function in mm/mmap.c. It fails to properly restrict mappings below the"mmap_min_addr" sysctl limit, allowing a local attacker to map memory into forbidden areas. |
| 69653 | Linux Kernel fs/aio.c io_submit_one Function IOCB_FLAG_RESFD Flag NULL Derefe... Linux Kernel contains a flaw that may allow a local denial of service. The 'io_submit_one' function in 'fs/aio.c' has a flaw that allows an attacker to cause a denial of service via a maliciously crafted 'io_submit' system call with an 'IOCB_FLAG_RESFD' flag. |
| 69613 | Xen xen/arch/x86/traps.c fixup_page_fault() Function Local DoS Xen contains a flaw that may allow a local denial of service. The issue is triggered when insufficient restriction checks within the 'fixup_page_fault()' function in 'xen/arch/x86/traps.c' are exploited from a guest system to trigger a 'BUG_ON()', which will result in loss of availability. |
| 69610 | MIT Kerberos 5 (krb5) Checksum Acceptability Weakness KDC / KRB-SAFE Message ... MIT Kerberos 5 (krb5) contains a flaw related to the acceptability of checksums. This may allow a remote attacker to modify user-visible prompt text, modify a reponse to a KDC, or forge a KRB-SAFE message via unkeyed checksums or the use of RC4 keys. |
| 69578 | Linux Kernel kernel/exit.c the __exit_signal Function Thread Group Leader Rac... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when a race condition in the '__exit_signal' function in 'kernel/exit.c' is exploited to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in 'kernel/posix-cpu-timers.c', and the selection of a new thread group leader in the 'de_thread' function 'in fs/exec.c'. |
| 69577 | Linux Kernel ipc/sem.c copy_semid_to_user Function semctl Call Local Memory D... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'copy_semid_to_user' function in 'ipc/sem.c' fails to initialize a certain structure, which will disclose potentially sensitive kernel stack memory via a 'IPC_INFO', 'SEM_INFO', 'IPC_STAT' or 'SEM_STAT' semctl system call to a local attacker. |
| 69553 | Linux Kernel sound/pci/rme9652/hdspm.c snd_hdspm_hwdep_ioctl Function SNDRV_H... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'snd_hdspm_hwdep_ioctl' function in 'sound/pci/rme9652/hdspm.c' fails to properly initialize a certain structure occurs, which will disclose potentially sensitive kernel stack memory information via an 'SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO IOCTL' call to a local attacker. |
| 69552 | Linux Kernel sound/pci/rme9652/hdsp.c snd_hdsp_hwdep_ioctl Function SNDRV_HDS... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'snd_hdsp_hwdep_ioctl' function in 'sound/pci/rme9652/hdsp.c' fails to initialize a certain structure, disclosing information from kernel stack memory via an 'SNDRV_HDSP_IOCTL_GET_CONFIG_INFO IOCTL' call to a local attacker. |
| 69551 | Linux Kernel fs/exec.c setup_arg_pages CONFIG_STACK_GROWSDOWN Crafted Exec Sy... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'setup_arg_pages' function in 'fs/exec.c' doesn't properly restrict the stack memory consumption of the 'arguments' or 'environment' when 'CONFIG_STACK_GROWSDOWN' is used, allowing a local attacker to cause a denial of service via a crafted exec system call. |
| 69531 | Linux Kernel ipc Subsystem ipc/compat_mq.c Multiple Function Local Memory Dis... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the ipc Subsystem fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via vectors related to the 'compat_sys_mq_open' and 'compat_sys_mq_getsetattr' functions in 'ipc/compat_mq.c'. |
| 69530 | Linux Kernel ipc Subsystem ipc/compat.c Multiple Function Local Memory Disclo... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the ipc Subsystem fails to properly initialize a certain structure member, allowing a local attacker to obtain sensitive information from kernel stack memory via vectors related to the 'compat_sys_semctl', 'compat_sys_msgctl', and 'compat_sys_shmctl' functions in 'ipc/compat.c'. |
| 69527 | Linux Kernel net/unix/garbage.c wait_for_unix_gc Function SOCK_SEQPACKET Sock... Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when the 'wait_for_unix_gc' function in 'net/unix/garbage.c' fails to properly select times for garbage collection of inflight sockets, allowing a local attacker to cause a denial of service via the 'socketpair' and 'sendmsg' system calls for SOCK_SEQPACKET sockets. |
| 69522 | Linux Kernel drivers/serial/serial_core.c uart_get_count Function TIOCGICOUNT... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'uart_get_count' function in 'drivers/serial/serial_core.c' fails to initially a certain structure member. This allows a local attacker to access sensitive information from kernel stack memory by means of a TIOCGICOUNT IOTCL call. |
| 69521 | Linux Kernel ipc/shm.c copy_shmid_to_user Function shmctl System Call Local M... Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'copy_shmid_to_user' function in 'ipc/shm.c' fails to properly initialize an unspecified structure, which can be exploited via the shmctl system call to disclose kernel stack memory to a local attacker. |
| 69469 | Xen Backend Drivers Kernel Thread Reference Leak DoS Xen contains a flaw that may allow a local denial of service. The issue is triggered due to the backend drivers leaking references to kernel threads, which when exploited by a malicious guest can prevent a proper virtual shutdown, prevent 'xm' commands from functioning properly, and may result in loss of availability for the service. |
| 69424 | Linux Kernel net/sctp/output.c sctp_packet_config Function SCTP Traffic Seque... |
| 69190 | Linux Kernel net/core/filter.c sk_run_filter() Function Stack Memory Disclosure Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when the 'sk_run_filter()' function in 'net/core/filter.c' does not properly initialize a local array, which will disclose kernel stack memory to a local attacker. |
| 69162 | Linux Kernel net/packet/af_packet.c Multiple Function Stack Memory Disclosure Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the 'packet_getname_spkt()' and 'packet_getname()' functions in 'net/packet/af_packet.c' fail to properly initialize a member of a certain structure before copying it to userspace, which will disclose kernel stack memory to a local attacker. |
| 69117 | Linux Kernel net/rds/page.c rds_page_copy_user() Function Local Privilege Esc... Linux Kernel contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the 'rds_page_copy_user' function in 'net/rds/page.c' in the Reliable Datagram Sockets (RDS) protocol implementation fails to validate addresses obtained from user space, allowing a local attacker to make crafted use of the sendmsg and recvmsg system calls to gain elevated privileges. |
| 69013 | Linux Kernel on 64-bit drivers/scsi/gdth.c ioc_general() Function Local Overf... Linux Kernel on 64-bit is prone to an overflow condition. The 'ioc_general' function in 'drivers/scsi/gdth.c' fails to properly sanitize user-supplied input resulting in an integer overflow. With a specially crafted overly large argument in an ioctl call, a local attacker can potentially cause a denial of service. |
| 68721 | GNU C Library Dynamic Linker $ORIGIN Substitution Expansion Weakness Local Pr... The weakness is caused due to dynamic linker expanding the "$ORIGIN" substitution for privileged applications, which can be exploited to gain escalated privileges by e.g. hard linking to a setuid application and forcing the expansion of "$ORIGIN" via "LD_AUDIT". |
| 68631 | Linux Kernel on RHEL VMCS arch/x86/hvm/vmx/vmcs.c Hardware Support Verificati... |
| 68305 | Linux Kernel drivers/net/cxgb3/cxgb3_main.c cxgb_extension_ioctl Function CHE... |
| 68303 | Linux Kernel XFS Inode Allocation Btree Stale NFS Filehandle Unlinked File Ac... |
| 68266 | Linux Kernel sound/core/control.c snd_ctl_new() Function Local Overflow |
| 68177 | Linux Kernel net/sched/act_police.c tcf_act_police_dump Function Network Queu... |
| 68174 | Linux Kernel fs/aio.c do_io_submit Function Crafted io_submit System Call Loc... |
| 68173 | Linux Kernel net/sched/act_skbedit.c tcf_skbedit_dump Function Network Queuei... |
| 68172 | Linux Kernel net/sched/act_simple.c tcf_simp_dump Function Network Queueing A... |
| 68171 | Linux Kernel net/sched/act_nat.c tcf_nat_dump Function Network Queueing Actio... |
| 68170 | Linux Kernel net/sched/act_mirred.c tcf_mirred_dump Function Network Queueing... |
| 68169 | Linux Kernel net/sched/act_gact.c tcf_gact_dump Function Network Queueing Act... |
| 67893 | Linux Kernel eCryptfs Subsystem fs/ecryptfs/messaging.c ecryptfs_uid_hash Mac... |
| 67881 | Linux Kernel fs/xfs/linux-2.6/xfs_ioctl.c xfs_ioc_fsgetxattr() Function Stack... |
| 67366 | Linux Kernel fs/gfs2/dir.c gfs2_dirent_find_space Function GFS2 File System R... |
| 67327 | Linux Kernel fs/ext4/extents.c ext4_ext_get_blocks Function Write / Sync Oper... |
| 65078 | GNU C Library misc/mntent_r.c encode_name Macro Crafted Mount Request Local DoS |
| 62387 | Linux Kernel drivers/usb/core/devio.c Multiple Function Kernel Memory Disclosure |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2012-02-02 | IAVM : 2012-A-0020 - Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity : Category I - VMSKEY : V0031252 |
| 2011-10-27 | IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi Severity : Category I - VMSKEY : V0030545 |
| 2011-08-04 | IAVM : 2011-A-0108 - Multiple Vulnerabilities in VMware ESX Service Console Severity : Category I - VMSKEY : V0029562 |
| 2011-05-12 | IAVM : 2011-A-0066 - Multiple Vulnerabilities in VMware Products Severity : Category I - VMSKEY : V0027158 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | MIT Kerberos libkdb_ldap principal name handling denial of service attempt RuleID : 26759 - Revision : 6 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-08-19 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL09408132.nasl - Type : ACT_GATHER_INFO |
| 2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0007_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-03-04 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2011-0010_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-03-03 | Name : The remote VMware ESXi / ESX host is missing a security-related patch. File : vmware_VMSA-2012-0001_remote.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1832-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0812-1.nasl - Type : ACT_GATHER_INFO |
| 2015-02-02 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0023.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_kerberos_20130924_2.nasl - Type : ACT_GATHER_INFO |
| 2014-11-28 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15885.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2011-0015.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO |
| 2014-11-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0439.nasl - Type : ACT_GATHER_INFO |
| 2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1253.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-342.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-756.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_Kernel-100824.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-100915.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-100921.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-101026.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-101215.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-120104.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_krb5-101201.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_krb5-110209.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-110426.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kernel-120104.nasl - Type : ACT_GATHER_INFO |
| 2013-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201312-01.nasl - Type : ACT_GATHER_INFO |
| 2013-11-13 | Name : The remote VMware ESXi 5.0 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_0_build_515841_remote.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0394.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0661.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0723.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0779.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0792.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0839.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0926.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0936.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-2008.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-2009.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-2011.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0163.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0199.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0200.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0263.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0283.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0303.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0412.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0413.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0421.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0833.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0836.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2010.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2014.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-2016.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0125.nasl - Type : ACT_GATHER_INFO |
| 2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0661.nasl - Type : ACT_GATHER_INFO |
| 2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0723.nasl - Type : ACT_GATHER_INFO |
| 2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO |
| 2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1083-1.nasl - Type : ACT_GATHER_INFO |
| 2013-03-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1093-1.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0660.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0670.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0883.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1321.nasl - Type : ACT_GATHER_INFO |
| 2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-179.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100505_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101019_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101025_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101109_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101110_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101130_krb5_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101201_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110104_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110118_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110118_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110208_krb5_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110216_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110222_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110301_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110404_glibc_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110407_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110412_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110519_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110531_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120213_glibc_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7015.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7164.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7261.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7304.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7384.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7515.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7665.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7915.nasl - Type : ACT_GATHER_INFO |
| 2012-04-23 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12677.nasl - Type : ACT_GATHER_INFO |
| 2012-03-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1396-1.nasl - Type : ACT_GATHER_INFO |
| 2012-02-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0125.nasl - Type : ACT_GATHER_INFO |
| 2012-02-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0125.nasl - Type : ACT_GATHER_INFO |
| 2012-01-31 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0001.nasl - Type : ACT_GATHER_INFO |
| 2012-01-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201201-13.nasl - Type : ACT_GATHER_INFO |
| 2012-01-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7918.nasl - Type : ACT_GATHER_INFO |
| 2011-12-14 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-111202.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_glibc-100709.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_glibc-110517.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_glibc-7574.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7516.nasl - Type : ACT_GATHER_INFO |
| 2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7666.nasl - Type : ACT_GATHER_INFO |
| 2011-11-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-178.nasl - Type : ACT_GATHER_INFO |
| 2011-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1256-1.nasl - Type : ACT_GATHER_INFO |
| 2011-10-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO |
| 2011-09-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1218-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1216-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1212-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-15 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1208-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1203-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1186-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1187-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1183-1.nasl - Type : ACT_GATHER_INFO |
| 2011-08-01 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2011-0010.nasl - Type : ACT_GATHER_INFO |
| 2011-07-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1168-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1170-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1159-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1161-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1164-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1162-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-30 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7568.nasl - Type : ACT_GATHER_INFO |
| 2011-06-29 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1160-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-28 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12775.nasl - Type : ACT_GATHER_INFO |
| 2011-06-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_glibc-110516.nasl - Type : ACT_GATHER_INFO |
| 2011-06-28 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_glibc-7575.nasl - Type : ACT_GATHER_INFO |
| 2011-06-22 | Name : The remote Fedora host is missing a security update. File : fedora_2011-6447.nasl - Type : ACT_GATHER_INFO |
| 2011-06-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2264.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1111-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1119-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1133-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1141-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1146-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2240.nasl - Type : ACT_GATHER_INFO |
| 2011-06-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0836.nasl - Type : ACT_GATHER_INFO |
| 2011-06-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0833.nasl - Type : ACT_GATHER_INFO |
| 2011-05-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0542.nasl - Type : ACT_GATHER_INFO |
| 2011-05-10 | Name : The remote Fedora host is missing a security update. File : fedora_2011-6541.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-101020.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_kernel-101202.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_krb5-101201.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-debug-101215.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_krb5-101201.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_krb5-110209.nasl - Type : ACT_GATHER_INFO |
| 2011-04-29 | Name : The remote VMware ESXi / ESX host is missing a security-related patch. File : vmware_VMSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
| 2011-04-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110414.nasl - Type : ACT_GATHER_INFO |
| 2011-04-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110415.nasl - Type : ACT_GATHER_INFO |
| 2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0163.nasl - Type : ACT_GATHER_INFO |
| 2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0199.nasl - Type : ACT_GATHER_INFO |
| 2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0303.nasl - Type : ACT_GATHER_INFO |
| 2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0412.nasl - Type : ACT_GATHER_INFO |
| 2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
| 2011-04-15 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_4ab413ea66ce11e0bf05d445f3aa24f0.nasl - Type : ACT_GATHER_INFO |
| 2011-04-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0429.nasl - Type : ACT_GATHER_INFO |
| 2011-04-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0421.nasl - Type : ACT_GATHER_INFO |
| 2011-04-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1105-1.nasl - Type : ACT_GATHER_INFO |
| 2011-04-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0412.nasl - Type : ACT_GATHER_INFO |
| 2011-04-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0413.nasl - Type : ACT_GATHER_INFO |
| 2011-03-27 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1092-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-25 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7381.nasl - Type : ACT_GATHER_INFO |
| 2011-03-22 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_6_7.nasl - Type : ACT_GATHER_INFO |
| 2011-03-22 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2011-001.nasl - Type : ACT_GATHER_INFO |
| 2011-03-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1089-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1090-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-09 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110228.nasl - Type : ACT_GATHER_INFO |
| 2011-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1086-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-08 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2134.nasl - Type : ACT_GATHER_INFO |
| 2011-03-03 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1080-2.nasl - Type : ACT_GATHER_INFO |
| 2011-03-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0303.nasl - Type : ACT_GATHER_INFO |
| 2011-03-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1080-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1081-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1071-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1072-1.nasl - Type : ACT_GATHER_INFO |
| 2011-03-01 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1073-1.nasl - Type : ACT_GATHER_INFO |
| 2011-02-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0283.nasl - Type : ACT_GATHER_INFO |
| 2011-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1210.nasl - Type : ACT_GATHER_INFO |
| 2011-02-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1225.nasl - Type : ACT_GATHER_INFO |
| 2011-02-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0263.nasl - Type : ACT_GATHER_INFO |
| 2011-02-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1062-1.nasl - Type : ACT_GATHER_INFO |
| 2011-02-11 | Name : The remote Fedora host is missing a security update. File : fedora_2011-1138.nasl - Type : ACT_GATHER_INFO |
| 2011-02-11 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12672.nasl - Type : ACT_GATHER_INFO |
| 2011-02-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-024.nasl - Type : ACT_GATHER_INFO |
| 2011-02-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-025.nasl - Type : ACT_GATHER_INFO |
| 2011-02-10 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_krb5-110120.nasl - Type : ACT_GATHER_INFO |
| 2011-02-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0199.nasl - Type : ACT_GATHER_INFO |
| 2011-02-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0200.nasl - Type : ACT_GATHER_INFO |
| 2011-02-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1057-1.nasl - Type : ACT_GATHER_INFO |
| 2011-02-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1054-1.nasl - Type : ACT_GATHER_INFO |
| 2011-01-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2153.nasl - Type : ACT_GATHER_INFO |
| 2011-01-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0936.nasl - Type : ACT_GATHER_INFO |
| 2011-01-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
| 2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7303.nasl - Type : ACT_GATHER_INFO |
| 2011-01-24 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_41775.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_glibc-100708.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-100903.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-101007.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-101102.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110104.nasl - Type : ACT_GATHER_INFO |
| 2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-ec2-101103.nasl - Type : ACT_GATHER_INFO |
| 2011-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0162.nasl - Type : ACT_GATHER_INFO |
| 2011-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0163.nasl - Type : ACT_GATHER_INFO |
| 2011-01-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0017.nasl - Type : ACT_GATHER_INFO |
| 2011-01-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0007.nasl - Type : ACT_GATHER_INFO |
| 2011-01-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1009-2.nasl - Type : ACT_GATHER_INFO |
| 2011-01-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1041-1.nasl - Type : ACT_GATHER_INFO |
| 2011-01-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
| 2011-01-06 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2011-0001.nasl - Type : ACT_GATHER_INFO |
| 2011-01-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0004.nasl - Type : ACT_GATHER_INFO |
| 2010-12-26 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18983.nasl - Type : ACT_GATHER_INFO |
| 2010-12-17 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-257.nasl - Type : ACT_GATHER_INFO |
| 2010-12-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7257.nasl - Type : ACT_GATHER_INFO |
| 2010-12-10 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18425.nasl - Type : ACT_GATHER_INFO |
| 2010-12-10 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_11bbccbc03ee11e0bcdb001fc61c2a55.nasl - Type : ACT_GATHER_INFO |
| 2010-12-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1030-1.nasl - Type : ACT_GATHER_INFO |
| 2010-12-09 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18409.nasl - Type : ACT_GATHER_INFO |
| 2010-12-08 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18506.nasl - Type : ACT_GATHER_INFO |
| 2010-12-06 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18493.nasl - Type : ACT_GATHER_INFO |
| 2010-12-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-247.nasl - Type : ACT_GATHER_INFO |
| 2010-12-03 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_krb5-101117.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0926.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2129.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18432.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0936.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_glibc-101025.nasl - Type : ACT_GATHER_INFO |
| 2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-101020.nasl - Type : ACT_GATHER_INFO |
| 2010-12-01 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-245.nasl - Type : ACT_GATHER_INFO |
| 2010-12-01 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-246.nasl - Type : ACT_GATHER_INFO |
| 2010-12-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0925.nasl - Type : ACT_GATHER_INFO |
| 2010-12-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0926.nasl - Type : ACT_GATHER_INFO |
| 2010-11-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2126.nasl - Type : ACT_GATHER_INFO |
| 2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0779.nasl - Type : ACT_GATHER_INFO |
| 2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0792.nasl - Type : ACT_GATHER_INFO |
| 2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0839.nasl - Type : ACT_GATHER_INFO |
| 2010-11-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0842.nasl - Type : ACT_GATHER_INFO |
| 2010-11-16 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201011-01.nasl - Type : ACT_GATHER_INFO |
| 2010-11-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0839.nasl - Type : ACT_GATHER_INFO |
| 2010-10-29 | Name : The remote Fedora host is missing a security update. File : fedora_2010-16826.nasl - Type : ACT_GATHER_INFO |
| 2010-10-29 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-101026.nasl - Type : ACT_GATHER_INFO |
| 2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_glibc-101026.nasl - Type : ACT_GATHER_INFO |
| 2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_glibc-101027.nasl - Type : ACT_GATHER_INFO |
| 2010-10-28 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_glibc-7201.nasl - Type : ACT_GATHER_INFO |
| 2010-10-26 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0792.nasl - Type : ACT_GATHER_INFO |
| 2010-10-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1009-1.nasl - Type : ACT_GATHER_INFO |
| 2010-10-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0779.nasl - Type : ACT_GATHER_INFO |
| 2010-10-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1000-1.nasl - Type : ACT_GATHER_INFO |
| 2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7160.nasl - Type : ACT_GATHER_INFO |
| 2010-10-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-198.nasl - Type : ACT_GATHER_INFO |
| 2010-10-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0723.nasl - Type : ACT_GATHER_INFO |
| 2010-10-06 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12641.nasl - Type : ACT_GATHER_INFO |
| 2010-09-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-188.nasl - Type : ACT_GATHER_INFO |
| 2010-09-24 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-100921.nasl - Type : ACT_GATHER_INFO |
| 2010-09-23 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12646.nasl - Type : ACT_GATHER_INFO |
| 2010-09-22 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14832.nasl - Type : ACT_GATHER_INFO |
| 2010-09-21 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14878.nasl - Type : ACT_GATHER_INFO |
| 2010-09-21 | Name : The remote Fedora host is missing a security update. File : fedora_2010-14890.nasl - Type : ACT_GATHER_INFO |
| 2010-09-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2110.nasl - Type : ACT_GATHER_INFO |
| 2010-09-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-172.nasl - Type : ACT_GATHER_INFO |
| 2010-08-31 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0661.nasl - Type : ACT_GATHER_INFO |
| 2010-08-27 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12636.nasl - Type : ACT_GATHER_INFO |
| 2010-08-24 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13058.nasl - Type : ACT_GATHER_INFO |
| 2010-08-24 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13110.nasl - Type : ACT_GATHER_INFO |
| 2010-08-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2094.nasl - Type : ACT_GATHER_INFO |
| 2010-08-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-966-1.nasl - Type : ACT_GATHER_INFO |
| 2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-112.nasl - Type : ACT_GATHER_INFO |
| 2010-06-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2058.nasl - Type : ACT_GATHER_INFO |
| 2010-06-09 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-111.nasl - Type : ACT_GATHER_INFO |
| 2010-06-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-947-1.nasl - Type : ACT_GATHER_INFO |
| 2010-06-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-947-2.nasl - Type : ACT_GATHER_INFO |
| 2010-05-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2053.nasl - Type : ACT_GATHER_INFO |
| 2010-05-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-944-1.nasl - Type : ACT_GATHER_INFO |
| 2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0394.nasl - Type : ACT_GATHER_INFO |
| 2010-05-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0394.nasl - Type : ACT_GATHER_INFO |
| 2010-05-07 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-7011.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2016-03-05 13:26:43 |
|
| 2014-02-17 12:07:20 |
|
| 2013-12-14 21:19:32 |
|
| 2013-11-11 12:41:40 |
|
| 2013-05-11 00:56:44 |
|
