Test Kennung:	1.3.6.1.4.1.25623.1.0.54310
Kategorie:	Trustix Local Security Checks
Titel:	Trustix Security Advisory TSLSA-2005-0011 (kernel)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory TSLSA-2005-0011. Mathieu Lafon didcovered an information leak in the ext2 mkdir() function where random kernel memory is written to disk. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0400 to this issue. Herbert Xu discovered a potential DOS in load_elf_library. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0749 to this issue. Ilja van Sprundel discovered an exploitable integer overflow in af_bluetooth which could lead to priviliege escalation. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0750 to this issue. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2005-0011 Risk factor : High CVSS Score: 7.2
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0400 BugTraq ID: 12932 http://www.securityfocus.com/bid/12932 Bugtraq: 20050401 Information leak in the Linux kernel ext2 implementation (Google Search) http://marc.info/?l=bugtraq&m=111238764720696&w=2 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532 http://arkoon.net/advisories/ext2-make-empty-leak.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10336 http://www.redhat.com/support/errata/RHSA-2005-366.html http://www.redhat.com/support/errata/RHSA-2005-663.html http://www.redhat.com/support/errata/RHSA-2006-0190.html http://www.redhat.com/support/errata/RHSA-2006-0191.html http://secunia.com/advisories/14713/ http://secunia.com/advisories/17002 http://secunia.com/advisories/18684 https://usn.ubuntu.com/103-1/ http://www.vupen.com/english/advisories/2005/1878 XForce ISS Database: kernel-ext2-information-disclosure(19866) https://exchange.xforce.ibmcloud.com/vulnerabilities/19866 Common Vulnerability Exposure (CVE) ID: CVE-2005-0749 BugTraq ID: 12935 http://www.securityfocus.com/bid/12935 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10640 http://www.redhat.com/support/errata/RHSA-2005-293.html http://www.redhat.com/support/errata/RHSA-2005-529.html http://www.redhat.com/support/errata/RHSA-2005-551.html http://secunia.com/advisories/19607 SGI Security Advisory: 20060402-01-U ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U XForce ISS Database: kernel-loadelflibrary-dos(19867) https://exchange.xforce.ibmcloud.com/vulnerabilities/19867 Common Vulnerability Exposure (CVE) ID: CVE-2005-0750 BugTraq ID: 12911 http://www.securityfocus.com/bid/12911 Bugtraq: 20050327 local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5 (Google Search) http://marc.info/?l=bugtraq&m=111204562102633&w=2 http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11719 http://www.redhat.com/support/errata/RHSA-2005-283.html http://www.redhat.com/support/errata/RHSA-2005-284.html XForce ISS Database: kernel-bluezsockcreate-integer-underflow(19844) https://exchange.xforce.ibmcloud.com/vulnerabilities/19844
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.