SuSE Local Security Checks : SuSE Security Advisory SUSE-SA:2008:030 (kernel)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.61177
Kategorie:	SuSE Local Security Checks
Titel:	SuSE Security Advisory SUSE-SA:2008:030 (kernel)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory SUSE-SA:2008:030. The Linux kernel update was updated on openSUSE 10.2 and 10.3 to fix the following security problems: CVE-2008-2136: A problem in SIT IPv6 tunnel handling could be used by remote attackers to immediately crash the machine. CVE-2007-6282: A remote attacker could crash the IPSec/IPv6 stack by sending a bad ESP packet. This requires the host to be able to receive such packets (default filtered by the firewall). CVE-2007-5904: A remote buffer overflow in CIFS was fixed which could potentially be used by remote attackers to crash the machine or potentially execute code. CVE-2008-1615: On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine. CVE-2008-2358: A security problem in DCCP was fixed, which could be used by remote attackers to crash the machine. Only a fix for openSUSE 10.2 was necessary. CVE-2008-2148: The permission checking in sys_utimensat was incorrect and local attackers could change the file times of files they do not own to the current time. CVE-2007-6206: An information leakage during core dumping of root processes was fixed. This problem was already fixed for openSUSE 10.3 previously and was now fixed for openSUSE 10.2. CVE-2007-6712: A integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel, when running on 64-bit systems, allows local users to cause a denial of service (infinite loop) via a timer with a large expiry value, which causes the timer to always be expired. CVE-2008-1669: Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking. CVE-2008-1367: Clear the direction flag before calling signal handlers. For specific not yet identified programs under specific timing conditions this could potentially have caused memory corruption or code execution. CVE-2008-1375: Fixed a dnotify race condition, which could be used by local attackers to potentially execute code. CVE-2007-5500: A ptrace bug could be used by local attackers to hang their own processes indefinitely. Also various non security bugs were fixed, please see the RPM changelogs. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2008:030 Risk factor : High CVSS Score: 7.8
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5500 BugTraq ID: 26477 http://www.securityfocus.com/bid/26477 Debian Security Information: DSA-1428 (Google Search) http://www.debian.org/security/2007/dsa-1428 https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00170.html https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00032.html https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00302.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:008 http://www.mandriva.com/security/advisories?name=MDVSA-2008:044 http://www.mandriva.com/security/advisories?name=MDVSA-2008:112 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9868 RedHat Security Advisories: RHSA-2008:0055 http://rhn.redhat.com/errata/RHSA-2008-0055.html http://secunia.com/advisories/27664 http://secunia.com/advisories/27703 http://secunia.com/advisories/27888 http://secunia.com/advisories/27919 http://secunia.com/advisories/27922 http://secunia.com/advisories/28033 http://secunia.com/advisories/28170 http://secunia.com/advisories/28706 http://secunia.com/advisories/28748 http://secunia.com/advisories/28971 http://secunia.com/advisories/29245 http://secunia.com/advisories/30818 http://secunia.com/advisories/30962 SuSE Security Announcement: SUSE-SA:2007:063 (Google Search) http://www.novell.com/linux/security/advisories/2007_63_kernel.html SuSE Security Announcement: SUSE-SA:2008:013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html SuSE Security Announcement: SUSE-SA:2008:030 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html SuSE Security Announcement: SUSE-SA:2008:032 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html http://www.ubuntu.com/usn/usn-558-1 http://www.ubuntu.com/usn/usn-574-1 http://www.ubuntu.com/usn/usn-578-1 http://www.vupen.com/english/advisories/2007/3902 XForce ISS Database: linux-kernel-waittaskstopped-dos(38547) https://exchange.xforce.ibmcloud.com/vulnerabilities/38547 Common Vulnerability Exposure (CVE) ID: CVE-2007-5904 BugTraq ID: 26438 http://www.securityfocus.com/bid/26438 Bugtraq: 20080208 rPSA-2008-0048-1 kernel (Google Search) http://www.securityfocus.com/archive/1/487808/100/0/threaded http://marc.info/?l=linux-kernel&m=119455843205403&w=2 http://marc.info/?l=linux-kernel&m=119457447724276&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9901 http://www.redhat.com/support/errata/RHSA-2008-0089.html http://www.redhat.com/support/errata/RHSA-2008-0167.html http://www.securitytracker.com/id?1019612 http://secunia.com/advisories/27666 http://secunia.com/advisories/27912 http://secunia.com/advisories/28643 http://secunia.com/advisories/28826 http://secunia.com/advisories/29387 http://secunia.com/advisories/29570 http://secunia.com/advisories/30769 SuSE Security Announcement: SUSE-SA:2007:064 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html SuSE Security Announcement: SUSE-SA:2008:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html http://www.ubuntu.com/usn/usn-618-1 http://www.vupen.com/english/advisories/2007/3860 XForce ISS Database: kernel-cifsvfs-sendreceive-bo(38450) https://exchange.xforce.ibmcloud.com/vulnerabilities/38450 Common Vulnerability Exposure (CVE) ID: CVE-2007-6206 BugTraq ID: 26701 http://www.securityfocus.com/bid/26701 Debian Security Information: DSA-1436 (Google Search) http://www.debian.org/security/2007/dsa-1436 Debian Security Information: DSA-1503 (Google Search) http://www.debian.org/security/2008/dsa-1503 Debian Security Information: DSA-1504 (Google Search) http://www.debian.org/security/2008/dsa-1504 http://www.mandriva.com/security/advisories?name=MDVSA-2008:086 http://lists.vmware.com/pipermail/security-announce/2008/000023.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10719 http://www.redhat.com/support/errata/RHSA-2008-0211.html http://www.redhat.com/support/errata/RHSA-2008-0787.html http://secunia.com/advisories/27908 http://secunia.com/advisories/28141 http://secunia.com/advisories/28889 http://secunia.com/advisories/29058 http://secunia.com/advisories/30110 http://secunia.com/advisories/31246 http://secunia.com/advisories/33280 SuSE Security Announcement: SUSE-SA:2008:007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html http://www.vupen.com/english/advisories/2007/4090 http://www.vupen.com/english/advisories/2008/2222/references XForce ISS Database: kernel-core-dump-information-disclosure(38841) https://exchange.xforce.ibmcloud.com/vulnerabilities/38841 Common Vulnerability Exposure (CVE) ID: CVE-2007-6282 BugTraq ID: 29081 http://www.securityfocus.com/bid/29081 Debian Security Information: DSA-1630 (Google Search) http://www.debian.org/security/2008/dsa-1630 https://bugzilla.redhat.com/show_bug.cgi?id=404291 http://marc.info/?l=linux-netdev&m=120372380411259&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10549 http://www.redhat.com/support/errata/RHSA-2008-0237.html http://www.redhat.com/support/errata/RHSA-2008-0275.html http://www.redhat.com/support/errata/RHSA-2008-0585.html http://secunia.com/advisories/30112 http://secunia.com/advisories/30294 http://secunia.com/advisories/30890 http://secunia.com/advisories/31107 http://secunia.com/advisories/31551 http://secunia.com/advisories/31628 SuSE Security Announcement: SUSE-SA:2008:031 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00000.html http://www.ubuntu.com/usn/usn-625-1 XForce ISS Database: linux-kernel-esp-dos(42276) https://exchange.xforce.ibmcloud.com/vulnerabilities/42276 Common Vulnerability Exposure (CVE) ID: CVE-2007-6712 BugTraq ID: 29294 http://www.securityfocus.com/bid/29294 Debian Security Information: DSA-1588 (Google Search) http://www.debian.org/security/2008/dsa-1588 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9210 http://secunia.com/advisories/30368 XForce ISS Database: linux-kernel-hrtimerforward-dos(41827) https://exchange.xforce.ibmcloud.com/vulnerabilities/41827 Common Vulnerability Exposure (CVE) ID: CVE-2008-0600 BugTraq ID: 27704 http://www.securityfocus.com/bid/27704 BugTraq ID: 27801 http://www.securityfocus.com/bid/27801 Bugtraq: 20080212 rPSA-2008-0052-1 kernel (Google Search) http://www.securityfocus.com/archive/1/488009/100/0/threaded Debian Security Information: DSA-1494 (Google Search) http://www.debian.org/security/2008/dsa-1494 https://www.exploit-db.com/exploits/5092 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00270.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00485.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:043 http://marc.info/?l=linux-kernel&m=120263652322197&w=2 http://marc.info/?l=linux-kernel&m=120264520431307&w=2 http://marc.info/?l=linux-kernel&m=120264773202422&w=2 http://marc.info/?l=linux-kernel&m=120266328220808&w=2 http://marc.info/?l=linux-kernel&m=120266353621139&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11358 http://www.redhat.com/support/errata/RHSA-2008-0129.html http://securitytracker.com/id?1019393 http://secunia.com/advisories/28835 http://secunia.com/advisories/28858 http://secunia.com/advisories/28875 http://secunia.com/advisories/28896 http://secunia.com/advisories/28912 http://secunia.com/advisories/28925 http://secunia.com/advisories/28933 http://secunia.com/advisories/28937 http://www.ubuntu.com/usn/usn-577-1 http://www.vupen.com/english/advisories/2008/0487/references Common Vulnerability Exposure (CVE) ID: CVE-2008-1367 BugTraq ID: 29084 http://www.securityfocus.com/bid/29084 http://lwn.net/Articles/272048/#Comments http://gcc.gnu.org/ml/gcc-patches/2008-03/msg00428.html http://gcc.gnu.org/ml/gcc-patches/2008-03/msg00432.html http://gcc.gnu.org/ml/gcc-patches/2008-03/msg00417.html http://gcc.gnu.org/ml/gcc-patches/2008-03/msg00499.html http://marc.info/?l=git-commits-head&m=120492000901739&w=2 http://lkml.org/lkml/2008/3/5/207 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11108 http://www.redhat.com/support/errata/RHSA-2008-0233.html RedHat Security Advisories: RHSA-2008:0508 http://rhn.redhat.com/errata/RHSA-2008-0508.html http://secunia.com/advisories/30116 http://secunia.com/advisories/30850 XForce ISS Database: gcc-cld-dos(41340) https://exchange.xforce.ibmcloud.com/vulnerabilities/41340 Common Vulnerability Exposure (CVE) ID: CVE-2008-1375 BugTraq ID: 29003 http://www.securityfocus.com/bid/29003 Bugtraq: 20080507 rPSA-2008-0157-1 kernel (Google Search) http://www.securityfocus.com/archive/1/491566/100/0/threaded http://www.securityfocus.com/archive/1/491732/100/0/threaded Debian Security Information: DSA-1565 (Google Search) http://www.debian.org/security/2008/dsa-1565 https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00232.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:104 http://www.mandriva.com/security/advisories?name=MDVSA-2008:105 http://www.mandriva.com/security/advisories?name=MDVSA-2008:167 http://marc.info/?l=linux-kernel&m=120967963803205&w=2 http://marc.info/?l=linux-kernel&m=120967964303224&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11843 http://www.securitytracker.com/id?1019959 http://secunia.com/advisories/30017 http://secunia.com/advisories/30018 http://secunia.com/advisories/30044 http://secunia.com/advisories/30108 http://secunia.com/advisories/30260 http://secunia.com/advisories/30515 https://usn.ubuntu.com/614-1/ http://www.vupen.com/english/advisories/2008/1406/references http://www.vupen.com/english/advisories/2008/1452/references XForce ISS Database: linux-kernel-dnotify-privilege-escalation(42131) https://exchange.xforce.ibmcloud.com/vulnerabilities/42131 Common Vulnerability Exposure (CVE) ID: CVE-2008-1615 BugTraq ID: 29086 http://www.securityfocus.com/bid/29086 https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00357.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:174 https://bugzilla.redhat.com/show_bug.cgi?id=431430 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9563 http://www.securitytracker.com/id?1020047 http://secunia.com/advisories/30252 http://secunia.com/advisories/30982 SuSE Security Announcement: SUSE-SA:2008:035 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html SuSE Security Announcement: SUSE-SA:2008:038 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html XForce ISS Database: linux-kernel-processtrace-dos(42278) https://exchange.xforce.ibmcloud.com/vulnerabilities/42278 Common Vulnerability Exposure (CVE) ID: CVE-2008-1669 BugTraq ID: 29076 http://www.securityfocus.com/bid/29076 Bugtraq: 20080507 rPSA-2008-0162-1 kernel (Google Search) http://www.securityfocus.com/archive/1/491740/100/0/threaded Debian Security Information: DSA-1575 (Google Search) http://www.debian.org/security/2008/dsa-1575 https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00294.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10065 http://www.securitytracker.com/id?1019974 http://secunia.com/advisories/30077 http://secunia.com/advisories/30101 http://secunia.com/advisories/30164 http://secunia.com/advisories/30276 http://www.vupen.com/english/advisories/2008/1451/references XForce ISS Database: linux-kernel-fcntlsetlk-dos(42242) https://exchange.xforce.ibmcloud.com/vulnerabilities/42242 Common Vulnerability Exposure (CVE) ID: CVE-2008-2136 BugTraq ID: 29235 http://www.securityfocus.com/bid/29235 http://marc.info/?l=linux-netdev&m=121031533024912&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6503 http://www.redhat.com/support/errata/RHSA-2008-0607.html http://www.redhat.com/support/errata/RHSA-2008-0612.html http://www.redhat.com/support/errata/RHSA-2008-0973.html http://www.securitytracker.com/id?1020118 http://secunia.com/advisories/30198 http://secunia.com/advisories/30241 http://secunia.com/advisories/30499 http://secunia.com/advisories/31198 http://secunia.com/advisories/31341 http://secunia.com/advisories/31689 http://secunia.com/advisories/33201 http://www.vupen.com/english/advisories/2008/1543/references http://www.vupen.com/english/advisories/2008/1716/references XForce ISS Database: linux-kernel-ipip6rcv-dos(42451) https://exchange.xforce.ibmcloud.com/vulnerabilities/42451 Common Vulnerability Exposure (CVE) ID: CVE-2008-2148 BugTraq ID: 29134 http://www.securityfocus.com/bid/29134 XForce ISS Database: linux-kernel-sysutimensat-dos(42342) https://exchange.xforce.ibmcloud.com/vulnerabilities/42342 Common Vulnerability Exposure (CVE) ID: CVE-2008-2358 BugTraq ID: 29603 http://www.securityfocus.com/bid/29603 Debian Security Information: DSA-1592 (Google Search) http://www.debian.org/security/2008/dsa-1592 https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00082.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9644 http://www.redhat.com/support/errata/RHSA-2008-0519.html http://www.securitytracker.com/id?1020211 http://secunia.com/advisories/30000 http://secunia.com/advisories/30849 http://secunia.com/advisories/30920 XForce ISS Database: linux-kernel-dccpfeatchange-bo(43034) https://exchange.xforce.ibmcloud.com/vulnerabilities/43034
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com