Búsqueda de    
Vulnerabilidad   
    Buscar 191973 Descripciones CVE y
86218 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de CVE:CVE-2010-2524
Descripción:The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a "cache stuffing" issue and MS- DFS referrals.
Prueba de IDs: 1.3.6.1.4.1.25623.1.0.67795   1.3.6.1.4.1.25623.1.0.67797   1.3.6.1.4.1.25623.1.0.69970  
Referencias Cruzadas: Common Vulnerability Exposure (CVE) ID: CVE-2010-2524
Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search)
http://www.securityfocus.com/archive/1/516397/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2010:172
http://marc.info/?l=oss-security&m=128072090331700&w=2
http://marc.info/?l=oss-security&m=128078387328921&w=2
http://marc.info/?l=oss-security&m=128080755321157&w=2
RedHat Security Advisories: RHSA-2010:0610
http://www.redhat.com/support/errata/RHSA-2010-0610.html
http://secunia.com/advisories/43315
SuSE Security Announcement: SUSE-SA:2010:040 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html
http://www.ubuntu.com/usn/USN-1000-1




© 1998-2021 E-Soft Inc. Todos los derechos reservados.