ID de Prueba:	1.3.6.1.4.1.25623.1.0.68020
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2010:0704
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2010:0704. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * The compat_alloc_user_space() function in the Linux kernel 32/64-bit compatibility layer implementation was missing sanity checks. This function could be abused in other areas of the Linux kernel if its length argument can be controlled from user-space. On 64-bit systems, a local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-3081, Important) Red Hat would like to thank Ben Hawkes for reporting this issue. Red Hat is aware that a public exploit for this issue is available. Refer to Knowledgebase article DOC-40265 for further details: https://access.redhat.com/kb/docs/DOC-40265 Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0704.html http://www.redhat.com/security/updates/classification/#important Risk factor : High CVSS Score: 7.2
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3081 Bugtraq: 20101130 VMSA-2010-0017 VMware ESX third party update for Service Console kerne (Google Search) http://www.securityfocus.com/archive/1/514938/30/30/threaded Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search) http://www.securityfocus.com/archive/1/516397/100/0/threaded http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0273.html http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0278.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 http://www.mandriva.com/security/advisories?name=MDVSA-2010:214 http://www.mandriva.com/security/advisories?name=MDVSA-2010:247 http://blog.ksplice.com/2010/09/cve-2010-3081/ http://isc.sans.edu/diary.html?storyid=9574 http://sota.gen.nz/compat1/ http://marc.info/?l=oss-security&m=128461522230211&w=2 http://www.redhat.com/support/errata/RHSA-2010-0758.html http://www.redhat.com/support/errata/RHSA-2010-0842.html http://www.redhat.com/support/errata/RHSA-2010-0882.html http://secunia.com/advisories/42384 http://secunia.com/advisories/43315 SuSE Security Announcement: SUSE-SA:2010:050 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html SuSE Security Announcement: SUSE-SA:2011:007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html SuSE Security Announcement: SUSE-SR:2010:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://www.vupen.com/english/advisories/2010/3083 http://www.vupen.com/english/advisories/2010/3117 http://www.vupen.com/english/advisories/2011/0298
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.