ID de Prueba:	1.3.6.1.4.1.25623.1.0.71687
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu USN-1457-1 (linux-image-2.6.38-15-generic)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to linux-image-2.6.38-15-generic announced via advisory USN-1457-1. Details: Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. (CVE-2011-4131) A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. (CVE-2012-1601) A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. (CVE-2012-2123) Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges. (CVE-2012-2133) Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: linux-image-2.6.38-15-generic 2.6.38-15.60 linux-image-2.6.38-15-generic-pae 2.6.38-15.60 linux-image-2.6.38-15-omap 2.6.38-15.60 linux-image-2.6.38-15-powerpc 2.6.38-15.60 linux-image-2.6.38-15-powerpc-smp 2.6.38-15.60 linux-image-2.6.38-15-powerpc64-smp 2.6.38-15.60 linux-image-2.6.38-15-server 2.6.38-15.60 linux-image-2.6.38-15-versatile 2.6.38-15.60 linux-image-2.6.38-15-virtual 2.6.38-15.60 http://www.securityspace.com/smysecure/catid.html?in=USN-1457-1 CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:NR/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4131 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081280.html http://www.openwall.com/lists/oss-security/2011/11/12/1 RedHat Security Advisories: RHSA-2012:0862 http://rhn.redhat.com/errata/RHSA-2012-0862.html RedHat Security Advisories: RHSA-2012:1541 http://rhn.redhat.com/errata/RHSA-2012-1541.html http://secunia.com/advisories/48898 SuSE Security Announcement: SUSE-SU-2012:0554 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html SuSE Security Announcement: openSUSE-SU-2013:0925 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html Common Vulnerability Exposure (CVE) ID: CVE-2012-1601 Debian Security Information: DSA-2469 (Google Search) http://www.debian.org/security/2012/dsa-2469 http://www.openwall.com/lists/oss-security/2012/03/30/1 RedHat Security Advisories: RHSA-2012:0571 http://rhn.redhat.com/errata/RHSA-2012-0571.html RedHat Security Advisories: RHSA-2012:0676 http://rhn.redhat.com/errata/RHSA-2012-0676.html http://www.securitytracker.com/id?1026897 http://secunia.com/advisories/49928 SuSE Security Announcement: SUSE-SU-2012:1679 (Google Search) https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html Common Vulnerability Exposure (CVE) ID: CVE-2012-2121 http://www.openwall.com/lists/oss-security/2012/04/19/16 RedHat Security Advisories: RHSA-2012:0743 http://rhn.redhat.com/errata/RHSA-2012-0743.html http://www.securitytracker.com/id?1027083 http://secunia.com/advisories/50732 http://www.ubuntu.com/usn/USN-1577-1 http://www.ubuntu.com/usn/USN-2036-1 http://www.ubuntu.com/usn/USN-2037-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-2123 BugTraq ID: 53166 http://www.securityfocus.com/bid/53166 http://www.openwall.com/lists/oss-security/2012/04/20/6 RedHat Security Advisories: RHSA-2012:0670 http://rhn.redhat.com/errata/RHSA-2012-0670.html http://www.securitytracker.com/id?1027072 XForce ISS Database: linux-kernel-fcaps-sec-bypass(75043) https://exchange.xforce.ibmcloud.com/vulnerabilities/75043 Common Vulnerability Exposure (CVE) ID: CVE-2012-2133 BugTraq ID: 53233 http://www.securityfocus.com/bid/53233 http://www.openwall.com/lists/oss-security/2012/04/24/12 SuSE Security Announcement: SUSE-SU-2012:0616 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html XForce ISS Database: linux-kernel-hugepages-dos(75168) https://exchange.xforce.ibmcloud.com/vulnerabilities/75168
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.