CVE Kennung:	CVE-2007-3848
Beschreibung:	Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal (PR_SET_PDEATHSIG).
Test Kennungen:	1.3.6.1.4.1.25623.1.0.59600   1.3.6.1.4.1.25623.1.0.59701
Querverweise:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3848 BugTraq ID: 25387 http://www.securityfocus.com/bid/25387 Bugtraq: 20070814 COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability (Google Search) http://www.securityfocus.com/archive/1/476464/100/0/threaded Bugtraq: 20070814 COSEINC Linux Advisory #1: Linux Kernel Parent Process DeathSignal Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=118711306802632&w=2 Bugtraq: 20070814 Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability (Google Search) http://www.securityfocus.com/archive/1/476538/100/0/threaded Bugtraq: 20070815 Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability (Google Search) http://www.securityfocus.com/archive/1/476677/100/0/threaded Bugtraq: 20070816 Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability (Google Search) http://www.securityfocus.com/archive/1/476803/100/0/threaded Debian Security Information: DSA-1356 (Google Search) http://www.debian.org/security/2007/dsa-1356 Debian Security Information: DSA-1503 (Google Search) http://www.debian.org/security/2008/dsa-1503 Debian Security Information: DSA-1504 (Google Search) http://www.debian.org/security/2008/dsa-1504 http://www.mandriva.com/security/advisories?name=MDKSA-2007:195 http://www.mandriva.com/security/advisories?name=MDKSA-2007:196 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-3848 http://marc.info/?l=openwall-announce&m=118710356812637&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10120 RedHat Security Advisories: RHSA-2007:0939 http://www.redhat.com/support/errata/RHSA-2007-0939.html RedHat Security Advisories: RHSA-2007:0940 http://www.redhat.com/support/errata/RHSA-2007-0940.html RedHat Security Advisories: RHSA-2007:1049 http://www.redhat.com/support/errata/RHSA-2007-1049.html RedHat Security Advisories: RHSA-2008:0787 http://www.redhat.com/support/errata/RHSA-2008-0787.html http://secunia.com/advisories/26450 http://secunia.com/advisories/26500 http://secunia.com/advisories/26643 http://secunia.com/advisories/26651 http://secunia.com/advisories/26664 http://secunia.com/advisories/27212 http://secunia.com/advisories/27227 http://secunia.com/advisories/27322 http://secunia.com/advisories/27436 http://secunia.com/advisories/27747 http://secunia.com/advisories/27913 http://secunia.com/advisories/28806 http://secunia.com/advisories/29058 http://secunia.com/advisories/29570 http://secunia.com/advisories/33280 SuSE Security Announcement: SUSE-SA:2007:053 (Google Search) http://www.novell.com/linux/security/advisories/2007_53_kernel.html SuSE Security Announcement: SUSE-SA:2008:006 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html SuSE Security Announcement: SUSE-SA:2008:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html http://www.ubuntu.com/usn/usn-508-1 http://www.ubuntu.com/usn/usn-509-1 http://www.ubuntu.com/usn/usn-510-1