Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

CVE Kennung:CVE-2010-3904
Beschreibung:The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
Test Kennungen: 1.3.6.1.4.1.25623.1.0.68515   1.3.6.1.4.1.25623.1.0.68309   1.3.6.1.4.1.25623.1.0.68355   1.3.6.1.4.1.25623.1.0.122303   1.3.6.1.4.1.25623.1.0.880640  
Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2010-3904
Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/520102/100/0/threaded
CERT/CC vulnerability note: VU#362983
http://www.kb.cert.org/vuls/id/362983
https://www.exploit-db.com/exploits/44677/
http://packetstormsecurity.com/files/155751/vReliable-Datagram-Sockets-RDS-rds_page_copy_user-Privilege-Escalation.html
http://www.vsecurity.com/download/tools/linux-rds-exploit.c
http://www.vsecurity.com/resources/advisory/20101019-1/
RedHat Security Advisories: RHSA-2010:0792
http://www.redhat.com/support/errata/RHSA-2010-0792.html
RedHat Security Advisories: RHSA-2010:0842
http://www.redhat.com/support/errata/RHSA-2010-0842.html
http://securitytracker.com/id?1024613
http://secunia.com/advisories/46397
SuSE Security Announcement: SUSE-SA:2010:053 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00008.html
SuSE Security Announcement: SUSE-SA:2010:057 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00004.html
SuSE Security Announcement: SUSE-SA:2011:007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
http://www.ubuntu.com/usn/USN-1000-1
http://www.vupen.com/english/advisories/2011/0298




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.