Test Kennung:	1.3.6.1.4.1.25623.1.0.107017
Kategorie:	Denial of Service
Titel:	Greenbone OS - Kernel Denial of Service Vulnerabilities - June 19
Zusammenfassung:	The Kernel in Greenbone OS is prone to multiple denial of service vulnerabilities.
Beschreibung:	Summary: The Kernel in Greenbone OS is prone to multiple denial of service vulnerabilities. Vulnerability Insight: Multiple TCP Selective Acknowledgement (SACK) and Maximum Segment Size (MSS) networking vulnerabilities may cause denial-of-service conditions in Linux kernels as used in Greenbone OS. Vulnerability Impact: A remote attacker could use this to cause a denial of service or kernel failure (panic) by: - triggering an integer overflow (CVE-2019-11477) - sending a sequence of specifically crafted selective acknowledgements (SACK), that may cause a fragmented TCP queue (CVE-2019-11478) - making use of the default maximum segment size (MSS), which is hard-coded to 48 bytes. This may cause an increase of fragmented packets (CVE-2019-11479). Affected Software/OS: Greenbone OS prior to version 4.2.29, 4.3.14 or 5.0.3 respectively. Solution: Update to Greenbone OS 4.2.29, 4.3.14 or 5.0.3. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-11477 Common Vulnerability Exposure (CVE) ID: CVE-2019-11478 Common Vulnerability Exposure (CVE) ID: CVE-2019-11479
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.