English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.54283
Kategorie:Trustix Local Security Checks
Titel:Trustix Security Advisory TSLSA-2004-0020 (kernel)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory TSLSA-2004-0020.


CVE-2004-0109:
zen-parse discovered a buffer overflow vulnerability in the
ISO9660 filesystem component of Linux kernel which could be abused
by an attacker to gain unauthorised root access. Sebastian
Krahmer and Ernie Petrides developed a correction for this.

CVE-2004-0133:
Usage of not properly initialized memory in the XFS code was
discovered. This lead to an information leakage where some blocks
in the file system would contain old data from the system memory.

CVE-2004-0177:
Usage of not properly initialized memory in the ext3 code was
discovered by Solar Designer of the Openwall project. This lead to
an information leakage where some blocks in the file system would
contain old data from the system memory. This was the first such
vulnerability discovered, and directly lead to XFS and JFS being
checked for this.

CVE-2004-0181:
Usage of not properly initialized memory in the JFS code was
discovered. This lead to an information leakage where some blocks
in the file system would contain old data from the system memory.


Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2004-0020

Risk factor : Medium

CVSS Score:
5.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2004-0109
BugTraq ID: 10141
http://www.securityfocus.com/bid/10141
Computer Incident Advisory Center Bulletin: O-121
http://www.ciac.org/ciac/bulletins/o-121.shtml
Computer Incident Advisory Center Bulletin: O-127
http://www.ciac.org/ciac/bulletins/o-127.shtml
Conectiva Linux advisory: CLA-2004:846
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846
Debian Security Information: DSA-479 (Google Search)
http://www.debian.org/security/2004/dsa-479
Debian Security Information: DSA-480 (Google Search)
http://www.debian.org/security/2004/dsa-480
Debian Security Information: DSA-481 (Google Search)
http://www.debian.org/security/2004/dsa-481
Debian Security Information: DSA-482 (Google Search)
http://www.debian.org/security/2004/dsa-482
Debian Security Information: DSA-489 (Google Search)
http://www.debian.org/security/2004/dsa-489
Debian Security Information: DSA-491 (Google Search)
http://www.debian.org/security/2004/dsa-491
Debian Security Information: DSA-495 (Google Search)
http://www.debian.org/security/2004/dsa-495
En Garde Linux Advisory: ESA-20040428-004
http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html
http://security.gentoo.org/glsa/glsa-200407-02.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:029
http://www.idefense.com/application/poi/display?id=101&type=vulnerabilities
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10733
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A940
http://www.redhat.com/support/errata/RHSA-2004-105.html
http://www.redhat.com/support/errata/RHSA-2004-106.html
RedHat Security Advisories: RHSA-2004:166
http://rhn.redhat.com/errata/RHSA-2004-166.html
http://www.redhat.com/support/errata/RHSA-2004-183.html
http://secunia.com/advisories/11361
http://secunia.com/advisories/11362
http://secunia.com/advisories/11373
http://secunia.com/advisories/11429
http://secunia.com/advisories/11464
http://secunia.com/advisories/11469
http://secunia.com/advisories/11470
http://secunia.com/advisories/11486
http://secunia.com/advisories/11494
http://secunia.com/advisories/11518
http://secunia.com/advisories/11626
http://secunia.com/advisories/11861
http://secunia.com/advisories/11891
http://secunia.com/advisories/11986
http://secunia.com/advisories/12003
SGI Security Advisory: 20040405-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040405-01-U.asc
SGI Security Advisory: 20040504-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc
SuSE Security Announcement: SuSE-SA:2004:009 (Google Search)
http://www.novell.com/linux/security/advisories/2004_09_kernel.html
http://marc.info/?l=bugtraq&m=108213675028441&w=2
TurboLinux Advisory: TLSA-2004-14
http://www.turbolinux.com/security/2004/TLSA-2004-14.txt
XForce ISS Database: linux-iso9660-bo(15866)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15866
Common Vulnerability Exposure (CVE) ID: CVE-2004-0133
BugTraq ID: 10151
http://www.securityfocus.com/bid/10151
XForce ISS Database: linux-xfs-info-disclosure(15901)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15901
Common Vulnerability Exposure (CVE) ID: CVE-2004-0177
BugTraq ID: 10152
http://www.securityfocus.com/bid/10152
Computer Incident Advisory Center Bulletin: O-126
http://www.ciac.org/ciac/bulletins/o-126.shtml
https://bugzilla.fedora.us/show_bug.cgi?id=2336
http://linux.bkbits.net:8080/linux-2.4/cset@4056b368s6vpJbGWxDD_LhQNYQrdzQ
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10556
http://www.redhat.com/support/errata/RHSA-2004-504.html
http://www.redhat.com/support/errata/RHSA-2004-505.html
http://www.redhat.com/support/errata/RHSA-2005-293.html
XForce ISS Database: linux-ext3-info-disclosure(15867)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15867
Common Vulnerability Exposure (CVE) ID: CVE-2004-0181
BugTraq ID: 10143
http://www.securityfocus.com/bid/10143
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10329
http://www.redhat.com/support/errata/RHSA-2005-663.html
http://secunia.com/advisories/17002
http://www.vupen.com/english/advisories/2005/1878
XForce ISS Database: linux-jfs-info-disclosure(15902)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15902
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.