Test Kennung:	1.3.6.1.4.1.25623.1.0.55136
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Security Advisory RHSA-2005:551
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory RHSA-2005:551. The Linux kernel handles the basic functions of the operating system. This is a kernel maintenance update to Red Hat Enterprise Linux 2.1. The following security issues are corrected: A flaw between execve() syscall handling and core dumping of ELF-format executables allowed local unprivileged users to cause a denial of service (system crash) or possibly gain privileges. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-1263 to this issue. A flaw in ptrace for Itanium architectures was discovered. A local user could use this flaw to cause a denial of service (crash) or possibly gain privileges. (CVE-2005-1761) A race condition in the ia32 compatibility code for the execve system call was discovered. A local user could use this flaw to cause a denial of service (kernel panic) or possibly gain privileges. (CVE-2005-1768) A flaw when freeing a pointer in load_elf_library was discovered. A local user could potentially use this flaw to cause a denial of service (crash). (CVE-2005-0749) The Direct Rendering Manager (DRM) driver did not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) or possibly modify the video output. (CVE-2004-1056) A flaw in the moxa serial driver could allow a local user to perform privileged operations such as replacing the firmware. (CVE-2005-0504) The following bug fixes were also made: - - busy inodes after unmount error on NFS volumes - - Establish 64-bit limits even for 32-bit threads - - Fix a race condition in __get_lease - - Fix error in IDE disk accounting. This last fix causes IO accounting to occur only on READ and WRITE operations. This fixes several bugs in various accounting and statistic utilities. - - Fix kswapd/dquot deadlock bug - - Fix loop control bug in do_shmem_file_read All Red Hat Enterprise Linux 2.1 Itanium users are advised to upgrade their kernels to the packages associated with their machine configurations as listed in this erratum. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-551.html Risk factor : High CVSS Score: 7.2
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0504 BugTraq ID: 12195 http://www.securityfocus.com/bid/12195 Debian Security Information: DSA-1067 (Google Search) http://www.debian.org/security/2006/dsa-1067 Debian Security Information: DSA-1069 (Google Search) http://www.debian.org/security/2006/dsa-1069 Debian Security Information: DSA-1070 (Google Search) http://www.debian.org/security/2006/dsa-1070 Debian Security Information: DSA-1082 (Google Search) http://www.debian.org/security/2006/dsa-1082 http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030660.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9770 http://www.redhat.com/support/errata/RHSA-2005-529.html http://www.redhat.com/support/errata/RHSA-2005-551.html http://www.redhat.com/support/errata/RHSA-2005-663.html http://www.redhat.com/support/errata/RHSA-2008-0237.html http://securitytracker.com/id?1013273 http://secunia.com/advisories/17002 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://secunia.com/advisories/20338 http://secunia.com/advisories/26651 http://secunia.com/advisories/30112 http://www.ubuntu.com/usn/usn-508-1 http://www.vupen.com/english/advisories/2005/1878 Common Vulnerability Exposure (CVE) ID: CVE-2005-0749 BugTraq ID: 12935 http://www.securityfocus.com/bid/12935 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10640 http://www.redhat.com/support/errata/RHSA-2005-293.html http://www.redhat.com/support/errata/RHSA-2005-366.html http://secunia.com/advisories/14713/ http://secunia.com/advisories/19607 SGI Security Advisory: 20060402-01-U ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U https://usn.ubuntu.com/103-1/ XForce ISS Database: kernel-loadelflibrary-dos(19867) https://exchange.xforce.ibmcloud.com/vulnerabilities/19867 Common Vulnerability Exposure (CVE) ID: CVE-2005-1263 BugTraq ID: 13589 http://www.securityfocus.com/bid/13589 Bugtraq: 20050511 Linux kernel ELF core dump privilege elevation (Google Search) http://www.securityfocus.com/archive/1/397966 http://www.securityfocus.com/archive/1/428028/100/0/threaded http://www.securityfocus.com/archive/1/428058/100/0/threaded http://www.securityfocus.com/archive/1/427980/100/0/threaded http://www.isec.pl/vulnerabilities/isec-0023-coredump.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10909 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1122 http://www.redhat.com/support/errata/RHSA-2005-472.html http://secunia.com/advisories/19185 http://www.vupen.com/english/advisories/2005/0524 Common Vulnerability Exposure (CVE) ID: CVE-2005-1768 BugTraq ID: 14205 http://www.securityfocus.com/bid/14205 Bugtraq: 20050711 [ Suresec Advisories ] - Linux kernel ia32 compatibility (ia64/x86-64) (Google Search) http://marc.info/?l=bugtraq&m=112110120216116&w=2 Debian Security Information: DSA-921 (Google Search) http://www.debian.org/security/2005/dsa-921 http://www.suresec.org/advisories/adv4.pdf https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11117 http://securitytracker.com/id?1014442 http://secunia.com/advisories/15980 http://secunia.com/advisories/18059 SuSE Security Announcement: SUSE-SA:2005:044 (Google Search) http://www.novell.com/linux/security/advisories/2005_44_kernel.html Common Vulnerability Exposure (CVE) ID: CVE-2005-1761 BugTraq ID: 14051 http://www.securityfocus.com/bid/14051 Debian Security Information: DSA-1018 (Google Search) http://www.debian.org/security/2006/dsa-1018 Debian Security Information: DSA-922 (Google Search) http://www.debian.org/security/2005/dsa-922 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10487 http://www.redhat.com/support/errata/RHSA-2005-514.html http://securitytracker.com/id?1014275 http://secunia.com/advisories/17073 http://secunia.com/advisories/18056 http://secunia.com/advisories/19369 Common Vulnerability Exposure (CVE) ID: CVE-2004-1056 https://bugzilla.fedora.us/show_bug.cgi?id=2336 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9795 http://www.redhat.com/support/errata/RHSA-2005-092.html https://www.ubuntu.com/usn/usn-38-1/ XForce ISS Database: linux-i810-dma-dos(15972) https://exchange.xforce.ibmcloud.com/vulnerabilities/15972
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.