Anfälligkeitssuche        Suche in 202850 CVE Beschreibungen
und 87302 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.68992
Kategorie:Debian Local Security Checks
Titel:Debian Security Advisory DSA 2153-1 (linux-2.6)
Zusammenfassung:The remote host is missing an update to linux-2.6;announced via advisory DSA 2153-1.
Beschreibung:Summary:
The remote host is missing an update to linux-2.6
announced via advisory DSA 2153-1.

Vulnerability Insight:
CVE-2010-0435
Gleb Napatov reported an issue in the KVM subsystem that allows virtual
machines to cause a denial of service of the host machine.

CVE-2010-3699
Keir Fraser provided a fix for an issue in the Xen subsystem.

CVE-2010-4158
Dan Rosenberg discovered an issue in the socket filters subsystem.

CVE-2010-4162
Dan Rosenberg discovered an overflow issue in the block I/O subsystem.

CVE-2010-4163
Dan Rosenberg discovered an issue in the block I/O subsystem.

CVE-2010-4242
Alan Cox reported an issue in the Bluetooth subsystem.

CVE-2010-4243
Brad Spengler reported a denial-of-service issue in the kernel memory
accounting system.

CVE-2010-4248
Oleg Nesterov reported an issue in the POSIX CPU timers subsystem.

CVE-2010-4249
Vegard Nossum reported an issue with the UNIX socket garbage collector.

CVE-2010-4258
Nelson Elhage reported an issue in Linux oops handling.

CVE-2010-4342
Nelson Elhage reported an issue in the econet protocol.

CVE-2010-4346
Tavis Ormandy discovered an issue in the install_special_mapping routine
which allows local users to bypass the mmap_min_addr security restriction.

CVE-2010-4526
Eugene Teo reported a race condition in the Linux SCTP implementation.

CVE-2010-4527
Dan Rosenberg reported two issues in the OSS soundcard driver. Local users
with access to the device (members of group 'audio' on default Debian
installations) may contain access to sensitive kernel memory or cause a
buffer overflow.

CVE-2010-4529
Dan Rosenberg reported an issue in the Linux kernel IrDA socket
implementation on non-x86 architectures. Local users may be able to gain
access to sensitive kernel memory via a specially crafted IRLMP_ENUMDEVICES
getsockopt call.

CVE-2010-4565
Dan Rosenberg reported an issue in the Linux CAN protocol implementation.
Local users can obtain the address of a kernel heap object which might help
facilitate system exploitation.

CVE-2010-4649
Dan Carpenter reported an issue in the uverb handling of the InfiniBand
subsystem. A potential buffer overflow may allow local users to cause a
denial of service (memory corruption) by passing in a large cmd.ne value.

CVE-2010-4656
Kees Cook reported an issue in the driver for I/O-Warrior USB devices.
Local users with access to these devices maybe able to overrun kernel
buffers, resulting in a denial of service or privilege escalation.

CVE-2010-4668
Dan Rosenberg reported an issue in the block subsystem. A local user can
cause a denial of service (kernel panic) by submitting certain 0-length I/O
requests.

CVE-2011-0521
Dan Carpenter reported an issue in the DVB driver for AV7110 cards. Local
users can pass a negative info->num value, corrupting kernel memory and
causing a denial of service.
For the stable distribution (lenny), this problem has been fixed in
version 2.6.26-26lenny2.

Solution:
We recommend that you upgrade your system to version '2.6.26-26lenny2' or later.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2010-0435
RedHat Security Advisories: RHSA-2010:0622
https://rhn.redhat.com/errata/RHSA-2010-0622.html
RedHat Security Advisories: RHSA-2010:0627
https://rhn.redhat.com/errata/RHSA-2010-0627.html
http://secunia.com/advisories/42778
SuSE Security Announcement: SUSE-SA:2011:001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
http://www.vupen.com/english/advisories/2011/0012
Common Vulnerability Exposure (CVE) ID: CVE-2010-3699
BugTraq ID: 45039
http://www.securityfocus.com/bid/45039
Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://www.redhat.com/support/errata/RHSA-2011-0004.html
http://www.securitytracker.com/id?1024786
http://secunia.com/advisories/42372
http://secunia.com/advisories/42789
http://secunia.com/advisories/43056
http://secunia.com/advisories/46397
SuSE Security Announcement: SUSE-SA:2011:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html
http://www.vupen.com/english/advisories/2011/0024
http://www.vupen.com/english/advisories/2011/0213
Common Vulnerability Exposure (CVE) ID: CVE-2010-4158
BugTraq ID: 44758
http://www.securityfocus.com/bid/44758
Bugtraq: 20101109 Kernel 0-day (Google Search)
http://www.securityfocus.com/archive/1/514705
Bugtraq: 20101118 Re: Kernel 0-day (Google Search)
http://www.securityfocus.com/archive/1/514845
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html
http://lists.grok.org.uk/pipermail/full-disclosure/2010-November/077321.html
http://www.mandriva.com/security/advisories?name=MDVSA-2011:029
http://www.spinics.net/lists/netdev/msg146361.html
http://www.redhat.com/support/errata/RHSA-2010-0958.html
http://www.redhat.com/support/errata/RHSA-2011-0007.html
http://www.redhat.com/support/errata/RHSA-2011-0017.html
http://www.redhat.com/support/errata/RHSA-2011-0162.html
http://secunia.com/advisories/42745
http://secunia.com/advisories/42801
http://secunia.com/advisories/42884
http://secunia.com/advisories/42890
http://secunia.com/advisories/42932
http://secunia.com/advisories/42963
http://secunia.com/advisories/43291
SuSE Security Announcement: SUSE-SA:2010:060 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html
SuSE Security Announcement: SUSE-SA:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html
SuSE Security Announcement: SUSE-SA:2011:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html
SuSE Security Announcement: SUSE-SA:2011:007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
SuSE Security Announcement: SUSE-SA:2011:008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
http://www.vupen.com/english/advisories/2010/3321
http://www.vupen.com/english/advisories/2011/0124
http://www.vupen.com/english/advisories/2011/0168
http://www.vupen.com/english/advisories/2011/0298
http://www.vupen.com/english/advisories/2011/0375
Common Vulnerability Exposure (CVE) ID: CVE-2010-4162
BugTraq ID: 44793
http://www.securityfocus.com/bid/44793
http://openwall.com/lists/oss-security/2010/11/10/18
http://openwall.com/lists/oss-security/2010/11/12/2
Common Vulnerability Exposure (CVE) ID: CVE-2010-4163
http://openwall.com/lists/oss-security/2010/11/29/1
Common Vulnerability Exposure (CVE) ID: CVE-2010-4242
BugTraq ID: 45014
http://www.securityfocus.com/bid/45014
http://xorl.wordpress.com/2010/12/01/cve-2010-4242-linux-kernel-bluetooth-hci-uart-invalid-pointer-access/
https://lkml.org/lkml/2010/10/7/255
XForce ISS Database: kernel-hciuartttyopen-dos(64617)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64617
Common Vulnerability Exposure (CVE) ID: CVE-2010-4243
BugTraq ID: 45004
http://www.securityfocus.com/bid/45004
http://www.exploit-db.com/exploits/15619
http://grsecurity.net/~spender/64bit_dos.c
http://lkml.org/lkml/2010/8/27/429
http://lkml.org/lkml/2010/8/29/206
http://lkml.org/lkml/2010/8/30/138
http://lkml.org/lkml/2010/8/30/378
http://linux.derkeiler.com/Mailing-Lists/Kernel/2010-11/msg13278.html
http://openwall.com/lists/oss-security/2010/11/22/6
http://openwall.com/lists/oss-security/2010/11/22/15
XForce ISS Database: linux-kernel-execve-dos(64700)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64700
Common Vulnerability Exposure (CVE) ID: CVE-2010-4248
BugTraq ID: 45028
http://www.securityfocus.com/bid/45028
http://www.openwall.com/lists/oss-security/2010/11/23/2
http://www.openwall.com/lists/oss-security/2010/11/24/9
Common Vulnerability Exposure (CVE) ID: CVE-2010-4249
BugTraq ID: 45037
http://www.securityfocus.com/bid/45037
http://www.exploit-db.com/exploits/15622/
http://lkml.org/lkml/2010/11/23/395
http://lkml.org/lkml/2010/11/23/450
http://lkml.org/lkml/2010/11/25/8
http://marc.info/?l=linux-netdev&m=129059035929046&w=2
http://www.openwall.com/lists/oss-security/2010/11/24/2
http://www.openwall.com/lists/oss-security/2010/11/24/10
http://secunia.com/advisories/42354
Common Vulnerability Exposure (CVE) ID: CVE-2010-4258
http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0086.html
http://blog.nelhage.com/2010/12/cve-2010-4258-from-dos-to-privesc/
https://lkml.org/lkml/2010/12/1/543
http://marc.info/?l=linux-kernel&m=129117048916957&w=2
http://openwall.com/lists/oss-security/2010/12/02/2
http://openwall.com/lists/oss-security/2010/12/02/7
http://openwall.com/lists/oss-security/2010/12/02/4
http://openwall.com/lists/oss-security/2010/12/02/3
http://openwall.com/lists/oss-security/2010/12/08/4
http://openwall.com/lists/oss-security/2010/12/08/5
http://openwall.com/lists/oss-security/2010/12/08/9
http://openwall.com/lists/oss-security/2010/12/09/14
http://openwall.com/lists/oss-security/2010/12/09/4
Common Vulnerability Exposure (CVE) ID: CVE-2010-4342
BugTraq ID: 45321
http://www.securityfocus.com/bid/45321
http://marc.info/?l=linux-netdev&m=129185496013580&w=2
http://marc.info/?l=linux-netdev&m=129186011218615&w=2
http://openwall.com/lists/oss-security/2010/12/09/1
http://openwall.com/lists/oss-security/2010/12/09/2
Common Vulnerability Exposure (CVE) ID: CVE-2010-4346
BugTraq ID: 45323
http://www.securityfocus.com/bid/45323
https://lkml.org/lkml/2010/12/9/222
http://openwall.com/lists/oss-security/2010/12/09/13
http://openwall.com/lists/oss-security/2010/12/09/12
http://openwall.com/lists/oss-security/2010/12/10/3
http://openwall.com/lists/oss-security/2010/12/10/2
http://secunia.com/advisories/42570
Common Vulnerability Exposure (CVE) ID: CVE-2010-4526
BugTraq ID: 45661
http://www.securityfocus.com/bid/45661
http://www.openwall.com/lists/oss-security/2011/01/04/3
http://www.openwall.com/lists/oss-security/2011/01/04/13
http://www.redhat.com/support/errata/RHSA-2011-0163.html
http://secunia.com/advisories/42964
http://www.vupen.com/english/advisories/2011/0169
XForce ISS Database: kernel-icmp-message-dos(64616)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64616
Common Vulnerability Exposure (CVE) ID: CVE-2010-4527
BugTraq ID: 45629
http://www.securityfocus.com/bid/45629
http://xorl.wordpress.com/2011/01/09/cve-2010-4527-linux-kernel-oss-sound-card-driver-buffer-overflow/
http://openwall.com/lists/oss-security/2010/12/31/1
http://openwall.com/lists/oss-security/2010/12/31/4
http://secunia.com/advisories/42765
Common Vulnerability Exposure (CVE) ID: CVE-2010-4529
BugTraq ID: 45556
http://www.securityfocus.com/bid/45556
http://www.spinics.net/lists/netdev/msg150842.html
http://openwall.com/lists/oss-security/2010/12/23/1
http://openwall.com/lists/oss-security/2011/01/03/1
http://secunia.com/advisories/42684
Common Vulnerability Exposure (CVE) ID: CVE-2010-4565
BugTraq ID: 44661
http://www.securityfocus.com/bid/44661
https://bugzilla.redhat.com/show_bug.cgi?id=664544
http://www.spinics.net/lists/netdev/msg145796.html
http://www.spinics.net/lists/netdev/msg145791.html
http://www.spinics.net/lists/netdev/msg146270.html
http://www.spinics.net/lists/netdev/msg146468.html
http://openwall.com/lists/oss-security/2010/11/03/3
http://openwall.com/lists/oss-security/2010/11/04/4
http://openwall.com/lists/oss-security/2010/12/20/2
http://openwall.com/lists/oss-security/2010/12/21/1
Common Vulnerability Exposure (CVE) ID: CVE-2010-4649
BugTraq ID: 46073
http://www.securityfocus.com/bid/46073
RedHat Security Advisories: RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-4656
BugTraq ID: 46069
http://www.securityfocus.com/bid/46069
http://openwall.com/lists/oss-security/2011/01/24/9
http://openwall.com/lists/oss-security/2011/01/25/3
http://openwall.com/lists/oss-security/2011/01/25/4
http://www.ubuntu.com/usn/USN-1146-1
Common Vulnerability Exposure (CVE) ID: CVE-2010-4668
BugTraq ID: 45660
http://www.securityfocus.com/bid/45660
http://lkml.org/lkml/2010/11/29/70
http://lkml.org/lkml/2010/11/29/68
http://openwall.com/lists/oss-security/2010/11/30/4
http://openwall.com/lists/oss-security/2010/11/30/7
XForce ISS Database: linux-blkrqmapuseriov-dos(64496)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64496
Common Vulnerability Exposure (CVE) ID: CVE-2011-0521
BugTraq ID: 45986
http://www.securityfocus.com/bid/45986
http://openwall.com/lists/oss-security/2011/01/24/2
http://openwall.com/lists/oss-security/2011/01/25/2
http://www.securitytracker.com/id?1025195
http://secunia.com/advisories/43009
XForce ISS Database: kernel-av7110ca-privilege-escalation(64988)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64988
CopyrightCopyright (C) 2011 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 87302 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.