 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.71011 |
| Kategorie: | Ubuntu Local Security Checks |
| Titel: | Ubuntu USN-1279-1 (linux-image-2.6.38-13-generic) |
| Zusammenfassung: | NOSUMMARY |
| Beschreibung: | Description: The remote host is missing an update to linux-image-2.6.38-13-generic announced via advisory USN-1279-1. Details: Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2183) Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. (CVE-2011-2491) Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. (CVE-2011-2494) Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. (CVE-2011-2495) It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. (CVE-2011-2517) Christian Ohm discovered that the perf command looks for configuration files in the current directory. If a privileged user were tricked into running perf in a directory containing a malicious configuration file, an attacker could run arbitrary commands and possibly gain privileges. (CVE-2011-2905) Vasiliy Kulikov discovered that the Comedi driver did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2011-2909) Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.04 LTS: linux-image-2.6.38-13-generic 2.6.38-13.52~ lucid1 linux-image-2.6.38-13-generic-pae 2.6.38-13.52~ lucid1 linux-image-2.6.38-13-server 2.6.38-13.52~ lucid1 linux-image-2.6.38-13-virtual 2.6.38-13.52~ lucid1 http://www.securityspace.com/smysecure/catid.html?in=USN-1279-1 |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-2183 http://www.openwall.com/lists/oss-security/2011/06/06/1 Common Vulnerability Exposure (CVE) ID: CVE-2011-2491 http://www.openwall.com/lists/oss-security/2011/06/23/6 RedHat Security Advisories: RHSA-2011:1212 http://rhn.redhat.com/errata/RHSA-2011-1212.html Common Vulnerability Exposure (CVE) ID: CVE-2011-2494 http://www.openwall.com/lists/oss-security/2011/06/27/1 http://secunia.com/advisories/48898 SuSE Security Announcement: SUSE-SU-2012:0554 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html Common Vulnerability Exposure (CVE) ID: CVE-2011-2495 Common Vulnerability Exposure (CVE) ID: CVE-2011-2517 http://www.openwall.com/lists/oss-security/2011/07/01/4 Common Vulnerability Exposure (CVE) ID: CVE-2011-2905 http://www.openwall.com/lists/oss-security/2011/08/09/6 Common Vulnerability Exposure (CVE) ID: CVE-2011-2909 http://www.openwall.com/lists/oss-security/2011/08/12/1 |
| Copyright | Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com |
| Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |