Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.71026
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu USN-1294-1 (linux-image-3.0.0-13-generic)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing an update to linux-image-3.0.0-13-generic
announced via advisory USN-1294-1.

Details:

Peter Huewe discovered an information leak in the handling of reading
security-related TPM data. A local, unprivileged user could read the
results of a previous TPM command. (CVE-2011-1162)

Vasiliy Kulikov discovered that taskstats did not enforce access
restrictions. A local attacker could exploit this to read certain
information, leading to a loss of privacy. (CVE-2011-2494)

Qianfeng Zhang discovered that the bridge networking interface incorrectly
handled certain network packets. A remote attacker could exploit this to
crash the system, leading to a denial of service. (CVE-2011-2942)

Yasuaki Ishimatsu discovered a flaw in the kernel's clock implementation. A
local unprivileged attacker could exploit this causing a denial of service.
(CVE-2011-3209)

Zheng Liu discovered a flaw in how the ext4 filesystem splits extents. A
local unprivileged attacker could exploit this to crash the system, leading
to a denial of service. (CVE-2011-3638)

Nick Bowler discovered the kernel GHASH message digest algorithm
incorrectly handled error conditions. A local attacker could exploit this
to cause a kernel oops. (CVE-2011-4081)

Scot Doyle discovered that the bridge networking interface incorrectly
handled certain network packets. A remote attacker could exploit this to
crash the system, leading to a denial of service. (CVE-2011-4087)

A bug was found in the way headroom check was performed in
udp6_ufo_fragment() function. A remote attacker could use this flaw to
crash the system. (CVE-2011-4326)

Solution:
The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-3.0.0-13-generic 3.0.0-13.22~
lucid1
linux-image-3.0.0-13-generic-pae 3.0.0-13.22~
lucid1
linux-image-3.0.0-13-server 3.0.0-13.22~
lucid1
linux-image-3.0.0-13-virtual 3.0.0-13.22~
lucid1

http://www.securityspace.com/smysecure/catid.html?in=USN-1294-1

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:NR/C:P/I:N/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-1162
BugTraq ID: 50764
http://www.securityfocus.com/bid/50764
Common Vulnerability Exposure (CVE) ID: CVE-2011-2494
http://www.openwall.com/lists/oss-security/2011/06/27/1
http://secunia.com/advisories/48898
SuSE Security Announcement: SUSE-SU-2012:0554 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-2942
http://www.openwall.com/lists/oss-security/2011/10/24/3
Common Vulnerability Exposure (CVE) ID: CVE-2011-3209
Common Vulnerability Exposure (CVE) ID: CVE-2011-3638
http://www.openwall.com/lists/oss-security/2011/10/24/2
Common Vulnerability Exposure (CVE) ID: CVE-2011-4081
http://www.openwall.com/lists/oss-security/2011/10/27/2
Common Vulnerability Exposure (CVE) ID: CVE-2011-4087
http://www.openwall.com/lists/oss-security/2011/10/28/14
Common Vulnerability Exposure (CVE) ID: CVE-2011-4326
BugTraq ID: 50751
http://www.securityfocus.com/bid/50751
http://www.openwall.com/lists/oss-security/2011/11/21/10
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.