Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.71033
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu USN-1301-1 (linux-image-2.6.38-13-generic)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing an update to linux-image-2.6.38-13-generic
announced via advisory USN-1301-1.

Details:

A bug was discovered in the XFS filesystem's handling of pathnames. A local
attacker could exploit this to crash the system, leading to a denial of
service, or gain root privileges. (CVE-2011-4077)

Nick Bowler discovered the kernel GHASH message digest algorithm
incorrectly handled error conditions. A local attacker could exploit this
to cause a kernel oops. (CVE-2011-4081)

A flaw was found in the Journaling Block Device (JBD). A local attacker
able to mount ext3 or ext4 file systems could exploit this to crash the
system, leading to a denial of service. (CVE-2011-4132)

Clement Lecigne discovered a bug in the HFS file system bounds checking.
When a malformed HFS file system is mounted a local user could crash the
system or gain root privileges. (CVE-2011-4330)

Solution:
The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.38-13-generic 2.6.38-13.53~
lucid1
linux-image-2.6.38-13-generic-pae 2.6.38-13.53~
lucid1
linux-image-2.6.38-13-server 2.6.38-13.53~
lucid1
linux-image-2.6.38-13-virtual 2.6.38-13.53~
lucid1

http://www.securityspace.com/smysecure/catid.html?in=USN-1301-1

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:NR/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-4077
HPdes Security Advisory: HPSBGN02970
http://marc.info/?l=bugtraq&m=139447903326211&w=2
http://xorl.wordpress.com/2011/12/07/cve-2011-4077-linux-kernel-xfs-readlink-memory-corruption/
http://www.openwall.com/lists/oss-security/2011/10/26/1
http://www.openwall.com/lists/oss-security/2011/10/26/3
http://oss.sgi.com/archives/xfs/2011-10/msg00345.html
http://secunia.com/advisories/48964
Common Vulnerability Exposure (CVE) ID: CVE-2011-4081
http://www.openwall.com/lists/oss-security/2011/10/27/2
Common Vulnerability Exposure (CVE) ID: CVE-2011-4132
BugTraq ID: 50663
http://www.securityfocus.com/bid/50663
http://xorl.wordpress.com/2011/12/08/cve-2011-4132-linux-kernel-jbdjbd2-local-dos/
http://www.openwall.com/lists/oss-security/2011/11/11/6
http://www.openwall.com/lists/oss-security/2011/11/13/4
http://securitytracker.com/id?1026325
http://secunia.com/advisories/48898
SuSE Security Announcement: SUSE-SU-2012:0554 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-4330
BugTraq ID: 50750
http://www.securityfocus.com/bid/50750
https://lkml.org/lkml/2011/11/9/303
http://www.openwall.com/lists/oss-security/2011/11/21/14
http://www.openwall.com/lists/oss-security/2011/11/21/5
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.