English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.71042
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu USN-1311-1 (linux-image-2.6.32-37-386)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing an update to linux-image-2.6.32-37-386
announced via advisory USN-1311-1.

Details:

Peter Huewe discovered an information leak in the handling of reading
security-related TPM data. A local, unprivileged user could read the
results of a previous TPM command. (CVE-2011-1162)

A bug was discovered in the XFS filesystem's handling of pathnames. A local
attacker could exploit this to crash the system, leading to a denial of
service, or gain root privileges. (CVE-2011-4077)

Nick Bowler discovered the kernel GHASH message digest algorithm
incorrectly handled error conditions. A local attacker could exploit this
to cause a kernel oops. (CVE-2011-4081)

A flaw was found in the Journaling Block Device (JBD). A local attacker
able to mount ext3 or ext4 file systems could exploit this to crash the
system, leading to a denial of service. (CVE-2011-4132)

A bug was found in the way headroom check was performed in
udp6_ufo_fragment() function. A remote attacker could use this flaw to
crash the system. (CVE-2011-4326)

Clement Lecigne discovered a bug in the HFS file system bounds checking.
When a malformed HFS file system is mounted a local user could crash the
system or gain root privileges. (CVE-2011-4330)

Solution:
The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.32-37-386 2.6.32-37.81
linux-image-2.6.32-37-generic 2.6.32-37.81
linux-image-2.6.32-37-generic-pae 2.6.32-37.81
linux-image-2.6.32-37-ia64 2.6.32-37.81
linux-image-2.6.32-37-lpia 2.6.32-37.81
linux-image-2.6.32-37-powerpc 2.6.32-37.81
linux-image-2.6.32-37-powerpc-smp 2.6.32-37.81
linux-image-2.6.32-37-powerpc64-smp 2.6.32-37.81
linux-image-2.6.32-37-preempt 2.6.32-37.81
linux-image-2.6.32-37-server 2.6.32-37.81
linux-image-2.6.32-37-sparc64 2.6.32-37.81
linux-image-2.6.32-37-sparc64-smp 2.6.32-37.81
linux-image-2.6.32-37-versatile 2.6.32-37.81
linux-image-2.6.32-37-virtual 2.6.32-37.81

http://www.securityspace.com/smysecure/catid.html?in=USN-1311-1

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:NR/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-1162
BugTraq ID: 50764
http://www.securityfocus.com/bid/50764
Common Vulnerability Exposure (CVE) ID: CVE-2011-4077
HPdes Security Advisory: HPSBGN02970
http://marc.info/?l=bugtraq&m=139447903326211&w=2
http://xorl.wordpress.com/2011/12/07/cve-2011-4077-linux-kernel-xfs-readlink-memory-corruption/
http://www.openwall.com/lists/oss-security/2011/10/26/1
http://www.openwall.com/lists/oss-security/2011/10/26/3
http://oss.sgi.com/archives/xfs/2011-10/msg00345.html
http://secunia.com/advisories/48964
Common Vulnerability Exposure (CVE) ID: CVE-2011-4081
http://www.openwall.com/lists/oss-security/2011/10/27/2
Common Vulnerability Exposure (CVE) ID: CVE-2011-4132
BugTraq ID: 50663
http://www.securityfocus.com/bid/50663
http://xorl.wordpress.com/2011/12/08/cve-2011-4132-linux-kernel-jbdjbd2-local-dos/
http://www.openwall.com/lists/oss-security/2011/11/11/6
http://www.openwall.com/lists/oss-security/2011/11/13/4
http://securitytracker.com/id?1026325
http://secunia.com/advisories/48898
SuSE Security Announcement: SUSE-SU-2012:0554 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-4326
BugTraq ID: 50751
http://www.securityfocus.com/bid/50751
http://www.openwall.com/lists/oss-security/2011/11/21/10
Common Vulnerability Exposure (CVE) ID: CVE-2011-4330
BugTraq ID: 50750
http://www.securityfocus.com/bid/50750
https://lkml.org/lkml/2011/11/9/303
http://www.openwall.com/lists/oss-security/2011/11/21/14
http://www.openwall.com/lists/oss-security/2011/11/21/5
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.