Anfälligkeitssuche        Suche in 191973 CVE Beschreibungen
und 86218 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.71918
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2011:1253
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing updates announced in
advisory RHSA-2011:1253.

Security fixes:

* A flaw in the SCTP and DCCP implementations could allow a remote attacker
to cause a denial of service. (CVE-2010-4526, CVE-2011-1770, Important)

* Flaws in the Management Module Support for Message Passing Technology
(MPT) based controllers could allow a local, unprivileged user to cause a
denial of service, an information leak, or escalate their privileges.
(CVE-2011-1494, CVE-2011-1495, Important)

* Flaws in the AGPGART driver, and a flaw in agp_allocate_memory(), could
allow a local user to cause a denial of service or escalate their
privileges. (CVE-2011-1745, CVE-2011-2022, CVE-2011-1746, Important)

* A flaw in the client-side NLM implementation could allow a local,
unprivileged user to cause a denial of service. (CVE-2011-2491, Important)

* A flaw in the Bluetooth implementation could allow a remote attacker to
cause a denial of service or escalate their privileges. (CVE-2011-2497,
Important)

* Flaws in the netlink-based wireless configuration interface could allow a
local user, who has the CAP_NET_ADMIN capability, to cause a denial of
service or escalate their privileges on systems that have an active
wireless interface. (CVE-2011-2517, Important)

* The maximum file offset handling for ext4 file systems could allow a
local, unprivileged user to cause a denial of service. (CVE-2011-2695,
Important)

* A local, unprivileged user could allocate large amounts of memory not
visible to the OOM killer, causing a denial of service. (CVE-2010-4243,
Moderate)

* The proc file system could allow a local, unprivileged user to obtain
sensitive information or possibly cause integrity issues. (CVE-2011-1020,
Moderate)

* A local, privileged user could possibly write arbitrary kernel memory via
/sys/kernel/debug/acpi/custom_method. (CVE-2011-1021, Moderate)

* Inconsistency in the methods for allocating and freeing NFSv4 ACL data

CVE-2010-4250 fix caused a regression
a flaw in next_pidmap() and
inet_diag_bc_audit()
flaws in the CAN implementation
a race condition in
the memory merging support
a flaw in the taskstats subsystem
and the way
mapping expansions were handled could allow a local, unprivileged user to
cause a denial of service. (CVE-2011-1090, CVE-2011-1479, CVE-2011-1593,
CVE-2011-2213, CVE-2011-1598, CVE-2011-1748, CVE-2011-2183, CVE-2011-2484,
CVE-2011-2496, Moderate)

* A flaw in GRO could result in a denial of service when a malformed VLAN
frame is received. (CVE-2011-1478, Moderate)

* napi_reuse_skb() could be called on VLAN packets allowing an attacker on
the local network to possibly trigger a denial of service. (CVE-2011-1576,
Moderate)

* A denial of service could occur if packets were received while the ipip
or ip_gre module was being loaded. (CVE-2011-1767, CVE-2011-1768, Moderate)

* Information leaks. (CVE-2011-1160, CVE-2011-2492, CVE-2011-2495, Low)

* Flaws in the EFI GUID Partition Table implementation could allow a local
attacker to cause a denial of service. (CVE-2011-1577, CVE-2011-1776, Low)

* While a user has a CIFS share mounted that required successful
authentication, a local, unprivileged user could mount that share without
knowing the correct password if mount.cifs was setuid root. (CVE-2011-1585,
Low)

Red Hat would like to thank Dan Rosenberg for reporting CVE-2011-1770,
CVE-2011-1494, CVE-2011-1495, CVE-2011-2497, and CVE-2011-2213
Vasiliy
Kulikov of Openwall for reporting CVE-2011-1745, CVE-2011-2022,
CVE-2011-1746, CVE-2011-2484, and CVE-2011-2495
Vasily Averin for
reporting CVE-2011-2491
Brad Spengler for reporting CVE-2010-4243
Kees
Cook for reporting CVE-2011-1020
Robert Swiecki for reporting
CVE-2011-1593 and CVE-2011-2496
Oliver Hartkopp for reporting
CVE-2011-1748
Andrea Righi for reporting CVE-2011-2183
Ryan Sweat for
reporting CVE-2011-1478 and CVE-2011-1576
Peter Huewe for reporting
CVE-2011-1160
Marek Kroemeke and Filip Palian for reporting CVE-2011-2492

and Timo Warns for reporting CVE-2011-1577 and CVE-2011-1776.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2011-1253.html

Risk factor : High

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2010-4243
BugTraq ID: 45004
http://www.securityfocus.com/bid/45004
Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://www.exploit-db.com/exploits/15619
http://grsecurity.net/~spender/64bit_dos.c
http://lkml.org/lkml/2010/8/27/429
http://lkml.org/lkml/2010/8/29/206
http://lkml.org/lkml/2010/8/30/138
http://lkml.org/lkml/2010/8/30/378
http://linux.derkeiler.com/Mailing-Lists/Kernel/2010-11/msg13278.html
http://openwall.com/lists/oss-security/2010/11/22/6
http://openwall.com/lists/oss-security/2010/11/22/15
http://www.redhat.com/support/errata/RHSA-2011-0017.html
http://secunia.com/advisories/42884
http://secunia.com/advisories/46397
XForce ISS Database: linux-kernel-execve-dos(64700)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64700
Common Vulnerability Exposure (CVE) ID: CVE-2010-4526
BugTraq ID: 45661
http://www.securityfocus.com/bid/45661
http://www.openwall.com/lists/oss-security/2011/01/04/3
http://www.openwall.com/lists/oss-security/2011/01/04/13
http://www.redhat.com/support/errata/RHSA-2011-0163.html
http://secunia.com/advisories/42964
http://www.vupen.com/english/advisories/2011/0169
XForce ISS Database: kernel-icmp-message-dos(64616)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64616
Common Vulnerability Exposure (CVE) ID: CVE-2011-1020
BugTraq ID: 46567
http://www.securityfocus.com/bid/46567
http://seclists.org/fulldisclosure/2011/Jan/421
http://www.halfdog.net/Security/2011/SuidBinariesAndProcInterface/
https://lkml.org/lkml/2011/2/7/414
https://lkml.org/lkml/2011/2/7/474
https://lkml.org/lkml/2011/2/7/368
https://lkml.org/lkml/2011/2/7/404
https://lkml.org/lkml/2011/2/7/466
https://lkml.org/lkml/2011/2/10/21
https://lkml.org/lkml/2011/2/9/417
http://openwall.com/lists/oss-security/2011/02/24/18
http://openwall.com/lists/oss-security/2011/02/25/2
http://secunia.com/advisories/43496
http://securityreason.com/securityalert/8107
XForce ISS Database: kernel-procpid-security-bypass(65693)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65693
Common Vulnerability Exposure (CVE) ID: CVE-2011-1021
http://www.openwall.com/lists/oss-security/2011/02/25/5
Common Vulnerability Exposure (CVE) ID: CVE-2011-1090
http://openwall.com/lists/oss-security/2011/03/07/2
http://openwall.com/lists/oss-security/2011/03/07/12
http://securitytracker.com/id?1025336
SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-1160
http://www.openwall.com/lists/oss-security/2011/03/15/13
Common Vulnerability Exposure (CVE) ID: CVE-2011-1478
http://openwall.com/lists/oss-security/2011/03/28/1
http://securityreason.com/securityalert/8480
Common Vulnerability Exposure (CVE) ID: CVE-2011-1479
http://www.openwall.com/lists/oss-security/2011/04/11/1
Common Vulnerability Exposure (CVE) ID: CVE-2011-1494
BugTraq ID: 47185
http://www.securityfocus.com/bid/47185
http://lkml.org/lkml/2011/4/5/327
http://openwall.com/lists/oss-security/2011/04/05/32
http://openwall.com/lists/oss-security/2011/04/06/2
RedHat Security Advisories: RHSA-2011:0833
http://rhn.redhat.com/errata/RHSA-2011-0833.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-1495
Common Vulnerability Exposure (CVE) ID: CVE-2011-1576
BugTraq ID: 48907
http://www.securityfocus.com/bid/48907
RedHat Security Advisories: RHSA-2011:0927
http://rhn.redhat.com/errata/RHSA-2011-0927.html
http://www.redhat.com/support/errata/RHSA-2011-1090.html
http://www.redhat.com/support/errata/RHSA-2011-1106.html
http://www.securitytracker.com/id?1025853
Common Vulnerability Exposure (CVE) ID: CVE-2011-1577
BugTraq ID: 47343
http://www.securityfocus.com/bid/47343
Bugtraq: 20110413 [PRE-SA-2011-03] Denial-of-service vulnerability in EFI partition handling code of the Linux kernel (Google Search)
http://www.securityfocus.com/archive/1/517477/100/0/threaded
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html
http://www.spinics.net/lists/mm-commits/msg83274.html
http://openwall.com/lists/oss-security/2011/04/12/17
http://openwall.com/lists/oss-security/2011/04/13/1
http://securitytracker.com/id?1025355
http://securityreason.com/securityalert/8238
XForce ISS Database: kernel-guid-dos(66773)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66773
Common Vulnerability Exposure (CVE) ID: CVE-2011-1585
http://www.openwall.com/lists/oss-security/2011/04/15/8
Common Vulnerability Exposure (CVE) ID: CVE-2011-1593
BugTraq ID: 47497
http://www.securityfocus.com/bid/47497
http://groups.google.com/group/fa.linux.kernel/msg/4a28ecb7f755a88d?dmode=source
http://openwall.com/lists/oss-security/2011/04/19/1
http://openwall.com/lists/oss-security/2011/04/20/1
http://securitytracker.com/id?1025420
http://secunia.com/advisories/44164
http://www.ubuntu.com/usn/USN-1146-1
XForce ISS Database: kernel-nextpidmap-dos(66876)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66876
Common Vulnerability Exposure (CVE) ID: CVE-2011-1598
BugTraq ID: 47503
http://www.securityfocus.com/bid/47503
http://permalink.gmane.org/gmane.linux.network/192898
http://openwall.com/lists/oss-security/2011/04/20/2
http://openwall.com/lists/oss-security/2011/04/20/6
http://openwall.com/lists/oss-security/2011/04/20/7
http://openwall.com/lists/oss-security/2011/04/21/1
http://openwall.com/lists/oss-security/2011/04/21/2
http://openwall.com/lists/oss-security/2011/04/21/7
http://openwall.com/lists/oss-security/2011/04/22/2
http://openwall.com/lists/oss-security/2011/04/25/4
Common Vulnerability Exposure (CVE) ID: CVE-2011-1745
BugTraq ID: 47534
http://www.securityfocus.com/bid/47534
https://lkml.org/lkml/2011/4/14/293
http://openwall.com/lists/oss-security/2011/04/21/4
http://openwall.com/lists/oss-security/2011/04/22/7
Common Vulnerability Exposure (CVE) ID: CVE-2011-1746
BugTraq ID: 47535
http://www.securityfocus.com/bid/47535
https://lkml.org/lkml/2011/4/14/294
https://lkml.org/lkml/2011/4/19/400
Common Vulnerability Exposure (CVE) ID: CVE-2011-1748
BugTraq ID: 47835
http://www.securityfocus.com/bid/47835
http://permalink.gmane.org/gmane.linux.network/192974
Common Vulnerability Exposure (CVE) ID: CVE-2011-1767
http://www.openwall.com/lists/oss-security/2011/05/05/6
Common Vulnerability Exposure (CVE) ID: CVE-2011-1768
Common Vulnerability Exposure (CVE) ID: CVE-2011-1770
BugTraq ID: 47769
http://www.securityfocus.com/bid/47769
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061366.html
http://marc.info/?l=linux-kernel&m=130469305815140&w=2
http://marc.info/?l=linux-kernel&m=130468845209036&w=2
http://www.securitytracker.com/id?1025592
http://secunia.com/advisories/44932
http://securityreason.com/securityalert/8286
Common Vulnerability Exposure (CVE) ID: CVE-2011-1776
BugTraq ID: 47796
http://www.securityfocus.com/bid/47796
http://www.pre-cert.de/advisories/PRE-SA-2011-04.txt
http://openwall.com/lists/oss-security/2011/05/10/4
http://securityreason.com/securityalert/8369
Common Vulnerability Exposure (CVE) ID: CVE-2011-2022
BugTraq ID: 47843
http://www.securityfocus.com/bid/47843
Common Vulnerability Exposure (CVE) ID: CVE-2011-2183
http://www.openwall.com/lists/oss-security/2011/06/06/1
Common Vulnerability Exposure (CVE) ID: CVE-2011-2213
HPdes Security Advisory: HPSBGN02970
http://marc.info/?l=bugtraq&m=139447903326211&w=2
http://article.gmane.org/gmane.linux.network/197208
http://article.gmane.org/gmane.linux.network/197206
http://article.gmane.org/gmane.linux.network/197386
http://article.gmane.org/gmane.linux.network/198809
http://www.openwall.com/lists/oss-security/2011/06/20/1
http://www.openwall.com/lists/oss-security/2011/06/20/13
http://www.openwall.com/lists/oss-security/2011/06/20/16
Common Vulnerability Exposure (CVE) ID: CVE-2011-2484
BugTraq ID: 48383
http://www.securityfocus.com/bid/48383
https://bugzilla.redhat.com/show_bug.cgi?id=715436
http://lists.openwall.net/linux-kernel/2011/06/16/605
http://openwall.com/lists/oss-security/2011/06/22/1
http://openwall.com/lists/oss-security/2011/06/22/2
XForce ISS Database: kernel-taskstats-dos(68150)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68150
Common Vulnerability Exposure (CVE) ID: CVE-2011-2491
http://www.openwall.com/lists/oss-security/2011/06/23/6
RedHat Security Advisories: RHSA-2011:1212
http://rhn.redhat.com/errata/RHSA-2011-1212.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-2492
http://permalink.gmane.org/gmane.linux.bluez.kernel/12909
http://www.openwall.com/lists/oss-security/2011/06/24/2
http://www.openwall.com/lists/oss-security/2011/06/24/3
http://securitytracker.com/id?1025778
Common Vulnerability Exposure (CVE) ID: CVE-2011-2495
http://www.openwall.com/lists/oss-security/2011/06/27/1
Common Vulnerability Exposure (CVE) ID: CVE-2011-2496
http://www.openwall.com/lists/oss-security/2011/06/27/2
Common Vulnerability Exposure (CVE) ID: CVE-2011-2497
BugTraq ID: 48472
http://www.securityfocus.com/bid/48472
http://marc.info/?l=linux-kernel&m=130891911909436&w=2
http://www.openwall.com/lists/oss-security/2011/06/24/9
http://www.openwall.com/lists/oss-security/2011/06/27/3
http://www.osvdb.org/74679
http://securityreason.com/securityalert/8359
Common Vulnerability Exposure (CVE) ID: CVE-2011-2517
http://www.openwall.com/lists/oss-security/2011/07/01/4
Common Vulnerability Exposure (CVE) ID: CVE-2011-2695
http://www.spinics.net/lists/linux-ext4/msg25697.html
http://www.openwall.com/lists/oss-security/2011/07/15/7
http://www.openwall.com/lists/oss-security/2011/07/15/8
http://secunia.com/advisories/45193
Common Vulnerability Exposure (CVE) ID: CVE-2010-4250
http://www.openwall.com/lists/oss-security/2010/11/24/11
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 86218 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.