Test Kennung:	1.3.6.1.4.1.25623.1.0.840611
Kategorie:	Ubuntu Local Security Checks
Titel:	Ubuntu Update for linux-ec2 vulnerabilities USN-1086-1
Zusammenfassung:	Ubuntu Update for Linux kernel vulnerabilities USN-1086-1
Beschreibung:	Summary: Ubuntu Update for Linux kernel vulnerabilities USN-1086-1 Vulnerability Insight: Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4076, CVE-2010-4077) Dan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4158) Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2010-4163) Dan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4175) Affected Software/OS: linux-ec2 vulnerabilities on Ubuntu 10.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4076 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d281da7ff6f70efca0553c288bb883e8605b3862 http://lkml.org/lkml/2010/9/15/389 http://www.openwall.com/lists/oss-security/2010/09/25/2 http://www.openwall.com/lists/oss-security/2010/10/06/6 http://www.openwall.com/lists/oss-security/2010/10/07/1 http://www.openwall.com/lists/oss-security/2010/10/25/3 Common Vulnerability Exposure (CVE) ID: CVE-2010-4077 BugTraq ID: 45059 http://www.securityfocus.com/bid/45059 http://lkml.indiana.edu/hypermail//linux/kernel/1009.1/03387.html http://www.redhat.com/support/errata/RHSA-2010-0958.html http://www.redhat.com/support/errata/RHSA-2011-0007.html http://secunia.com/advisories/42890 http://securityreason.com/securityalert/8129 Common Vulnerability Exposure (CVE) ID: CVE-2010-4158 BugTraq ID: 44758 http://www.securityfocus.com/bid/44758 Bugtraq: 20101109 Kernel 0-day (Google Search) http://www.securityfocus.com/archive/1/514705 Bugtraq: 20101118 Re: Kernel 0-day (Google Search) http://www.securityfocus.com/archive/1/514845 Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search) http://www.securityfocus.com/archive/1/520102/100/0/threaded http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html http://lists.grok.org.uk/pipermail/full-disclosure/2010-November/077321.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:029 http://www.spinics.net/lists/netdev/msg146361.html http://www.redhat.com/support/errata/RHSA-2011-0017.html http://www.redhat.com/support/errata/RHSA-2011-0162.html http://secunia.com/advisories/42745 http://secunia.com/advisories/42778 http://secunia.com/advisories/42801 http://secunia.com/advisories/42884 http://secunia.com/advisories/42932 http://secunia.com/advisories/42963 http://secunia.com/advisories/43291 http://secunia.com/advisories/46397 SuSE Security Announcement: SUSE-SA:2010:060 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html SuSE Security Announcement: SUSE-SA:2011:001 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html SuSE Security Announcement: SUSE-SA:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html SuSE Security Announcement: SUSE-SA:2011:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html SuSE Security Announcement: SUSE-SA:2011:007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html SuSE Security Announcement: SUSE-SA:2011:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html http://www.vupen.com/english/advisories/2010/3321 http://www.vupen.com/english/advisories/2011/0012 http://www.vupen.com/english/advisories/2011/0124 http://www.vupen.com/english/advisories/2011/0168 http://www.vupen.com/english/advisories/2011/0298 http://www.vupen.com/english/advisories/2011/0375 Common Vulnerability Exposure (CVE) ID: CVE-2010-4163 BugTraq ID: 44793 http://www.securityfocus.com/bid/44793 http://openwall.com/lists/oss-security/2010/11/10/18 http://openwall.com/lists/oss-security/2010/11/12/2 http://openwall.com/lists/oss-security/2010/11/29/1 Common Vulnerability Exposure (CVE) ID: CVE-2010-4175 BugTraq ID: 44921 http://www.securityfocus.com/bid/44921 http://marc.info/?l=linux-netdev&m=129001184803080&w=2 http://www.openwall.com/lists/oss-security/2010/11/17/8 http://www.openwall.com/lists/oss-security/2010/11/18/1 XForce ISS Database: kernel-rdscmsgrdmaargs-dos(64618) https://exchange.xforce.ibmcloud.com/vulnerabilities/64618
Copyright	Copyright (c) 2011 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.