Test Kennung:	1.3.6.1.4.1.25623.1.0.840704
Kategorie:	Ubuntu Local Security Checks
Titel:	Ubuntu Update for linux USN-1168-1
Zusammenfassung:	Ubuntu Update for Linux kernel vulnerabilities USN-1168-1
Beschreibung:	Summary: Ubuntu Update for Linux kernel vulnerabilities USN-1168-1 Vulnerability Insight: Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. (CVE-2011-1017) Neil Horman discovered that NFSv4 did not correctly handle certain orders of operation with ACL data. A remote attacker with access to an NFSv4 mount could exploit this to crash the system, leading to a denial of service. (CVE-2011-1090) Timo Warns discovered that OSF partition parsing routines did not correctly clear memory. A local attacker with physical access could plug in a specially crafted block device to read kernel memory, leading to a loss of privacy. (CVE-2011-1163) Dan Rosenberg discovered that MPT devices did not correctly validate certain values in ioctl calls. If these drivers were loaded, a local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. (CVE-2011-1494, CVE-2011-1495) Tavis Ormandy discovered that the pidmap function did not correctly handle large requests. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-1593) Oliver Hartkopp and Dave Jones discovered that the CAN network driver did not correctly validate certain socket structures. If this driver was loaded, a local attacker could crash the system, leading to a denial of service. (CVE-2011-1598, CVE-2011-1748) Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl values. A local attacker with access to the video subsystem could exploit this to crash the system, leading to a denial of service, or possibly gain root privileges. (CVE-2011-1745, CVE-2011-2022) Vasiliy Kulikov discovered that the AGP driver did not check the size of certain memory allocations. A local attacker with access to the video subsystem could exploit this to run the system out of memory, leading to a denial of service. (CVE-2011-1746, CVE-2011-1747) Dan Rosenberg discovered that the DCCP stack did not correctly handle certain packet structures. A remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-1770) Affected Software/OS: linux on Ubuntu 10.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1017 BugTraq ID: 46512 http://www.securityfocus.com/bid/46512 Bugtraq: 20110223 [PRE-SA-2011-01] Multiple Linux kernel vulnerabilities in partition handling code of LDM and MAC partition tables (Google Search) http://www.securityfocus.com/archive/1/516615/100/0/threaded http://www.pre-cert.de/advisories/PRE-SA-2011-01.txt http://openwall.com/lists/oss-security/2011/02/23/16 http://openwall.com/lists/oss-security/2011/02/24/4 http://openwall.com/lists/oss-security/2011/02/24/14 http://securitytracker.com/id?1025128 http://secunia.com/advisories/43716 http://secunia.com/advisories/43738 http://securityreason.com/securityalert/8115 http://www.ubuntu.com/usn/USN-1146-1 Common Vulnerability Exposure (CVE) ID: CVE-2011-1090 Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search) http://www.securityfocus.com/archive/1/520102/100/0/threaded http://openwall.com/lists/oss-security/2011/03/07/2 http://openwall.com/lists/oss-security/2011/03/07/12 http://securitytracker.com/id?1025336 http://secunia.com/advisories/46397 SuSE Security Announcement: SUSE-SU-2015:0812 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html Common Vulnerability Exposure (CVE) ID: CVE-2011-1163 BugTraq ID: 46878 http://www.securityfocus.com/bid/46878 Bugtraq: 20110317 [PRE-SA-2011-02] Information disclosure vulnerability in the OSF partition handling code of the Linux kernel (Google Search) http://www.securityfocus.com/archive/1/517050 http://www.pre-cert.de/advisories/PRE-SA-2011-02.txt http://www.spinics.net/lists/mm-commits/msg82737.html http://openwall.com/lists/oss-security/2011/03/15/9 http://openwall.com/lists/oss-security/2011/03/15/14 RedHat Security Advisories: RHSA-2011:0833 http://rhn.redhat.com/errata/RHSA-2011-0833.html http://securitytracker.com/id?1025225 http://securityreason.com/securityalert/8189 Common Vulnerability Exposure (CVE) ID: CVE-2011-1494 BugTraq ID: 47185 http://www.securityfocus.com/bid/47185 http://lkml.org/lkml/2011/4/5/327 http://openwall.com/lists/oss-security/2011/04/05/32 http://openwall.com/lists/oss-security/2011/04/06/2 Common Vulnerability Exposure (CVE) ID: CVE-2011-1495 Common Vulnerability Exposure (CVE) ID: CVE-2011-1593 BugTraq ID: 47497 http://www.securityfocus.com/bid/47497 http://groups.google.com/group/fa.linux.kernel/msg/4a28ecb7f755a88d?dmode=source http://openwall.com/lists/oss-security/2011/04/19/1 http://openwall.com/lists/oss-security/2011/04/20/1 RedHat Security Advisories: RHSA-2011:0927 http://rhn.redhat.com/errata/RHSA-2011-0927.html http://securitytracker.com/id?1025420 http://secunia.com/advisories/44164 XForce ISS Database: kernel-nextpidmap-dos(66876) https://exchange.xforce.ibmcloud.com/vulnerabilities/66876 Common Vulnerability Exposure (CVE) ID: CVE-2011-1598 BugTraq ID: 47503 http://www.securityfocus.com/bid/47503 http://permalink.gmane.org/gmane.linux.network/192898 http://openwall.com/lists/oss-security/2011/04/20/2 http://openwall.com/lists/oss-security/2011/04/20/6 http://openwall.com/lists/oss-security/2011/04/20/7 http://openwall.com/lists/oss-security/2011/04/21/1 http://openwall.com/lists/oss-security/2011/04/21/2 http://openwall.com/lists/oss-security/2011/04/21/7 http://openwall.com/lists/oss-security/2011/04/22/2 http://openwall.com/lists/oss-security/2011/04/25/4 Common Vulnerability Exposure (CVE) ID: CVE-2011-1748 BugTraq ID: 47835 http://www.securityfocus.com/bid/47835 http://permalink.gmane.org/gmane.linux.network/192974 Common Vulnerability Exposure (CVE) ID: CVE-2011-1745 BugTraq ID: 47534 http://www.securityfocus.com/bid/47534 https://lkml.org/lkml/2011/4/14/293 http://openwall.com/lists/oss-security/2011/04/21/4 http://openwall.com/lists/oss-security/2011/04/22/7 Common Vulnerability Exposure (CVE) ID: CVE-2011-2022 BugTraq ID: 47843 http://www.securityfocus.com/bid/47843 Common Vulnerability Exposure (CVE) ID: CVE-2011-1746 BugTraq ID: 47535 http://www.securityfocus.com/bid/47535 https://lkml.org/lkml/2011/4/14/294 https://lkml.org/lkml/2011/4/19/400 Common Vulnerability Exposure (CVE) ID: CVE-2011-1747 BugTraq ID: 47832 http://www.securityfocus.com/bid/47832 http://openwall.com/lists/oss-security/2011/04/22/10 http://openwall.com/lists/oss-security/2011/04/22/11 http://openwall.com/lists/oss-security/2011/04/22/8 http://openwall.com/lists/oss-security/2011/04/22/9 http://securitytracker.com/id?1025441 Common Vulnerability Exposure (CVE) ID: CVE-2011-1770 BugTraq ID: 47769 http://www.securityfocus.com/bid/47769 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061366.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061236.html http://marc.info/?l=linux-kernel&m=130469305815140&w=2 http://marc.info/?l=linux-kernel&m=130468845209036&w=2 http://www.securitytracker.com/id?1025592 http://secunia.com/advisories/44932 http://securityreason.com/securityalert/8286
Copyright	Copyright (C) 2011 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.