Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Mandrake Local Security Checks --> Category: infos

MDKSA-2006:182: kernel Vulnerability Scan


Vulnerability Scan Summary
Check for the version of the kernel package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory MDKSA-2006:182 (kernel).

A number of vulnerabilities were discovered and corrected in the Linux
2.6 kernel:
Stephane Eranian discovered an issue with permon2.0 where, under
certain circumstances, the perfmonctl() system call may not correctly
manage the file descriptor reference count, resulting in the system
possibly running out of file structure (CVE-2006-3741).
Prior to and including 2.6.17, the Universal Disk Format (UDF)
filesystem driver allowed local users to cause a DoS (hang and crash)
via certain operations involving truncated files (CVE-2006-4145).
Various versions of the Linux kernel allowed local users to cause a DoS
(crash) via an SCTP socket with a certain SO_LINGER value, which is
possibly related to the patch used to correct CVE-2006-3745
(CVE-2006-4535).
The Unidirectional Lightweight Encapsulation (ULE) decapsulation
component in the dvb driver allows remote attackers to cause a DoS
(crash) via an SNDU length of 0 in a ULE packet (CVE-2006-4623).
The provided packages are patched to fix these vulnerabilities. All
users are encouraged to upgrade to these updated kernels immediately
and reboot to effect the fixes.
In addition to these security fixes, other fixes have been included
such as:
- added support for new devices: o NetXtreme BCM5715 gigabit ethernet o
NetXtreme II BCM5708 gigabit ethernet - enabled the CISS driver for Xen
kernels - updated ich8 support in ata_piix - enabled support for 1078
type controller in megaraid_sas - multiple fixes for RSBAC support
To update your kernel, please follow the directions located at:
http://www.mandriva.com/en/security/kernelupdate

Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:182
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.