Vulnerability Assessment & Network Security Forums
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.
Vulnerability Assessment Details
Check for the version of the kernel package
Detailed Explanation for this Vulnerability Assessment
The remote host is missing the patch for the advisory MDKSA-2006:182 (kernel).
A number of vulnerabilities were discovered and corrected in the Linux
Stephane Eranian discovered an issue with permon2.0 where, under
certain circumstances, the perfmonctl() system call may not correctly
manage the file descriptor reference count, resulting in the system
possibly running out of file structure (CVE-2006-3741).
Prior to and including 2.6.17, the Universal Disk Format (UDF)
filesystem driver permited local users to cause a DoS (hang and crash)
via certain operations involving truncated files (CVE-2006-4145).
Various versions of the Linux kernel permited local users to cause a DoS
(crash) via an SCTP socket with a certain SO_LINGER value, which is
possibly related to the patch used to correct CVE-2006-3745
The Unidirectional Lightweight Encapsulation (ULE) decapsulation
component in the dvb driver permits remote attackers to cause a DoS
(crash) via an SNDU length of 0 in a ULE packet (CVE-2006-4623).
The provided packages are patched to fix these vulnerabilities. All
users are encouraged to upgrade to these updated kernels immediately
and reboot to effect the fixes.
In addition to these security fixes, other fixes have been included
- added support for new devices: o NetXtreme BCM5715 gigabit ethernet o
NetXtreme II BCM5708 gigabit ethernet - enabled the CISS driver for Xen
kernels - updated ich8 support in ata_piix - enabled support for 1078
type controller in megaraid_sas - multiple fixes for RSBAC support
To update your kernel, please follow the directions located at:
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:182
Network Security Threat Level: High
Networks Security ID:
Vulnerability Assessment Copyright: This script is Copyright (C) 2007 Tenable Network Security
|Intel Core 2 Quad Q8200 2.33 GHz 4MB 1333FSB Quad-Core Processor LGA 775 (SLB5M)
|Brand New AMD A8-5600K 3.6GHz AD560KWOA44HJ Quad Core FM2 Processor
|HP INTEGRITY RX7640 RX8640 4X CPU MOTHERBOARD 48GB RAM AB313-0008A A9849-60301
|Intel 3.70 GHz Core i3-6100 3M Cache Processor (BX80662I36100)
No Discussions have been posted on this vulnerability.