|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2003:074: kernel Vulnerability Assessment Details
|
MDKSA-2003:074: kernel |
||
Check for the version of the kernel package Detailed Explanation for this Vulnerability Assessment The remote host is missing the patch for the advisory MDKSA-2003:074 (kernel). Multiple vulnerabilities were discovered and fixed in the Linux kernel. * CVE-2003-0001: Multiple ethernet network card drivers do not pad frames with null bytes which permits remote attackers to obtain information from previous packets or kernel memory by using special malformed packets. * CVE-2003-0244: The route cache implementation in the 2.4 kernel and the Netfilter IP conntrack module permits remote attackers to cause a Denial of Service (DoS) via CPU consumption due to packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain. * CVE-2003-0246: The ioperm implementation in 2.4.20 and earlier kernels does not properly restrict rights, which permits local users to gain read or write access to certain I/O ports. * CVE-2003-0247: A vulnerability in the TTY layer of the 2.4 kernel permits attackers to cause a kernel oops resulting in a DoS. * CVE-2003-0248: The mxcsr code in the 2.4 kernel permits attackers to modify CPU state registers via a malformed address. * CVE-2003-0462: A file read race existed in the execve() system call. Kernels for 9.1/x86 are also available (see MDKSA-2003:066). MandrakeSoft encourages all users to upgrade to these new kernels. For full instructions on how to properly upgrade your kernel, please review http://www.mandrakesecure.net/en/docs/magic.php. Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:074 Network Security Threat Level: High Networks Security ID: 7791, 8042 Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security |
||
Cables, Connectors |
DEC DIGITAL Equipment Corp VT220-D2 Vintage CRT Terminal
$215.00
DEC PDP 8/M PDP 8M / 4 avail / Vintage Digital Equipment Corp /Also DEC PDP 12
$5775.00
Digital Equipment Corporation DEC-2000 Vintage Keyboard - NOS NEW in Plastic
$129.95
Rare Vintage DEC DIGITAL DFO3 modem with manual Powers up but UNTESTED
$69.95
Vintage DEC Digital RX 180 AB Dual 5.25" Disk Drive
$149.00
Vintage Digital DEC dfo1 Acoustic Coupler modem Anderson Jacobsen Mod# A242 RARE
$195.95
Vintage DEC/CLEARPOINT INC. -QRAM-2 SAB-1 1MB Q-BUS MEMORY MSV11-QA (B2)
$129.99
Vintage DEC Digital HiNote VP TS30G Laptop AS-IS READ Tested with external mon
$80.00
VINTAGE DEC Digital RK11-D DISK CONTROL M7255 PDP 11 (B1)
$129.99
Vintage DEC/The Redac mini cabinet front panel Digital Equipment Corp. 19"
$269.99
|
||
No Discussions have been posted on this vulnerability. |