|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2004:029: kernel Vulnerability Assessment Details
|
MDKSA-2004:029: kernel |
||
Check for the version of the kernel package Detailed Explanation for this Vulnerability Assessment The remote host is missing the patch for the advisory MDKSA-2004:029 (kernel). A vulnerability was found in the R128 DRI driver by Alan Cox. This could permit local privilege escalation. The previous fix, in MDKSA-2004:015 only partially corrected the problem the full fix is included (CVE-2004-0003). A local root vulnerability was discovered in the isofs component of the Linux kernel by iDefense. This vulnerability can be triggered by performing a directory listing on a maliciously constructed ISO filesystem, or attempting to access a file via a malformed symlink on such a filesystem (CVE-2004-0109). An information leak was discovered in the ext3 filesystem code by Solar Designer. It was discovered that when creating or writing to an ext3 filesystem, some amount of other in-memory data gets written to the device. The data is not the file's contents, not something on the same filesystem, or even anything that was previously in a file at all. To obtain this data, a user needs to read the raw device (CVE-2004-0177). The same vulnerability was also found in the XFS filesystem code (CVE-2004-0133) and the JFS filesystem code (CVE-2004-0181). Finally, a vulnerability in the OSS code for SoundBlaster 16 devices was discovered by Andreas Kies. It is possible for local users with access to the sound system to crash the machine (CVE-2004-0178). The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels. To update your kernel, please follow the directions located at: http://www.mandrakesecure.net/en/kernelupdate.php Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:029 Network Security Threat Level: High Networks Security ID: 10152, 9570 Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security |
||
Cables, Connectors |
Dell Poweredge R640 Server | 2x Silver 4114 20 Cores | 96GB | 8x 1.8TB Dell SAS
$2749.99
DELL PowerEdge R730 Server 2x E5-2690v3 2.6GHz =24 Cores 32GB H730 4xRJ45
$274.00
Dell PowerEdge R730XD 28 Core Server 2X Xeon E5-2680 V4 H730 128GB RAM No HDD
$389.99
Dell PowerEdge R730, 2 sinks, SystemBoard, 8 trays,H330,Idrac 8 exp, 2x750w Psu
$135.00
Dell PowerEdge R720XD Xeon E5-2680 V2 2.8GHz 20 Cores 256GB RAM 12x4TB
$510.00
Dell PowerEdge R620 Server 2x E5-2660 v1 2.2GHz 16 Cores 256GB RAM 1x 300GB HDD
$89.99
Dell PowerEdge R720 Server - 2x8c CPU,256Gb RAM, 128Gb SSD/3x600Gb SAS, Proxmox
$340.00
DELL PowerEdge R730 16SFF Server 2x E5-2690v4 =28 Cores No RAM/ HDD H730 4xRJ45
$232.97
DELL PowerEdge R730 Server 2x E5-2680v4 2.4GHz =28 Cores 32GB H730 4xRJ45
$284.00
DELL PowerEdge R630 8SFF Server 2x E5-2680v3 2.5GHz =24 Cores 32GB H730 4xRJ45
$240.00
|
||
No Discussions have been posted on this vulnerability. |