Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.105481
Categoría:F5 Local Security Checks
Título:F5 BIG-IP - Linux kernel vulnerability CVE-2015-7613
Resumen:The remote host is missing a security patch.
Descripción:Summary:
The remote host is missing a security patch.

Vulnerability Insight:
Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c.

Vulnerability Impact:
Exploitation of this issue requires shell access, and a non-standard and unsupported configuration (such as modifications to Linux configuration files) may expose this issue further. F5 does not recommend manually editing Linux configuration files. There is no remote access vector or data plane exposure.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-7613
BugTraq ID: 76977
http://www.securityfocus.com/bid/76977
Debian Security Information: DSA-3372 (Google Search)
http://www.debian.org/security/2015/dsa-3372
http://www.openwall.com/lists/oss-security/2015/10/01/8
RedHat Security Advisories: RHSA-2015:2636
http://rhn.redhat.com/errata/RHSA-2015-2636.html
http://www.securitytracker.com/id/1034094
http://www.securitytracker.com/id/1034592
SuSE Security Announcement: SUSE-SU-2015:1727 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html
SuSE Security Announcement: SUSE-SU-2015:2084 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00026.html
SuSE Security Announcement: SUSE-SU-2015:2085 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00027.html
SuSE Security Announcement: SUSE-SU-2015:2086 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00028.html
SuSE Security Announcement: SUSE-SU-2015:2087 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00029.html
SuSE Security Announcement: SUSE-SU-2015:2089 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00030.html
SuSE Security Announcement: SUSE-SU-2015:2090 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00031.html
SuSE Security Announcement: SUSE-SU-2015:2091 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00032.html
http://www.ubuntu.com/usn/USN-2761-1
http://www.ubuntu.com/usn/USN-2762-1
http://www.ubuntu.com/usn/USN-2763-1
http://www.ubuntu.com/usn/USN-2764-1
http://www.ubuntu.com/usn/USN-2765-1
http://www.ubuntu.com/usn/USN-2792-1
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.