Description: | Description:
The remote host is missing updates announced in advisory TSLSA-2006-0042.
gnupg < TSL 3.0 > < TSL 2.2 > < TSEL 2 > - SECURITY Fix: A vulnerability has been reported in GnuPG, cause due to an input validation error within parse-packet.c when handling the length of a message packet. This can be exploited to cause gpg to consume large amount of memory or crash via an overly large packet length in a message packet. This can be further exploited to cause an integer overflow which leads to a possible memory corruption that crashes gpg.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2006-3082 to this issue.
kernel < TSL 3.0 > - New upstream. - Upgraded 3ware 9xxx RAID driver, Bug #1823. - SECURITY FIX: A vulnerability has been reported in the Linux kernel, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to a race condition in /proc when changing file status. Successful exploitation allows execution of arbitrary code with root privileges.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2006-3626 to this issue.
samba < TSL 3.0 > < TSL 2.2 > < TSEL 2 > - SECURITY Fix: A vulnerability has been reported in Samba, caused due to an error when handling a lot of share connection requests. This can be exploited to cause smbd to exhaust memory resources via a large number of share connections.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2006-3403 to this issue.
Solution: Update your system with the packages as indicated in the referenced security advisory.
https://secure1.securityspace.com/smysecure/catid.html?in=TSLSA-2006-0042
Risk factor : High
CVSS Score: 6.2
|