Oracle: Security Advisory (ELSA-2011-0320)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : libcgroup-devel (openSUSE-SU-2011:0316-1)

libcgroup suffered from a heap based buffer overflow CVE-2011-1006. The cgrulesengd daemon did not verify the origin of netlink messages, allowing local users to spoof events CVE-2011-1022. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

openSUSE Security Update : libcgroup-devel (openSUSE-SU-2011:0316-1)

Two security bugfixes in libcgroup1 were done : libcgroup suffered from a heap based buffer overflow CVE-2011-1006. The cgrulesengd daemon did not verify the origin of netlink messages, allowing local users to spoof events CVE-2011-1022. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Oracle Linux 6 : libcgroup (ELSA-2011-0320)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0320 advisory. 0.36-6.1 - Fixed buffer overflow when parsing cgexec command line parameters. - Added checking of source of netlink messages to cgrulesengd daemon. -...

Scientific Linux Security Update : libcgroup on SL6.x i386/x86_64

A heap-based buffer overflow flaw was found in the way libcgroup converted a list of user-provided controllers for a particular task into an array of strings. A local attacker could use this flaw to escalate their privileges via a specially crafted list of controllers. CVE-2011-1006 It was...

RedHat Update for libcgroup RHSA-2011:0320-01

Check for the Version of libcgroup OpenVAS Vulnerability Test RedHat Update for libcgroup RHSA-2011:0320-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

RedHat Update for libcgroup RHSA-2011:0320-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for libcgroup FEDORA-2011-2570

Check for the Version of libcgroup OpenVAS Vulnerability Test Fedora Update for libcgroup FEDORA-2011-2570 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

Fedora Update for libcgroup FEDORA-2011-2570

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 13 : libcgroup-0.35.1-5.fc13 (2011-2570)

Two security bugs were fixed in this release : - CVE-2011-1006: Heap-based buffer overflow by converting list of controllers for given task into an array of strings - CVE-2011-1022: Unchecked origin of NETLINK messages Note that Tenable Network Security has extracted the preceding description blo...

Debian: Security Advisory (DSA-2193-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : libcgroup-devel (openSUSE-SU-2011:0316-1)

libcgroup suffered from a heap based buffer overflow CVE-2011-1006. The cgrulesengd daemon did not verify the origin of netlink messages, allowing local users to spoof events CVE-2011-1022. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

Fedora 15 : libcgroup-0.37.1-1.fc15 (2011-2638)

Two security bugs were fixed in this release : - CVE-2011-1006: Heap-based buffer overflow by converting list of controllers for given task into an array of strings - CVE-2011-1022: Unchecked origin of NETLINK messages Note that Tenable Network Security has extracted the preceding description blo...

Fedora 14 : libcgroup-0.36.2-6.fc14 (2011-2631)

Two security bugs were fixed in this release : - CVE-2011-1006: Heap-based buffer overflow by converting list of controllers for given task into an array of strings - CVE-2011-1022: Unchecked origin of NETLINK messages Note that Tenable Network Security has extracted the preceding description blo...

[SECURITY] [DSA 2193-1] libcgroup security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2193-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 16, 2011 http://www.debian.org/security/faq -...

DEBIAN-CVE-2011-1022

The cgrereceivenetlinkmsg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library aka libcgroup or libcg before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted...

CVE-2011-1022

CVE-2011-1022 affects the libcgroup (libcg) cgrulesengd component. It arises from the cgrulesengd.c function cgre_receive_netlink_msg not validating that Netlink messages originate from the kernel, allowing a local attacker to bypass resource restrictions via a crafted Netlink message. Public det...

[SECURITY] [DSA 2193-1] libcgroup security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2193-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 16, 2011 http://www.debian.org/security/faq -...

RHEL 6 : libcgroup (RHSA-2011:0320)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0320 advisory. The libcgroup packages provide tools and libraries to control and monitor control groups. A heap-based buffer overflow flaw was found in the...