MiracleLinux 3 : kexec-tools-1.102pre-154.0.1.AXS3 (AXSA:2012-274:02)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-274:02 advisory. kexec-tools provides /sbin/kexec binary that facilitates a new kernel to boot using the kernel's kexec feature either on a normal or a panic reboot...

Oracle Linux 6 : kexec-tools (ELSA-2011-1532)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2011-1532 advisory. 2.0.0-209.0.1.el6 - Make sure '--allow-missing' is effective by adding to MKDUMPRDARGS in kdump.sysconfig, kdump.sysconfig.i386, and...

Oracle: Security Advisory (ELSA-2011-1532)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-3588

The SSH configuration in the Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, disables the StrictHostKeyChecking option, which allows man-in-the-middle attackers to spoof kdump servers...

CVE-2011-3588

CVE-2011-3588 relates to the kexec-tools/ mkdumprd OpenSSH integration where the SSH option StrictHostKeyChecking is disabled in affected Red Hat kdump tooling (kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209). This enables a man-in-the-middle to spoof the kdump server and exfiltrate...

Oracle Linux 5 : kexec-tools (ELSA-2012-0152)

The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2012-0152 advisory. 1.102pre-154.0.3 - mkdumprd.orig get packed, remove it. 1.102pre-154.0.2 - fix mounting root fs on labeled disk Maxim Uvarov orabug: 13709374...

Scientific Linux Security Update : kexec-tools on SL6.x i386/x86_64

Kexec allows for booting a Linux kernel from the context of an already running kernel. Kdump used the SSH Secure Shell 'StrictHostKeyChecking=no' option when dumping to SSH targets, causing the target kdump server's SSH host key not to be checked. This could make it easier for a man-in-the-middle...

RedHat Update for kexec-tools RHSA-2011:1532-03

Check for the Version of kexec-tools OpenVAS Vulnerability Test RedHat Update for kexec-tools RHSA-2011:1532-03 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

RedHat Update for kexec-tools RHSA-2011:1532-03

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RHEL 5 : kexec-tools (RHSA-2012:0152)

The remote Redhat Enterprise Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2012:0152 advisory. The kexec-tools package contains the /sbin/kexec binary and utilities that together form the user-space component of the kernel's kexec...

Linux系统kdump和mkdumprd工具信息泄露漏洞

BUGTRAQ ID: 50416 CVE ID: CVE-2011-3588 Linux是自由电脑操作系统。 Linux系统的kdump和mkdumprd工具在实现上存在远程信息泄露漏洞，远程攻击者可利用此漏洞获取敏感信息 Linux kernel 3.x Linux kernel 2.6.x RedHat Enterprise Linux Workstation 6 RedHat Enterprise Linux Server 6 RedHat Enterprise Linux HPC Node 6 RedHat Enterprise Linux Desktop 6 厂商补丁：...

RHEL 6 : kexec-tools (RHSA-2011:1532)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2011:1532 advisory. Kexec allows for booting a Linux kernel from the context of an already running kernel. Kdump used the SSH Secure Shell...