EUVD-2008-4535

Malware in sbrugna...

curl security and bug fix update

7.61.1-30.el88.2 - sftp: do not specify OAPPEND when not in append mode 2187717 7.61.1-30.el88.1 - fix FTP too eager connection reuse CVE-2023-27535...

Oracle Linux 5 : kernel (ELSA-2008-1017)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-1017 advisory. - drm i915 driver arbitrary ioremap Eugene Teo 464508 464509 CVE-2008-3831 - fs don't allow splice to files opened with OAPPEND Eugene Teo 466709 46671...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

Olaf Kirch reported a flaw in the i915 kernel driver that only affects the Intel G33 series and newer. This flaw could, potentially, lead to local privilege escalation. CVE-2008-3831, Important - Miklos Szeredi reported a missing check for files opened with OAPPEND in the syssplice. This could...

RedHat Update for kernel RHSA-2008:1017-01

Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2008:1017-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any...

Debian DSA-1681-1 : linux-2.6.24 - denial of service/privilege escalation

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3528 Eugene Teo reported a local DoS issue in the ext2 and ext3 filesystem...

DSA-1681-1 linux-2.6.24 - several vulnerabilities

Bulletin has no description...

kernel security and bug fix update

2.6.9-78.0.8.0.1.EL - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with...

Fedora 9 : kernel-2.6.26.6-79.fc9 (2008-8929)

Update kernel from version 2.6.26.5 to 2.6.26.6: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.6 CVE-2008-3831 An IOCTL in the i915 driver was not properly restricted to users with the proper capabilities to use it. CVE-2008-4410 The vmiwriteldtentry function in...

Remote file inclusion

The dosplicefrom function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the OAPPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file...

CVE-2008-4554

CVE-2008-4554 affects the Linux kernel in the do_splice_from function (fs/splice.c). Before 2.6.27, it does not reject file descriptors with the O_APPEND flag, allowing a local attacker to bypass append mode and make arbitrary changes to other parts of a file. The vulnerability is tied to the ker...