Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:18987
HistoryJan 23, 2010 - 12:00 a.m.

Red Hat Linux内核'qla2xxx'驱动安全绕过漏洞

2010-01-2300:00:00
Root
www.seebug.org
12

0.0004 Low

EPSS

Percentile

5.7%

JSON

Bugraq ID: 37876
CVE ID:CVE-2009-3556

Red Hat是一款流行的Linux发行版本。
qla2xxx驱动支持N_Port ID Virtualization (NPIV),它增加了两个新的sysfs pseudo文件:"/sys/class/scsi_host/[a qla2xxx host]/vport_create"和"vport_delete",这两个文件默认全局可写,允许本地用户更改SCSI主机属性。
此漏洞仅影响使用qla2xxx驱动和NPIV硬件。

RedHat Enterprise Linux EUS 5.4.z server
RedHat Enterprise Linux Desktop 5 client
RedHat Enterprise Linux 5 server
厂商解决方案
用户可参考如下供应商提供的安全补丁:
https://bugzilla.redhat.com/show_bug.cgi?id=537177

Related

seebug 1
veracode 1
prion 1
cve 1
ubuntucve 1
suse 2
nessus 9
redhat 2
openvas 7
centos 1
oraclelinux 2
vmware 2
seebug
seebug
Red Hat Linux Kernel qla2xxx驱动完全可写文件漏洞
2010-01-26 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:39:24
prion
prion
Code injection
2010-01-27 17:30:00
cve
cve
CVE-2009-3556
2010-01-27 17:30:00
ubuntucve
ubuntucve
CVE-2009-3556
2010-01-27 00:00:00
suse
suse
kernel remote denial of service in kernel
2010-02-05 10:01:11
remote denial of service in kernel
2010-03-30 11:45:05
nessus
nessus
SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6806)
2010-02-05 00:00:00
SuSE 10 Security Update : Linux kernel (x86_64) (ZYPP Patch Number 6929)
2012-05-17 00:00:00
SuSE 10 Security Update : Linux kernel (x86) (ZYPP Patch Number 6925)
2010-10-11 00:00:00
redhat
redhat
(RHSA-2010:0046) Important: kernel security and bug fix update
2010-01-19 00:00:00
(RHSA-2010:0095) Important: rhev-hypervisor security and bug fix update
2010-02-09 00:00:00
openvas
openvas
CentOS Update for kernel CESA-2010:0046 centos5 i386
2011-08-09 00:00:00
RedHat Update for kernel RHSA-2010:0046-01
2010-01-20 00:00:00
CentOS Update for kernel CESA-2010:0046 centos5 i386
2011-08-09 00:00:00
centos
centos
kernel security update
2010-01-20 18:10:39
oraclelinux
oraclelinux
kernel security and bug fix update
2010-01-20 00:00:00
Oracle Enterprise Linux 5.5 kernel security and bug fix update
2010-04-05 00:00:00
vmware
vmware
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00

0.0004 Low

EPSS

Percentile

5.7%

JSON
Related for SSV:18987
seebug1veracode1prion1cve1ubuntucve1suse2nessus9redhat2openvas7centos1oraclelinux2vmware2