Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-331-1)

Ubuntu Security Notice (C) 2006-2015 Canonical, Inc. / NASL script (C) 2007-2015 Tenable Network Security, Inc.

Synopsis :

The remote Ubuntu host is missing one or more security-related patches.

Description :

A Denial of service vulnerability was reported in iptables' SCTP
conntrack module. On computers which use this iptables module, a
remote attacker could exploit this to trigger a kernel crash.

A buffer overflow has been discovered in the dvd_read_bca() function.
By inserting a specially crafted DVD, USB stick, or similar
automatically mounted removable device, a local user could crash the
machine or potentially even execute arbitrary code with full root
privileges. (CVE-2006-2935)

The ftdi_sio driver for serial USB ports did not limit the amount of
pending data to be written. A local user could exploit this to drain
all available kernel memory and thus render the system unusable.

Additionally, this update fixes a range of bugs.

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.8
Public Exploit Available : false

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 27910 ()

Bugtraq ID: 18847

CVE ID: CVE-2006-2934