This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Security fixes :
- several flaws were found in the way the Linux kernel
CIFS implementation handles Unicode strings. CIFS
clients convert Unicode strings sent by a server to
their local character sets, and then write those strings
into memory. If a malicious server sent a long enough
string, it could write past the end of the target memory
region and corrupt other memory areas, possibly leading
to a denial of service or privilege escalation on the
client mounting the CIFS share. (CVE-2009-1439,
- the Linux kernel Network File System daemon (nfsd)
implementation did not drop the CAP_MKNOD capability
when handling requests from local, unprivileged users.
This flaw could possibly lead to an information leak or
privilege escalation. (CVE-2009-1072, Moderate)
- Frank Filz reported the NFSv4 client was missing a file
permission check for the execute bit in some situations.
This could allow local, unprivileged users to run
non-executable files on NFSv4 mounted file systems.
- a missing check was found in the hypervisor_callback()
function in the Linux kernel provided by the kernel-xen
package. This could cause a denial of service of a
32-bit guest if an application running in that guest
accesses a certain memory location in the kernel.
- a flaw was found in the AGPGART driver. The
agp_generic_alloc_page() and agp_generic_alloc_pages()
functions did not zero out the memory pages they
allocate, which may later be available to user-space
processes. This flaw could possibly lead to an
information leak. (CVE-2009-1192, Low)
Bug fixes :
- a race in the NFS client between destroying cached
access rights and unmounting an NFS file system could
have caused a system crash. 'Busy inodes' messages may
have been logged. (BZ#498653)
- nanosleep() could sleep several milliseconds less than
the specified time on Intel Itanium®
- LEDs for disk drives in AHCI mode may have displayed a
fault state when there were no faults. (BZ#500120)
- ptrace_do_wait() reported tasks were stopped each time
the process doing the trace called wait(), instead of
reporting it once. (BZ#486945)
- epoll_wait() may have caused a system lockup and
problems for applications. (BZ#497322)
- missing capabilities could possibly allow users with an
fsuid other than 0 to perform actions on some file
system types that would otherwise be prevented.
- on NFS mounted file systems, heavy write loads may have
blocked nfs_getattr() for long periods, causing commands
that use stat(2), such as ls, to hang. (BZ#486926)
- in rare circumstances, if an application performed
multiple O_DIRECT reads per virtual memory page and also
performed fork(2), the buffer storing the result of the
I/O may have ended up with invalid data. (BZ#486921)
- when using GFS2, gfs2_quotad may have entered an
uninterpretable sleep state. (BZ#501742)
- with this update, get_random_int() is more random and no
longer uses a common seed value, reducing the
possibility of predicting the values returned.
- the '-fwrapv' flag was added to the gcc build options to
prevent gcc from optimizing away wrapping. (BZ#501751)
- a kernel panic when enabling and disabling iSCSI paths.
- using the Broadcom NetXtreme BCM5704 network device with
the tg3 driver caused high system load and very bad
- '/proc/[pid]/maps' and '/proc/[pid]/smaps' can only be
read by processes able to use the ptrace() call on a
however, certain information from
'/proc/[pid]/stat' and '/proc/[pid]/wchan' could be used
to reconstruct memory maps. (BZ#499546)
The system must be rebooted for this update to take effect.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.8
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60599 ()
CVE ID: CVE-2009-1072CVE-2009-1192CVE-2009-1439CVE-2009-1630CVE-2009-1633CVE-2009-1758
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.