Ubuntu 12.04 LTS : linux vulnerabilities (USN-1833-1)

Ubuntu Security Notice (C) 2013-2016 Canonical, Inc. / NASL script (C) 2013-2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing one or more security-related
patches.

Description :

Andy Lutomirski discover an error in the Linux kernel's credential
handling on unix sockets. A local user could exploit this flaw to gain
administrative privileges. (CVE-2013-1979)

A buffer overflow vulnerability was discovered in the Broadcom tg3
ethernet driver for the Linux kernel. A local user could exploit this
flaw to cause a denial of service (crash the system) or potentially
escalate privileges on the system. (CVE-2013-1929)

A flaw was discovered in the Linux kernel's ftrace subsystem
interface. A local user could exploit this flaw to cause a denial of
service (system crash). (CVE-2013-3301).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 66587 ()

Bugtraq ID: 58908
59055
59538

CVE ID: CVE-2013-1929
CVE-2013-1979
CVE-2013-3301

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial