This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This kernel update fixes the following security problems :
- CVE-2006-3745: A double userspace copy in a SCTP ioctl
allows local attackers to overflow a buffer in the
kernel, potentially allowing code execution and
privilege escalation. [#199441]
- CVE-2006-4093: Local attackers were able to crash
PowerPC systems with PPC970 processor using a not
correctly disabled privileged instruction ('attn').
- CVE-2006-3468: Remote attackers able to access an NFS of
a ext2 or ext3 filesystem can cause a denial of service
(file system panic) via a crafted UDP packet with a V2
lookup procedure that specifies a bad file handle (inode
number), which triggers an error and causes an exported
directory to be remounted read-only. [#192988]
Additionaly this kernel catches up to the SLE 10 state of the kernel,
with massive additional fixes.
Update the affected kernel packages.
Risk factor :
High / CVSS Base Score : 7.8