This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.
The remote SuSE 10 host is missing a security-related patch.
This SUSE Linux Enterprise 10 SP3 kernel update fixes a severe
regression introduced by previous bugfix updates that would corrupt
NFSv4 mounted data.
The update also fixes several other bugs and following security
- drivers/net/r8169.c in the r8169 driver of Linux kernel
188.8.131.52 and earlier does not properly check the size of
an Ethernet frame that exceeds the maximum transmission
unit (MTU), which allows remote attackers to.
1. cause a denial of service (temporary network outage)
via a packet with a crafted size, in conjunction with
certain packets containing A characters and certain
packets containing E characters; or 2. cause a denial of
service (system crash) via a packet with a crafted size,
in conjunction with certain packets containing '0'
characters, related to the value of the status register
and erroneous behavior associated with the RxMaxSize
- An information leak in 32bit emulation on x86_64
machines could disclose sensitive information to local
See also :
Apply ZYPP patch number 7059.
Risk factor :
High / CVSS Base Score : 7.8