Ubuntu 8.04 LTS : linux vulnerabilities (USN-1390-1)

Ubuntu Security Notice (C) 2012-2016 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.

Synopsis :

The remote Ubuntu host is missing one or more security-related

Description :

Dan Rosenberg reported errors in the OSS (Open Sound System) MIDI
interface. A local attacker on non-x86 systems might be able to cause
a denial of service. (CVE-2011-1476)

Dan Rosenberg reported errors in the kernel's OSS (Open Sound System)
driver for Yamaha FM synthesizer chips. A local user can exploit this
to cause memory corruption, causing a denial of service or privilege
escalation. (CVE-2011-1477)

Ben Hutchings reported a flaw in the kernel's handling of corrupt LDM
partitions. A local user could exploit this to cause a denial of
service or escalate privileges. (CVE-2011-2182)

A flaw was discovered in the Linux kernel's NFSv4 (Network File System
version 4) file system. A local, unprivileged user could use this flaw
to cause a denial of service by creating a file in a NFSv4 filesystem.

A flaw was found in how the linux kernel handles user-space held
futexs. An unprivileged user could exploit this flaw to cause a denial
of service or possibly elevate privileges. (CVE-2012-0028).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.2
CVSS Temporal Score : 6.3
Public Exploit Available : true

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 58271 ()

Bugtraq ID: 47007

CVE ID: CVE-2011-1476

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now