This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.
The remote SuSE 10 host is missing a security-related patch.
This update fixes a several security issues and various bugs in the
SUSE Linux Enterprise 10 SP 2 kernel.
The following security issues were fixed :
- Two sysfs filers in the qla2xxx driver were
worldwriteable, so users could change SCSI attributes of
the qla2xxx driver. CVE-2009-4536:
drivers/net/e1000/e1000_main.c in the e1000 driver in
the Linux kernel handles Ethernet frames that exceed the
MTU by processing certain trailing payload data as if it
were a complete frame, which allows remote attackers to
bypass packet filters via a large packet with a crafted
(The e1000e driver is not included in the SLES 10 SP2 kernel, so
CVE-2009-4538 does not affect this kernel.)
See also :
Apply ZYPP patch number 6810.
Risk factor :
Critical / CVSS Base Score : 10.0