Scientific Linux Security Update : kernel on SL4.x i386/x86_64

This script is Copyright (C) 2012 Tenable Network Security, Inc.

Synopsis :

The remote Scientific Linux host is missing one or more security

Description :

These new kernel packages contain fixes for the security issues
described below :

- a flaw in the ISDN CAPI subsystem that allowed a remote
user to cause a denial of service or potential remote
access. Exploitation would require the attacker to be
able to send arbitrary frames over the ISDN network to
the victim's machine. (CVE-2007-1217, Moderate)

- a flaw in the perfmon subsystem on ia64 platforms that
allowed a local user to cause a denial of service.
(CVE-2006-0558, Moderate)

In addition, the following bugs were addressed :

- a panic after reloading of the LSI Fusion driver.

- a vm performance problem was corrected by balancing
inactive page lists.

- added a nodirplus option to address NFSv3 performance
issues with large directories.

- changed the personality handling to disallow personality
changes of setuid and setgid binaries. This ensures they
keep any randomization and Exec-shield protection.

See also :

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.9

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 60246 ()

Bugtraq ID:

CVE ID: CVE-2006-0558

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now