Oval Definition:oval:org.mitre.oval:def:9670
Revision Date:2013-04-29Version:12
Title:The Linux kernel before 2.6.23-rc1 checks the wrong global variable for the CIFS sec mount option, which might allow remote attackers to spoof CIFS network traffic that the client configured for security signatures, as demonstrated by lack of signing despite sec=ntlmv2i in a SetupAndX request.
Description:The Linux kernel before 2.6.23-rc1 checks the wrong global variable for the CIFS sec mount option, which might allow remote attackers to spoof CIFS network traffic that the client configured for security signatures, as demonstrated by lack of signing despite sec=ntlmv2i in a SetupAndX request.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2007-3843
Platform(s):CentOS Linux 4
CentOS Linux 5
Oracle Linux 4
Oracle Linux 5
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Product(s):
Definition Synopsis
  • OS Section: RHEL4, CentOS4, Oracle Linux 4
  • RHEL4, CentOS4 or Oracle Linux 4
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • OR CentOS Linux 4.x
  • OR Oracle Linux 4.x
  • AND Configuration section
  • kernel-xenU is earlier than 0:2.6.9-55.0.12.EL
  • OR kernel-hugemem is earlier than 0:2.6.9-55.0.12.EL
  • OR kernel-hugemem-devel is earlier than 0:2.6.9-55.0.12.EL
  • OR kernel-xenU-devel is earlier than 0:2.6.9-55.0.12.EL
  • OR kernel-smp-devel is earlier than 0:2.6.9-55.0.12.EL
  • OR kernel-largesmp-devel is earlier than 0:2.6.9-55.0.12.EL
  • OR kernel is earlier than 0:2.6.9-55.0.12.EL
  • OR kernel-devel is earlier than 0:2.6.9-55.0.12.EL
  • OR kernel-doc is earlier than 0:2.6.9-55.0.12.EL
  • OR kernel-largesmp is earlier than 0:2.6.9-55.0.12.EL
  • OR kernel-smp is earlier than 0:2.6.9-55.0.12.EL
  • OR OS Section: RHEL5, CentOS5, Oracle Linux 5
  • RHEL5, CentOS5 or Oracle Linux 5
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • OR Oracle Linux 5.x
  • AND Configuration section
  • kernel-kdump is earlier than 0:2.6.18-8.1.10.el5
  • OR kernel-xen is earlier than 0:2.6.18-8.1.10.el5
  • OR kernel-headers is earlier than 0:2.6.18-8.1.10.el5
  • OR kernel-kdump-devel is earlier than 0:2.6.18-8.1.10.el5
  • OR kernel-xen-devel is earlier than 0:2.6.18-8.1.10.el5
  • OR kernel is earlier than 0:2.6.18-8.1.10.el5
  • OR kernel-PAE-devel is earlier than 0:2.6.18-8.1.10.el5
  • OR kernel-devel is earlier than 0:2.6.18-8.1.10.el5
  • OR kernel-PAE is earlier than 0:2.6.18-8.1.10.el5
  • OR kernel-doc is earlier than 0:2.6.18-8.1.10.el5
  • OR kernel-debuginfo-common is earlier than 0:2.6.18-8.1.10.el5
    • BACK