The remote host is missing an update to kernel announced via advisory MDVSA-2009:301.
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:301
Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 188.8.131.52 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddpN device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. (CVE-2009-2903) Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. (CVE-2009-3547) The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 184.108.40.206 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881. (CVE-2009-3612) net/unix/af_unix.c in the Linux kernel 220.127.116.11 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. (CVE-2009-3621) Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 18.104.22.168 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function. (CVE-2009-3638) The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state. (CVE-2009-3726) Additionaly, it includes the fixes from the stable kernel version 22.214.171.124. It also fixes issues with the bnx2 module in which the machine could become unresponsive. For details, see the package changelog. To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate Affected: Enterprise Server 5.0
CVE CVE-2005-4881, CVE-2009-2903, CVE-2009-3547, CVE-2009-3612, CVE-2009-3621, CVE-2009-3638, CVE-2009-3726
CVSS Base Score: 7.8