{"osvdb": [{"lastseen": "2017-04-28T13:19:59", "references": [], "edition": 1, "description": "## Vulnerability Description\nLinux kernel contains a flaw that may allow a local denial of service. The issue is triggered when the Linux kernel function \"set_fpxregs\" doesn't consider the \"__copy_from_user\" failed condition. This could cause the contents of the MXCSR register to be corrupted, and potentially cause a reserved bit within the register to be unexpectedly set, resulting in loss of availability for the platform.\n## Technical Description\nFrom the vulnerable source code in the kernel:\n\n475 int set_fpxregs( struct task_struct *tsk, struct user_fxsr_struct *buf )\n476 {\n477 if ( cpu_has_fxsr ) {\n478 __copy_from_user( &tsk->thread.i387.fxsave, (void *)buf,\n479 sizeof(struct user_fxsr_struct) );\n480 /* mxcsr bit 6 and 31-16 must be zero for security reasons */\n481 tsk->thread.i387.fxsave.mxcsr &= 0xffbf;\n482 return 0;\n483 } else {\n484 return -EIO;\n485 }\n486 }\n\nIf the __copy_from_user in line 478 fails, it will jump over line 481. This could leave a sizeable amount of garbage in the MXCSR register and trigger a general protection fault within the kernel.\n## Solution Description\nUpgrade the linux kernel to version 2.4.23 or higher, as it has been reported to fix this vulnerability. This can be done through various Linux vendor patches or manually installing a newer kernel. An upgrade is required as there are no known workarounds.\n## Short Description\nLinux kernel contains a flaw that may allow a local denial of service. The issue is triggered when the Linux kernel function \"set_fpxregs\" doesn't consider the \"__copy_from_user\" failed condition. This could cause the contents of the MXCSR register to be corrupted, and potentially cause a reserved bit within the register to be unexpectedly set, resulting in loss of availability for the platform.\n## References:\n[Vendor Specific Advisory URL](http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000701)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2003/dsa-332)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2003/dsa-336)\n[Vendor Specific Advisory URL](https://rhn.redhat.com/errata/RHSA-2003-187.html)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2003/dsa-311)\n[Vendor Specific Advisory URL](http://www-1.ibm.com/services/continuity/recover1.nsf/MSS/MSS-OAR-E01-2003.0946.1)\n[Vendor Specific Advisory URL](http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000796)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2003/dsa-312)\n[Vendor Specific Advisory URL](https://rhn.redhat.com/errata/RHSA-2003-195.html)\n[Vendor Specific Advisory URL](http://cc.turbolinux.com/security/TLSA-2003-41.txt)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2004/dsa-442)\nOther Advisory URL: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:066-2\nISS X-Force ID: 12159\n[CVE-2003-0248](https://vulners.com/cve/CVE-2003-0248)\nBugtraq ID: 7793\n", "reporter": "Andrea Arcangeli(andrea@e-mind.com)", "published": "2003-06-03T00:00:00", "type": "osvdb", "title": "Linux Kernel mxcsr CPU State Register Modification", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Kernel", "version": "2.4.20", "operator": "eq"}, {"name": "Kernel", "version": "2.4.1", "operator": "eq"}, {"name": "Kernel", "version": "2.4.18", "operator": "eq"}, {"name": "Kernel", "version": "2.4.10", "operator": "eq"}, {"name": "Kernel", "version": "2.4.21", "operator": "eq"}, {"name": "Kernel", "version": "2.4.13", "operator": "eq"}, {"name": "Kernel", "version": "2.4.3", "operator": "eq"}, {"name": "Kernel", "version": "2.4.15", "operator": "eq"}, {"name": "Kernel", "version": "2.4.17", "operator": "eq"}, {"name": "Kernel", "version": "2.4.0", "operator": "eq"}, {"name": "Kernel", "version": "2.4.8", "operator": "eq"}, {"name": "Kernel", "version": "2.4.12", "operator": "eq"}, {"name": "Kernel", "version": "2.4.2", "operator": "eq"}, {"name": "Kernel", "version": "2.4.16", "operator": "eq"}, {"name": "Kernel", "version": "2.4.5", "operator": "eq"}, {"name": "Kernel", "version": "2.0.22", "operator": "eq"}, {"name": "Kernel", "version": "2.4.19", "operator": "eq"}, {"name": "Kernel", "version": "2.4.9", "operator": "eq"}, {"name": "Kernel", "version": "2.4.4", "operator": "eq"}, {"name": "Kernel", "version": "2.4.14", "operator": "eq"}, {"name": "Kernel", "version": "2.4.6", "operator": "eq"}, {"name": "Kernel", "version": "2.4.11", "operator": "eq"}, {"name": "Kernel", "version": "2.4.7", "operator": "eq"}, {"name": "Kernel", "version": "2.2.18", "operator": "eq"}], "cvelist": ["CVE-2003-0248"], "modified": "2003-06-03T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:4456", "id": "OSVDB:4456", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:07", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n________________________________________________________________________\r\n\r\n Mandrake Linux Security Update Advisory\r\n________________________________________________________________________\r\n\r\nPackage name: kernel\r\nAdvisory ID: MDKSA-2003:066\r\nDate: June 11th, 2003\r\n\r\nAffected versions: 9.1\r\n________________________________________________________________________\r\n\r\nProblem Description:\r\n\r\n Multiple vulnerabilities were discovered and fixed in the Linux kernel.\r\n \r\n * CAN-2003-0001: Multiple ethernet network card drivers do not pad\r\n frames with null bytes which allows remote attackers to obtain\r\n information from previous packets or kernel memory by using\r\n special malformed packets.\r\n \r\n * CAN-2003-0244: The route cache implementation in the 2.4 kernel and\r\n the Netfilter IP conntrack module allows remote attackers to cause a\r\n Denial of Service (DoS) via CPU consumption due to packets with\r\n forged source addresses that cause a large number of hash table\r\n collisions related to the PREROUTING chain.\r\n \r\n * CAN-2003-0246: The ioperm implementation in 2.4.20 and earlier\r\n kernels does not properly restrict privileges, which allows local\r\n users to gain read or write access to certain I/O ports.\r\n \r\n * CAN-2003-0247: A vulnerability in the TTY layer of the 2.4 kernel\r\n allows attackers to cause a kernel oops resulting in a DoS.\r\n \r\n * CAN-2003-0248: The mxcsr code in the 2.4 kernel allows attackers to\r\n modify CPU state registers via a malformed address.\r\n \r\n As well, a number of bug fixes were made in the 9.1 kernel including:\r\n \r\n * Support for more machines that did not work with APIC\r\n * Audigy2 support\r\n * New/updated modules: prims25, adiusbadsl, thinkpad, ieee1394,\r\n orinoco, via-rhine, \r\n * Fixed SiS IOAPIC\r\n * IRQ balancing has been fixed for SMP\r\n * Updates to ext3\r\n * The previous ptrace fix has been redone to work better\r\n \r\n MandrakeSoft encourages all users to upgrade to these new kernels.\r\n Updated kernels will be available shortly for other supported platforms\r\n and architectures.\r\n________________________________________________________________________\r\n\r\nReferences:\r\n \r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0001\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0244\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0246\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0247\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0248\r\n________________________________________________________________________\r\n\r\nUpdated Packages:\r\n \r\n Mandrake Linux 9.1:\r\n bca5bada0476e53911f157e9ec5ca504 9.1/RPMS/kernel-2.4.21.0.18mdk-1-1mdk.i586.rpm\r\n 57ee4b2b038598cbd020f1e0752a61dd 9.1/RPMS/kernel-BOOT-2.4.21.0.18mdk-1-1mdk.i586.rpm\r\n b14c3291fab83bd1894c8b5217311dfa 9.1/RPMS/kernel-doc-2.4.21-0.18mdk.i586.rpm\r\n ed766922171751e1f05c6ce590af9755 9.1/RPMS/kernel-enterprise-2.4.21.0.18mdk-1-1mdk.i586.rpm\r\n 64c554564115626ff86cf3fd5e40ece1 9.1/RPMS/kernel-secure-2.4.21.0.18mdk-1-1mdk.i586.rpm\r\n 944017f71e79714767d94517cd41110d 9.1/RPMS/kernel-smp-2.4.21.0.18mdk-1-1mdk.i586.rpm\r\n 9621bebecb94bc6031ffaa073c4967f1 9.1/RPMS/kernel-source-2.4.21-0.18mdk.i586.rpm\r\n 9d0c651808a2874256489f3a90ad6fdb 9.1/SRPMS/kernel-2.4.21.0.18mdk-1-1mdk.src.rpm\r\n________________________________________________________________________\r\n\r\nBug IDs fixed (see https://qa.mandrakesoft.com for more information):\r\n________________________________________________________________________\r\n\r\nTo upgrade automatically, use MandrakeUpdate. The verification of md5\r\nchecksums and GPG signatures is performed automatically for you.\r\n\r\nIf you want to upgrade manually, download the updated package from one\r\nof our FTP server mirrors and upgrade with "rpm -Fvh *.rpm". A list of\r\nFTP mirrors can be obtained from:\r\n\r\n http://www.mandrakesecure.net/en/ftp.php\r\n\r\nPlease verify the update prior to upgrading to ensure the integrity of\r\nthe downloaded package. You can do this with the command:\r\n\r\n rpm --checksig <filename>\r\n\r\nAll packages are signed by MandrakeSoft for security. You can obtain\r\nthe GPG public key of the Mandrake Linux Security Team from:\r\n\r\n https://www.mandrakesecure.net/RPM-GPG-KEYS\r\n\r\nPlease be aware that sometimes it takes the mirrors a few hours to\r\nupdate.\r\n\r\nYou can view other update advisories for Mandrake Linux at:\r\n\r\n http://www.mandrakesecure.net/en/advisories/\r\n\r\nMandrakeSoft has several security-related mailing list services that\r\nanyone can subscribe to. Information on these lists can be obtained by\r\nvisiting:\r\n\r\n http://www.mandrakesecure.net/en/mlist.php\r\n\r\nIf you want to report vulnerabilities, please contact\r\n\r\n security_linux-mandrake.com\r\n\r\nType Bits/KeyID Date User ID\r\npub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team\r\n <security linux-mandrake.com>\r\n\r\n- -----BEGIN PGP PUBLIC KEY BLOCK-----\r\nVersion: GnuPG v1.0.7 (GNU/Linux)\r\n\r\nmQGiBDlp594RBAC2tDozI3ZgQsE7XwxurJCJrX0L5vx7SDByR5GHDdWekGhdiday\r\nL4nfUax+SeR9SCoCgTgPW1xB8vtQc8/sinJlMjp9197a2iKM0FOcPlkpa3HcOdt7\r\nWKJqQhlMrHvRcsivzcgqjH44GBBJIT6sygUF8k0lU6YnMHj5MPc/NGWt8wCg9vKo\r\nP0l5QVAFSsHtqcU9W8cc7wMEAJzQsAlnvPXDBfBLEH6u7ptWFdp0GvbSuG2wRaPl\r\nhynHvRiE01ZvwbJZXsPsKm1z7uVoW+NknKLunWKB5axrNXDHxCYJBzY3jTeFjsqx\r\nPFZkIEAQphLTkeXXelAjQ5u9tEshPswEtMvJvUgNiAfbzHfPYmq8D6x5xOw1IySg\r\n2e/LBACxr2UJYCCB2BZ3p508mAB0RpuLGukq+7UWiOizy+kSskIBg2O7sQkVY/Cs\r\niyGEo4XvXqZFMY39RBdfm2GY+WB/5NFiTOYJRKjfprP6K1YbtsmctsX8dG+foKsD\r\nLLFs7OuVfaydLQYp1iiN6D+LJDSMPM8/LCWzZsgr9EKJ8NXiyrQ6TGludXggTWFu\r\nZHJha2UgU2VjdXJpdHkgVGVhbSA8c2VjdXJpdHlAbGludXgtbWFuZHJha2UuY29t\r\nPohWBBMRAgAWBQI5aefeBAsKBAMDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmK6LAKCy\r\n/NInDsaMSI+WHwrquwC5PZrcnQCeI+v3gUDsNfQfiKBvQSANu1hdulqIRgQQEQIA\r\nBgUCOtNVGQAKCRBZ5w3um0pAJJWQAKDUoL5He+mKbfrMaTuyU5lmRyJ0fwCgoFAP\r\nWdvQlu/kFjphF740XeOwtOqIRgQQEQIABgUCOu8A6QAKCRBynDnb9lq3CnpjAJ4w\r\nPk0SEE9U4r40IxWpwLU+wrWVugCdFfSPllPpZRCiaC7HwbFcfExRmPaIRgQQEQIA\r\nBgUCPI+UAwAKCRDniYrgcHcf8xK5AKCm/Mq8qP8GE0o1hEX22QsJMZwH5gCfZ72H\r\n8TacOb3oAmBdprf+K6gkdOiIRgQQEQIABgUCOtOieAAKCRCv2bZyU0yB80MeAJ9K\r\n+jXt0cKuaUonRU+CRGetk6t9dgCfTRRL6/puOKdD6md70+K5EBBSvsG0OE1hbmRy\r\nYWtlIExpbnV4IFNlY3VyaXR5IFRlYW0gPHNlY3VyaXR5QG1hbmRyYWtlc29mdC5j\r\nb20+iFcEExECABcFAjyPnuUFCwcKAwQDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmFi+\r\nAJsHhohgnU3ik4+gy3EdFlB2i/MBoACg6lHn5cnVvTcmgNccWxeNxLLZI5e5AQ0E\r\nOWnn7xAEAOQlTVY4TiNo5V/iP0J1xnqjqlqZsU7yEBKo/gZz6/+hx75RURe1ebiJ\r\n9F779FQbpJ9Epz1KLSXvq974rnVb813zuGdmgFyk+ryA/rTR2RQ8h+EoNkwmATzR\r\nxBXVJb57fFQjxOu4eNjZAtfII/YXb0uyXXrdr5dlJ/3eXrcO4p0XAAMFBACCxo6Z\r\n269s+A4v8C6Ui12aarOQcCDlV8cVG9LkyatU3FNTlnasqwo6EkaP572448weJWwN\r\n6SCXVl+xOYLiK0hL/6Jb/O9Agw75yUVdk+RMM2I4fNEi+y4hmfMh2siBv8yEkEvZ\r\njTcl3TpkTfzYky85tu433wmKaLFOv0WjBFSikohGBBgRAgAGBQI5aefvAAoJEJqo\r\n0NAiRYqYid0AoJgeWzXrEdIClBOSW5Q6FzqJJyaqAKC0Y9YI3UFlE4zSIGjcFlLJ\r\nEJGXlA==\r\n=yGlX\r\n- -----END PGP PUBLIC KEY BLOCK-----\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.0.7 (GNU/Linux)\r\n\r\niD8DBQE+56V+mqjQ0CJFipgRAu0bAJsElc3QmEl4WBRhUO7PNwit3HAjrwCfSClk\r\n972cH4+NoFhTz+l8rQg1o88=\r\n=rOjs\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2003-06-21T00:00:00", "title": "MDKSA-2003:066 - Updated kernel packages fix multiple vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:07", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2003-06-21T00:00:00", "id": "SECURITYVULNS:DOC:4715", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:4715", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T17:44:35", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.4.9-e.25", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.4.9-e.25.i686.rpm", "operator": "lt"}], "description": "The Linux kernel handles the basic functions of the operating system. \n\nSeveral security issues have been found that affect the Linux kernel:\n\nAl Viro found a security issue in the tty layer whereby any user could\ncause a kernel oops. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2003-0247 to this issue.\n\nAndrea Arcangeli found an issue in the low-level mxcsr code in which a\nmalformed address would leave garbage in cpu state registers. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CAN-2003-0248 to this issue.\n\nThe TCP/IP fragment reassembly handling allows remote attackers to cause a\ndenial of service (CPU consumption) via packets that cause a large number\nof hash table collisions, a vulnerability similar to CAN-2003-0244. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2003-0364 to this issue.\n\nThese kernels also contain updated fixes for the ioperm security issue, as\nwell as fixes for a number of bugs.\n\nIt is recommended that users upgrade to these erratum kernels, which\ncontain patches to correct these vulnerabilities.", "reporter": "RedHat", "published": "2003-06-19T04:00:00", "type": "redhat", "title": "(RHSA-2003:195) kernel security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2003-0244", "CVE-2003-0247", "CVE-2003-0248", "CVE-2003-0364"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-03-14T19:27:11", "id": "RHSA-2003:195", "href": "https://access.redhat.com/errata/RHSA-2003:195", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-11-16T04:52:25", "references": ["https://access.redhat.com/security/cve/cve-2001-1572", "https://access.redhat.com/security/cve/cve-2003-0247", "https://access.redhat.com/errata/RHSA-2003:195", "https://access.redhat.com/security/cve/cve-2003-0364", "https://access.redhat.com/security/cve/cve-2003-0248"], "pluginID": "12401", "description": "Updated kernel packages for Red Hat Enterprise Linux are now available which address several security vulnerabilities.\n\nThe Linux kernel handles the basic functions of the operating system.\n\nSeveral security issues have been found that affect the Linux kernel :\n\nAl Viro found a security issue in the tty layer whereby any user could cause a kernel oops. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0247 to this issue.\n\nAndrea Arcangeli found an issue in the low-level mxcsr code in which a malformed address would leave garbage in cpu state registers. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0248 to this issue.\n\nThe TCP/IP fragment reassembly handling allows remote attackers to cause a denial of service (CPU consumption) via packets that cause a large number of hash table collisions, a vulnerability similar to CVE-2003-0244. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0364 to this issue.\n\nThese kernels also contain updated fixes for the ioperm security issue, as well as fixes for a number of bugs.\n\nIt is recommended that users upgrade to these erratum kernels, which contain patches to correct these vulnerabilities.", "edition": 8, "reporter": "Tenable", "published": "2004-07-06T00:00:00", "title": "RHEL 2.1 : kernel (RHSA-2003:195)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2003-0364", "CVE-2001-1572"], "modified": "2018-11-15T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-BOOT", "cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-source", "p-cpe:/a:redhat:enterprise_linux:kernel-summit", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-enterprise"], "id": "REDHAT-RHSA-2003-195.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=12401", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2003:195. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(12401);\n script_version (\"1.27\");\n script_cvs_date(\"Date: 2018/11/15 11:40:29\");\n\n script_cve_id(\"CVE-2001-1572\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_bugtraq_id(7791, 7797);\n script_xref(name:\"RHSA\", value:\"2003:195\");\n\n script_name(english:\"RHEL 2.1 : kernel (RHSA-2003:195)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages for Red Hat Enterprise Linux are now available\nwhich address several security vulnerabilities.\n\nThe Linux kernel handles the basic functions of the operating system.\n\nSeveral security issues have been found that affect the Linux kernel :\n\nAl Viro found a security issue in the tty layer whereby any user could\ncause a kernel oops. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2003-0247 to this issue.\n\nAndrea Arcangeli found an issue in the low-level mxcsr code in which a\nmalformed address would leave garbage in cpu state registers. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2003-0248 to this issue.\n\nThe TCP/IP fragment reassembly handling allows remote attackers to\ncause a denial of service (CPU consumption) via packets that cause a\nlarge number of hash table collisions, a vulnerability similar to\nCVE-2003-0244. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2003-0364 to this issue.\n\nThese kernels also contain updated fixes for the ioperm security\nissue, as well as fixes for a number of bugs.\n\nIt is recommended that users upgrade to these erratum kernels, which\ncontain patches to correct these vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2001-1572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0247\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0248\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2003:195\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-enterprise\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-summit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2003:195\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-debug-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-doc-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-enterprise-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-headers-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-smp-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-source-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-summit-2.4.9-e.25\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-debug / kernel-doc / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-17T02:54:06", "references": ["https://marc.info/?l=bugtraq&m=105664924024009&w=2"], "pluginID": "14049", "description": "Multiple vulnerabilities were discovered and fixed in the Linux kernel.\n\n - CVE-2003-0001: Multiple ethernet network card drivers do not pad frames with null bytes which allows remote attackers to obtain information from previous packets or kernel memory by using special malformed packets.\n\n - CVE-2003-0244: The route cache implementation in the 2.4 kernel and the Netfilter IP conntrack module allows remote attackers to cause a Denial of Service (DoS) via CPU consumption due to packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain.\n\n - CVE-2003-0246: The ioperm implementation in 2.4.20 and earlier kernels does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\n - CVE-2003-0247: A vulnerability in the TTY layer of the 2.4 kernel allows attackers to cause a kernel oops resulting in a DoS.\n\n - CVE-2003-0248: The mxcsr code in the 2.4 kernel allows attackers to modify CPU state registers via a malformed address.\n\n - CVE-2003-0462: A file read race existed in the execve() system call.\n\nAs well, a number of bug fixes were made in the 9.1 kernel including :\n\n - Support for more machines that did not work with APIC\n\n - Audigy2 support\n\n - New/updated modules: prims25, adiusbadsl, thinkpad, ieee1394, orinoco, via-rhine,\n\n - Fixed SiS IOAPIC\n\n - IRQ balancing has been fixed for SMP\n\n - Updates to ext3\n\n - The previous ptrace fix has been redone to work better\n\n - Bugs with compiling kernels using xconfig have been fixed\n\n - Problems with ipsec have been corrected\n\n - XFS ACLs are now present\n\n - gdb not working on XFS root filesystems has been fixed\n\nMandrakeSoft encourages all users to upgrade to these new kernels.\nUpdated kernels will be available shortly for other supported platforms and architectures.\n\nFor full instructions on how to properly upgrade your kernel, please review http://www.mandrakesecure.net/en/docs/magic.php.\n\nUpdate :\n\nThe kernels provided in MDKSA-2003:066-1 (2.4.21-0.24mdk) had a problem where all files created on any filesystem other than XFS, and using any kernel other than kernel-secure, would be created with mode 0666, or world writeable. The 0.24mdk kernels have been removed from the mirrors and users are encouraged to upgrade and remove those kernels from their systems to prevent accidentally booting into them.\n\nThat issue has been addressed and fixed with these new kernels.", "edition": 6, "reporter": "Tenable", "published": "2004-07-31T00:00:00", "title": "Mandrake Linux Security Advisory : kernel (MDKSA-2003:066-2)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244", "CVE-2003-0462"], "modified": "2018-11-15T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:kernel-2.4.21.0.25mdk", "cpe:/o:mandrakesoft:mandrake_linux:9.1", "p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.21.0.25mdk", "p-cpe:/a:mandriva:linux:kernel-BOOT-2.4.21.0.25mdk", "p-cpe:/a:mandriva:linux:kernel-smp-2.4.21.0.25mdk", "p-cpe:/a:mandriva:linux:kernel-source", "p-cpe:/a:mandriva:linux:kernel-secure-2.4.21.0.25mdk", "p-cpe:/a:mandriva:linux:kernel-doc"], "id": "MANDRAKE_MDKSA-2003-066.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14049", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2003:066. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14049);\n script_version (\"1.22\");\n script_cvs_date(\"Date: 2018/11/15 20:50:22\");\n\n script_cve_id(\"CVE-2003-0001\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0462\");\n script_xref(name:\"MDKSA\", value:\"2003:066-2\");\n\n script_name(english:\"Mandrake Linux Security Advisory : kernel (MDKSA-2003:066-2)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered and fixed in the Linux\nkernel.\n\n - CVE-2003-0001: Multiple ethernet network card drivers do\n not pad frames with null bytes which allows remote\n attackers to obtain information from previous packets or\n kernel memory by using special malformed packets.\n\n - CVE-2003-0244: The route cache implementation in the 2.4\n kernel and the Netfilter IP conntrack module allows\n remote attackers to cause a Denial of Service (DoS) via\n CPU consumption due to packets with forged source\n addresses that cause a large number of hash table\n collisions related to the PREROUTING chain.\n\n - CVE-2003-0246: The ioperm implementation in 2.4.20 and\n earlier kernels does not properly restrict privileges,\n which allows local users to gain read or write access to\n certain I/O ports.\n\n - CVE-2003-0247: A vulnerability in the TTY layer of the\n 2.4 kernel allows attackers to cause a kernel oops\n resulting in a DoS.\n\n - CVE-2003-0248: The mxcsr code in the 2.4 kernel allows\n attackers to modify CPU state registers via a malformed\n address.\n\n - CVE-2003-0462: A file read race existed in the execve()\n system call.\n\nAs well, a number of bug fixes were made in the 9.1 kernel including :\n\n - Support for more machines that did not work with APIC\n\n - Audigy2 support\n\n - New/updated modules: prims25, adiusbadsl, thinkpad,\n ieee1394, orinoco, via-rhine,\n\n - Fixed SiS IOAPIC\n\n - IRQ balancing has been fixed for SMP\n\n - Updates to ext3\n\n - The previous ptrace fix has been redone to work better\n\n - Bugs with compiling kernels using xconfig have been\n fixed\n\n - Problems with ipsec have been corrected\n\n - XFS ACLs are now present\n\n - gdb not working on XFS root filesystems has been fixed\n\nMandrakeSoft encourages all users to upgrade to these new kernels.\nUpdated kernels will be available shortly for other supported\nplatforms and architectures.\n\nFor full instructions on how to properly upgrade your kernel, please\nreview http://www.mandrakesecure.net/en/docs/magic.php.\n\nUpdate :\n\nThe kernels provided in MDKSA-2003:066-1 (2.4.21-0.24mdk) had a\nproblem where all files created on any filesystem other than XFS, and\nusing any kernel other than kernel-secure, would be created with mode\n0666, or world writeable. The 0.24mdk kernels have been removed from\nthe mirrors and users are encouraged to upgrade and remove those\nkernels from their systems to prevent accidentally booting into them.\n\nThat issue has been addressed and fixed with these new kernels.\"\n );\n # http://marc.theaimsgroup.com/?l=bugtraq&m=105664924024009&w=2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=bugtraq&m=105664924024009&w=2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.4.21.0.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-BOOT-2.4.21.0.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.21.0.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-secure-2.4.21.0.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-smp-2.4.21.0.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-2.4.21.0.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21.0.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-doc-2.4.21-0.25mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-enterprise-2.4.21.0.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-secure-2.4.21.0.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-smp-2.4.21.0.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-source-2.4.21-0.25mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:40:53", "references": ["http://www.debian.org/security/2003/dsa-332"], "pluginID": "15169", "description": "A number of vulnerabilities have been discovered in the Linux kernel.\n\n - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall)\n - CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets\n\n - CAN-2003-0127: The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel\n\n - CAN-2003-0244: The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain\n\n - CAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\n - CAN-2003-0247: vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ('kernel oops')\n\n - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.\n\n - CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions\n\nThis advisory provides corrected source code for Linux 2.4.17, and corrected binary kernel images for the mips and mipsel architectures.\nOther versions and architectures will be covered by separate advisories.", "edition": 6, "reporter": "Tenable", "published": "2004-09-29T00:00:00", "title": "Debian DSA-332-1 : linux-kernel-2.4.17 - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2018-07-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:kernel-patch-2.4.17-mips", "cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:kernel-source-2.4.17"], "id": "DEBIAN_DSA-332.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15169", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-332. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15169);\n script_version(\"1.25\");\n script_cvs_date(\"Date: 2018/07/20 2:17:10\");\n\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_bugtraq_id(4259, 6535, 7112, 7600, 7601, 7791, 7793, 7797);\n script_xref(name:\"DSA\", value:\"332\");\n\n script_name(english:\"Debian DSA-332-1 : linux-kernel-2.4.17 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities have been discovered in the Linux kernel.\n\n - CVE-2002-0429: The iBCS routines in\n arch/i386/kernel/traps.c for Linux kernels 2.4.18 and\n earlier on x86 systems allow local users to kill\n arbitrary processes via a binary compatibility interface\n (lcall)\n - CAN-2003-0001: Multiple ethernet Network Interface Card\n (NIC) device drivers do not pad frames with null bytes,\n which allows remote attackers to obtain information from\n previous packets or kernel memory by using malformed\n packets\n\n - CAN-2003-0127: The kernel module loader allows local\n users to gain root privileges by using ptrace to attach\n to a child process that is spawned by the kernel\n\n - CAN-2003-0244: The route cache implementation in Linux\n 2.4, and the Netfilter IP conntrack module, allows\n remote attackers to cause a denial of service (CPU\n consumption) via packets with forged source addresses\n that cause a large number of hash table collisions\n related to the PREROUTING chain\n\n - CAN-2003-0246: The ioperm system call in Linux kernel\n 2.4.20 and earlier does not properly restrict\n privileges, which allows local users to gain read or\n write access to certain I/O ports.\n\n - CAN-2003-0247: vulnerability in the TTY layer of the\n Linux kernel 2.4 allows attackers to cause a denial of\n service ('kernel oops')\n\n - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows\n attackers to modify CPU state registers via a malformed\n address.\n\n - CAN-2003-0364: The TCP/IP fragment reassembly handling\n in the Linux kernel 2.4 allows remote attackers to cause\n a denial of service (CPU consumption) via certain\n packets that cause a large number of hash table\n collisions\n\nThis advisory provides corrected source code for Linux 2.4.17, and\ncorrected binary kernel images for the mips and mipsel architectures.\nOther versions and architectures will be covered by separate\nadvisories.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2003/dsa-332\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (woody), these problems have been fixed in\nkernel-source-2.4.17 version 2.4.17-1woody1 and\nkernel-patch-2.4.17-mips version 2.4.17-0.020226.2.woody2.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully and\nfollow the instructions given during the kernel upgrade process.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-patch-2.4.17-mips\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-source-2.4.17\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-doc-2.4.17\", reference:\"2.4.17-1woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.17\", reference:\"2.4.17-0.020226.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-r3k-kn02\", reference:\"2.4.17-0.020226.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-r4k-ip22\", reference:\"2.4.17-0.020226.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-r4k-kn04\", reference:\"2.4.17-0.020226.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-r5k-ip22\", reference:\"2.4.17-0.020226.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-patch-2.4.17-mips\", reference:\"2.4.17-0.020226.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-source-2.4.17\", reference:\"2.4.17-1woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"mips-tools\", reference:\"2.4.17-0.020226.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"mkcramfs\", reference:\"2.4.17-1woody1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:36:07", "references": ["http://www.debian.org/security/2003/dsa-311"], "pluginID": "15148", "description": "A number of vulnerabilities have been discovered in the Linux kernel.\n\nCVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall).\n\nCAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets.\n\nCAN-2003-0127: The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.\n\nCAN-2003-0244: The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain.\n\nCAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\nCAN-2003-0247: Vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ('kernel oops').\n\nCAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.\n\nCAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.\n\nThis advisory covers only the i386 (Intel IA32) architectures. Other architectures will be covered by separate advisories.", "edition": 6, "reporter": "Tenable", "published": "2004-09-29T00:00:00", "title": "Debian DSA-311-1 : linux-kernel-2.4.18 - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2018-07-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:kernel", "cpe:/o:debian:debian_linux:3.0"], "id": "DEBIAN_DSA-311.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15148", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-311. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15148);\n script_version(\"1.23\");\n script_cvs_date(\"Date: 2018/07/20 2:17:10\");\n\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_xref(name:\"DSA\", value:\"311\");\n\n script_name(english:\"Debian DSA-311-1 : linux-kernel-2.4.18 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities have been discovered in the Linux kernel.\n\nCVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux\nkernels 2.4.18 and earlier on x86 systems allow local users to kill\narbitrary processes via a binary compatibility interface (lcall).\n\nCAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device\ndrivers do not pad frames with null bytes, which allows remote\nattackers to obtain information from previous packets or kernel memory\nby using malformed packets.\n\nCAN-2003-0127: The kernel module loader allows local users to gain\nroot privileges by using ptrace to attach to a child process that is\nspawned by the kernel.\n\nCAN-2003-0244: The route cache implementation in Linux 2.4, and the\nNetfilter IP conntrack module, allows remote attackers to cause a\ndenial of service (CPU consumption) via packets with forged source\naddresses that cause a large number of hash table collisions related\nto the PREROUTING chain.\n\nCAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and\nearlier does not properly restrict privileges, which allows local\nusers to gain read or write access to certain I/O ports.\n\nCAN-2003-0247: Vulnerability in the TTY layer of the Linux kernel 2.4\nallows attackers to cause a denial of service ('kernel oops').\n\nCAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to\nmodify CPU state registers via a malformed address.\n\nCAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux\nkernel 2.4 allows remote attackers to cause a denial of service (CPU\nconsumption) via certain packets that cause a large number of hash\ntable collisions.\n\nThis advisory covers only the i386 (Intel IA32) architectures. Other\narchitectures will be covered by separate advisories.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2003/dsa-311\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (woody) on the i386 architecture, these\nproblems have been fixed in kernel-source-2.4.18 version 2.4.18-9,\nkernel-image-2.4.18-1-i386 version 2.4.18-8, and\nkernel-image-2.4.18-i386bf version 2.4.18-5woody1.\n\nWe recommend that you update your kernel packages.\n\nIf you are using the kernel installed by the installation system when\nthe 'bf24' option is selected (for a 2.4.x kernel), you should install\nthe kernel-image-2.4.18-bf2.4 package. If you installed a different\nkernel-image package after installation, you should install the\ncorresponding 2.4.18-1 kernel. You may use the table below as a guide.\n\n| If 'uname -r' shows: | Install this package: | 2.4.18-bf2.4 |\nkernel-image-2.4.18-bf2.4 | 2.4.18-386 | kernel-image-2.4.18-1-386 |\n2.4.18-586tsc | kernel-image-2.4.18-1-586tsc | 2.4.18-686 |\nkernel-image-2.4.18-1-686 | 2.4.18-686-smp |\nkernel-image-2.4.18-1-686-smp | 2.4.18-k6 | kernel-image-2.4.18-1-k6 |\n2.4.18-k7 | kernel-image-2.4.18-1-k7\n\nNOTE: that this kernel is not binary compatible with the previous\nversion. For this reason, the kernel has a different version number\nand will not be installed automatically as part of the normal upgrade\nprocess. Any custom modules will need to be rebuilt in order to work\nwith the new kernel. New PCMCIA modules are provided for all of the\nabove kernels.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully and\nfollow the instructions given during the kernel upgrade process.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-doc-2.4.18\", reference:\"2.4.18-9\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-386\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-586tsc\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-686\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-686-smp\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-k6\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-k7\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-bf2.4\", reference:\"2.4.18-5woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-386\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-586tsc\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-686\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-686-smp\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-k6\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-k7\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-bf2.4\", reference:\"2.4.18-5woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-386\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-586tsc\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-686\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-686-smp\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-k6\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-k7\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-source-2.4.18\", reference:\"2.4.18-9\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"pcmcia-modules-2.4.18-bf2.4\", reference:\"3.1.33-6woody1k5woody1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-17T03:15:16", "references": ["https://marc.info/?l=bugtraq&m=105664924024009&w=2"], "pluginID": "14057", "description": "Multiple vulnerabilities were discovered and fixed in the Linux kernel.\n\n - CVE-2003-0001: Multiple ethernet network card drivers do not pad frames with null bytes which allows remote attackers to obtain information from previous packets or kernel memory by using special malformed packets.\n\n - CVE-2003-0244: The route cache implementation in the 2.4 kernel and the Netfilter IP conntrack module allows remote attackers to cause a Denial of Service (DoS) via CPU consumption due to packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain.\n\n - CVE-2003-0246: The ioperm implementation in 2.4.20 and earlier kernels does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\n - CVE-2003-0247: A vulnerability in the TTY layer of the 2.4 kernel allows attackers to cause a kernel oops resulting in a DoS.\n\n - CVE-2003-0248: The mxcsr code in the 2.4 kernel allows attackers to modify CPU state registers via a malformed address.\n\n - CVE-2003-0462: A file read race existed in the execve() system call.\n\nKernels for 9.1/x86 are also available (see MDKSA-2003:066).\n\nMandrakeSoft encourages all users to upgrade to these new kernels.\n\nFor full instructions on how to properly upgrade your kernel, please review http://www.mandrakesecure.net/en/docs/magic.php.", "edition": 6, "reporter": "Tenable", "published": "2004-07-31T00:00:00", "title": "Mandrake Linux Security Advisory : kernel (MDKSA-2003:074)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0476", "CVE-2003-0244", "CVE-2003-0462"], "modified": "2018-11-15T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:kernel-2.4.19.35mdk", "cpe:/o:mandrakesoft:mandrake_linux:8.2", "p-cpe:/a:mandriva:linux:kernel-secure-2.4.19.35mdk", "p-cpe:/a:mandriva:linux:kernel-BOOT-2.4.19.35mdk", "cpe:/o:mandrakesoft:mandrake_linux:9.0", "p-cpe:/a:mandriva:linux:kernel-source", "p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.19.35mdk", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-smp-2.4.19.35mdk"], "id": "MANDRAKE_MDKSA-2003-074.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14057", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2003:074. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14057);\n script_version (\"1.18\");\n script_cvs_date(\"Date: 2018/11/15 20:50:22\");\n\n script_cve_id(\"CVE-2003-0001\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0462\", \"CVE-2003-0476\");\n script_xref(name:\"MDKSA\", value:\"2003:074\");\n\n script_name(english:\"Mandrake Linux Security Advisory : kernel (MDKSA-2003:074)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered and fixed in the Linux\nkernel.\n\n - CVE-2003-0001: Multiple ethernet network card drivers do\n not pad frames with null bytes which allows remote\n attackers to obtain information from previous packets or\n kernel memory by using special malformed packets.\n\n - CVE-2003-0244: The route cache implementation in the 2.4\n kernel and the Netfilter IP conntrack module allows\n remote attackers to cause a Denial of Service (DoS) via\n CPU consumption due to packets with forged source\n addresses that cause a large number of hash table\n collisions related to the PREROUTING chain.\n\n - CVE-2003-0246: The ioperm implementation in 2.4.20 and\n earlier kernels does not properly restrict privileges,\n which allows local users to gain read or write access to\n certain I/O ports.\n\n - CVE-2003-0247: A vulnerability in the TTY layer of the\n 2.4 kernel allows attackers to cause a kernel oops\n resulting in a DoS.\n\n - CVE-2003-0248: The mxcsr code in the 2.4 kernel allows\n attackers to modify CPU state registers via a malformed\n address.\n\n - CVE-2003-0462: A file read race existed in the execve()\n system call.\n\nKernels for 9.1/x86 are also available (see MDKSA-2003:066).\n\nMandrakeSoft encourages all users to upgrade to these new kernels.\n\nFor full instructions on how to properly upgrade your kernel, please\nreview http://www.mandrakesecure.net/en/docs/magic.php.\"\n );\n # http://marc.theaimsgroup.com/?l=bugtraq&m=105664924024009&w=2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=bugtraq&m=105664924024009&w=2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.4.19.35mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-BOOT-2.4.19.35mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.19.35mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-secure-2.4.19.35mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-smp-2.4.19.35mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"kernel-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"kernel-doc-2.4.19-35mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"kernel-enterprise-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"kernel-secure-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"kernel-smp-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"kernel-source-2.4.19-35mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-doc-2.4.19-35mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-enterprise-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-secure-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-smp-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-source-2.4.19-35mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:33:41", "references": ["http://www.debian.org/security/2003/dsa-312"], "pluginID": "15149", "description": "A number of vulnerabilities have been discovered in the Linux kernel.\n\nCVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall).\n\nCAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets.\n\nCAN-2003-0127: The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.\n\nCAN-2003-0244: The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain.\n\nCAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\nCAN-2003-0247: Vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ('kernel oops').\n\nCAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.\n\nCAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.\n\nThis advisory covers only the powerpc architecture. Other architectures will be covered by separate advisories.", "edition": 6, "reporter": "Tenable", "published": "2004-09-29T00:00:00", "title": "Debian DSA-312-1 : kernel-patch-2.4.18-powerpc - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2018-07-20T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:kernel-patch-2.4.18-powerpc"], "id": "DEBIAN_DSA-312.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15149", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-312. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15149);\n script_version(\"1.24\");\n script_cvs_date(\"Date: 2018/07/20 2:17:10\");\n\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_bugtraq_id(6535, 7112, 7600, 7601, 7791, 7793, 7797);\n script_xref(name:\"DSA\", value:\"312\");\n\n script_name(english:\"Debian DSA-312-1 : kernel-patch-2.4.18-powerpc - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities have been discovered in the Linux kernel.\n\nCVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux\nkernels 2.4.18 and earlier on x86 systems allow local users to kill\narbitrary processes via a binary compatibility interface (lcall).\n\nCAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device\ndrivers do not pad frames with null bytes, which allows remote\nattackers to obtain information from previous packets or kernel memory\nby using malformed packets.\n\nCAN-2003-0127: The kernel module loader allows local users to gain\nroot privileges by using ptrace to attach to a child process that is\nspawned by the kernel.\n\nCAN-2003-0244: The route cache implementation in Linux 2.4, and the\nNetfilter IP conntrack module, allows remote attackers to cause a\ndenial of service (CPU consumption) via packets with forged source\naddresses that cause a large number of hash table collisions related\nto the PREROUTING chain.\n\nCAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and\nearlier does not properly restrict privileges, which allows local\nusers to gain read or write access to certain I/O ports.\n\nCAN-2003-0247: Vulnerability in the TTY layer of the Linux kernel 2.4\nallows attackers to cause a denial of service ('kernel oops').\n\nCAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to\nmodify CPU state registers via a malformed address.\n\nCAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux\nkernel 2.4 allows remote attackers to cause a denial of service (CPU\nconsumption) via certain packets that cause a large number of hash\ntable collisions.\n\nThis advisory covers only the powerpc architecture. Other\narchitectures will be covered by separate advisories.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2003/dsa-312\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (woody) on the powerpc architecture, these\nproblems have been fixed in version 2.4.18-1woody1.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully and\nfollow the instructions given during the kernel upgrade process.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-patch-2.4.18-powerpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18\", reference:\"2.4.18-1woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-newpmac\", reference:\"2.4.18-1woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-powerpc\", reference:\"2.4.18-1woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-powerpc-smp\", reference:\"2.4.18-1woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-patch-2.4.18-powerpc\", reference:\"2.4.18-1woody1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:56:59", "references": ["http://www.debian.org/security/2003/dsa-336"], "pluginID": "15173", "description": "A number of vulnerabilities have been discovered in the Linux kernel.\n\n - CAN-2002-1380: Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface.\n - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall)\n\n - CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets\n\n - CAN-2003-0127: The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel\n\n - CAN-2003-0244: The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain\n\n - CAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\n - CAN-2003-0247: vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ('kernel oops')\n\n - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.\n\n - CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions\n\nThis advisory provides updated 2.2.20 kernel source, and binary kernel images for the i386 architecture. Other architectures and kernel versions will be covered by separate advisories.", "edition": 6, "reporter": "Tenable", "published": "2004-09-29T00:00:00", "title": "Debian DSA-336-1 : linux-kernel-2.2.20 - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244", "CVE-2002-1380"], "modified": "2018-07-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:kernel-image-2.2.20-i386", "cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:kernel-source-2.2.20"], "id": "DEBIAN_DSA-336.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15173", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-336. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15173);\n script_version(\"1.27\");\n script_cvs_date(\"Date: 2018/07/20 2:17:10\");\n\n script_cve_id(\"CVE-2002-0429\", \"CVE-2002-1380\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_bugtraq_id(4259, 6420, 6535, 7112, 7600, 7601, 7791, 7793, 7797);\n script_xref(name:\"DSA\", value:\"336\");\n\n script_name(english:\"Debian DSA-336-1 : linux-kernel-2.2.20 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities have been discovered in the Linux kernel.\n\n - CAN-2002-1380: Linux kernel 2.2.x allows local users to\n cause a denial of service (crash) by using the mmap()\n function with a PROT_READ parameter to access\n non-readable memory pages through the /proc/pid/mem\n interface.\n - CVE-2002-0429: The iBCS routines in\n arch/i386/kernel/traps.c for Linux kernels 2.4.18 and\n earlier on x86 systems allow local users to kill\n arbitrary processes via a binary compatibility interface\n (lcall)\n\n - CAN-2003-0001: Multiple ethernet Network Interface Card\n (NIC) device drivers do not pad frames with null bytes,\n which allows remote attackers to obtain information from\n previous packets or kernel memory by using malformed\n packets\n\n - CAN-2003-0127: The kernel module loader allows local\n users to gain root privileges by using ptrace to attach\n to a child process that is spawned by the kernel\n\n - CAN-2003-0244: The route cache implementation in Linux\n 2.4, and the Netfilter IP conntrack module, allows\n remote attackers to cause a denial of service (CPU\n consumption) via packets with forged source addresses\n that cause a large number of hash table collisions\n related to the PREROUTING chain\n\n - CAN-2003-0246: The ioperm system call in Linux kernel\n 2.4.20 and earlier does not properly restrict\n privileges, which allows local users to gain read or\n write access to certain I/O ports.\n\n - CAN-2003-0247: vulnerability in the TTY layer of the\n Linux kernel 2.4 allows attackers to cause a denial of\n service ('kernel oops')\n\n - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows\n attackers to modify CPU state registers via a malformed\n address.\n\n - CAN-2003-0364: The TCP/IP fragment reassembly handling\n in the Linux kernel 2.4 allows remote attackers to cause\n a denial of service (CPU consumption) via certain\n packets that cause a large number of hash table\n collisions\n\nThis advisory provides updated 2.2.20 kernel source, and binary kernel\nimages for the i386 architecture. Other architectures and kernel\nversions will be covered by separate advisories.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2003/dsa-336\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (woody) on the i386 architecture, these\nproblems have been fixed in kernel-source-2.2.20 version\n2.2.20-5woody2 and kernel-image-i386 version 2.2.20-5woody3.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully and\nfollow the instructions given during the kernel upgrade process.\n\nNOTE: These kernels are not binary-compatible with the previous\nversion. Any loadable modules will need to be recompiled in order to\nwork with the new kernel.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-2.2.20-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-source-2.2.20\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-doc-2.2.20\", reference:\"2.2.20-5woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.2.20\", reference:\"2.2.20-5woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.2.20-compact\", reference:\"2.2.20-5woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.2.20-idepci\", reference:\"2.2.20-5woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.2.20\", reference:\"2.2.20-5woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.2.20-compact\", reference:\"2.2.20-5woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.2.20-idepci\", reference:\"2.2.20-5woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-source-2.2.20\", reference:\"2.2.20-5woody2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:52:39", "references": ["http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt", "http://isec.pl/vulnerabilities/isec-0013-mremap.txt", "http://www.debian.org/security/2004/dsa-442"], "pluginID": "15279", "description": "Several security related problems have been fixed in the Linux kernel 2.4.17 used for the S/390 architecture, mostly by backporting fixes from 2.4.18 and incorporating recent security fixes. The corrections are listed below with the identification from the Common Vulnerabilities and Exposures (CVE) project :\n\n - CVE-2002-0429 :\n The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall).\n\n - CAN-2003-0001 :\n\n Multiple ethernet network interface card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.\n\n - CAN-2003-0244 :\n\n The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain.\n\n - CAN-2003-0246 :\n\n The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\n - CAN-2003-0247 :\n\n A vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ('kernel oops').\n\n - CAN-2003-0248 :\n\n The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.\n\n - CAN-2003-0364 :\n\n The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.\n\n - CAN-2003-0961 :\n\n An integer overflow in brk() system call (do_brk() function) for Linux allows a local attacker to gain root privileges. Fixed upstream in Linux 2.4.23.\n\n - CAN-2003-0985 :\n\n Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug.\n Fixed upstream in Linux 2.4.24.\n\n - CAN-2004-0077 :\n\n Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to missing function return value check of internal functions a local attacker can gain root privileges. Fixed upstream in Linux 2.4.25 and 2.6.3.", "edition": 7, "reporter": "Tenable", "published": "2004-09-29T00:00:00", "title": "Debian DSA-442-1 : linux-kernel-2.4.17-s390 - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0961", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0985", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244", "CVE-2004-0077"], "modified": "2018-07-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:kernel-image-2.4.17-s390", "cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:kernel-patch-2.4.17-s390"], "id": "DEBIAN_DSA-442.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15279", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-442. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15279);\n script_version(\"1.32\");\n script_cvs_date(\"Date: 2018/07/20 2:17:11\");\n\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\", \"CVE-2003-0961\", \"CVE-2003-0985\", \"CVE-2004-0077\");\n script_bugtraq_id(4259, 6535, 7600, 7601, 7791, 7793, 7797, 9138, 9356, 9686);\n script_xref(name:\"CERT\", value:\"981222\");\n script_xref(name:\"DSA\", value:\"442\");\n\n script_name(english:\"Debian DSA-442-1 : linux-kernel-2.4.17-s390 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several security related problems have been fixed in the Linux kernel\n2.4.17 used for the S/390 architecture, mostly by backporting fixes\nfrom 2.4.18 and incorporating recent security fixes. The corrections\nare listed below with the identification from the Common\nVulnerabilities and Exposures (CVE) project :\n\n - CVE-2002-0429 :\n The iBCS routines in arch/i386/kernel/traps.c for Linux\n kernels 2.4.18 and earlier on x86 systems allow local\n users to kill arbitrary processes via a binary\n compatibility interface (lcall).\n\n - CAN-2003-0001 :\n\n Multiple ethernet network interface card (NIC) device\n drivers do not pad frames with null bytes, which allows\n remote attackers to obtain information from previous\n packets or kernel memory by using malformed packets, as\n demonstrated by Etherleak.\n\n - CAN-2003-0244 :\n\n The route cache implementation in Linux 2.4, and the\n Netfilter IP conntrack module, allows remote attackers\n to cause a denial of service (CPU consumption) via\n packets with forged source addresses that cause a large\n number of hash table collisions related to the\n PREROUTING chain.\n\n - CAN-2003-0246 :\n\n The ioperm system call in Linux kernel 2.4.20 and\n earlier does not properly restrict privileges, which\n allows local users to gain read or write access to\n certain I/O ports.\n\n - CAN-2003-0247 :\n\n A vulnerability in the TTY layer of the Linux kernel 2.4\n allows attackers to cause a denial of service ('kernel\n oops').\n\n - CAN-2003-0248 :\n\n The mxcsr code in Linux kernel 2.4 allows attackers to\n modify CPU state registers via a malformed address.\n\n - CAN-2003-0364 :\n\n The TCP/IP fragment reassembly handling in the Linux\n kernel 2.4 allows remote attackers to cause a denial of\n service (CPU consumption) via certain packets that cause\n a large number of hash table collisions.\n\n - CAN-2003-0961 :\n\n An integer overflow in brk() system call (do_brk()\n function) for Linux allows a local attacker to gain root\n privileges. Fixed upstream in Linux 2.4.23.\n\n - CAN-2003-0985 :\n\n Paul Starzetz discovered a flaw in bounds checking in\n mremap() in the Linux kernel (present in version 2.4.x\n and 2.6.x) which may allow a local attacker to gain root\n privileges. Version 2.2 is not affected by this bug.\n Fixed upstream in Linux 2.4.24.\n\n - CAN-2004-0077 :\n\n Paul Starzetz and Wojciech Purczynski of isec.pl\n discovered a critical security vulnerability in the\n memory management code of Linux inside the mremap(2)\n system call. Due to missing function return value check\n of internal functions a local attacker can gain root\n privileges. Fixed upstream in Linux 2.4.25 and 2.6.3.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://isec.pl/vulnerabilities/isec-0013-mremap.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-442\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the Linux kernel packages immediately.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 2.4.17-2.woody.3 of s390 images and in version\n0.0.20020816-0.woody.2 of the patch packages.\n\n Vulnerability matrix for CAN-2004-0077\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-2.4.17-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-patch-2.4.17-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.17\", reference:\"2.4.17-2.woody.3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-s390\", reference:\"2.4.17-2.woody.3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-patch-2.4.17-s390\", reference:\"0.0.20020816-0.woody.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:14:29", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "3", "packageVersion": "2.4.18-1woody1", "arch": "all", "packageFilename": "kernel-image-2.4.18-powerpc_2.4.18-1woody1_all.deb", "packageName": "kernel-image-2.4.18-powerpc", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3", "packageVersion": "2.4.18-1woody1", "arch": "all", "packageFilename": "kernel-headers-2.4.18_2.4.18-1woody1_all.deb", "packageName": "kernel-headers-2.4.18", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3", "packageVersion": "2.4.18-1woody1", "arch": "all", "packageFilename": "kernel-patch-2.4.18-powerpc_2.4.18-1woody1_all.deb", "packageName": "kernel-patch-2.4.18-powerpc", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3", "packageVersion": "2.4.18-1woody1", "arch": "all", "packageFilename": "kernel-image-2.4.18-newpmac_2.4.18-1woody1_all.deb", "packageName": "kernel-image-2.4.18-newpmac", "operator": "lt"}, {"OS": "Debian", "OSVersion": "3", "packageVersion": "2.4.18-1woody1", "arch": "all", "packageFilename": "kernel-image-2.4.18-powerpc-smp_2.4.18-1woody1_all.deb", "packageName": "kernel-image-2.4.18-powerpc-smp", "operator": "lt"}], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 312-1 security@debian.org\nhttp://www.debian.org/security/ Matt Zimmerman\nJune 9th, 2003 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel-patch-2.4.18-powerpc\nVulnerability : several\nProblem-Type : local, remote\nDebian-specific: no\nCVE Ids : CVE-2002-0429 CAN-2003-0001 CAN-2003-0127 CAN-2003-0244 CAN-2003-0246 CAN-2003-0247 CAN-2003-0248 CAN-2003-0364\n\nA number of vulnerabilities have been discovered in the Linux kernel.\n\n- - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for\n Linux kernels 2.4.18 and earlier on x86 systems allow local users to\n kill arbitrary processes via a a binary compatibility interface\n (lcall)\n\n- - CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device\n drivers do not pad frames with null bytes, which allows remote\n attackers to obtain information from previous packets or kernel\n memory by using malformed packets\n\n- - CAN-2003-0127: The kernel module loader allows local users to gain\n root privileges by using ptrace to attach to a child process that is\n spawned by the kernel\n\n- - CAN-2003-0244: The route cache implementation in Linux 2.4, and the\n Netfilter IP conntrack module, allows remote attackers to cause a\n denial of service (CPU consumption) via packets with forged source\n addresses that cause a large number of hash table collisions related\n to the PREROUTING chain\n\n- - CAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and\n earlier does not properly restrict privileges, which allows local\n users to gain read or write access to certain I/O ports.\n\n- - CAN-2003-0247: vulnerability in the TTY layer of the Linux kernel\n 2.4 allows attackers to cause a denial of service ("kernel oops")\n\n- - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers\n to modify CPU state registers via a malformed address.\n\n- - CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux\n kernel 2.4 allows remote attackers to cause a denial of service (CPU\n consumption) via certain packets that cause a large number of hash\n table collisions\n\nThis advisory covers only the powerpc architecture. Other\narchitectures will be covered by separate advisories.\n\nFor the stable distribution (woody) on the powerpc architecture, these\nproblems have been fixed in version 2.4.18-1woody1.\n\nFor the unstable distribution (sid) these problems are fixed in\nversion 2.4.20-2.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully\nand follow the instructions given during the kernel upgrade process.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody1.dsc\n Size/MD5 checksum: 713 5e68ebec8c5964802d1c408dbb62d910\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody1.tar.gz\n Size/MD5 checksum: 79339 bfb459f978ac40898f8e10d5e302873d\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody1_all.deb\n Size/MD5 checksum: 78796 63903e7035ddc4c3c054d18c485aa54f\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-headers-2.4.18_2.4.18-1woody1_powerpc.deb\n Size/MD5 checksum: 3415000 6aeb5eab8171baf83cb8e81a30c9397f\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-newpmac_2.4.18-1woody1_powerpc.deb\n Size/MD5 checksum: 9450540 b66d57ddaa4d7dffe99024250935cee2\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc_2.4.18-1woody1_powerpc.deb\n Size/MD5 checksum: 10134844 b5e105cc2087c65889ea83eb29fd91ae\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc-smp_2.4.18-1woody1_powerpc.deb\n Size/MD5 checksum: 10379272 6829c60296a049950d79ddd0a488f8d4\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 1, "reporter": "Debian", "published": "2003-06-09T00:00:00", "title": "[SECURITY] [DSA-312-1] New powerpc kernel fixes several vulnerabilities", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:14:29", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2003-06-09T00:00:00", "id": "DEBIAN:DSA-312-1:543C3", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00102.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-16T22:12:57", "references": [], "affectedPackage": [], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 336-1 security@debian.org\nhttp://www.debian.org/security/ Matt Zimmerman\nJune 29th, 2003 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel-source-2.2.20, kernel-image-2.2.20-i386\nVulnerability : several\nProblem-Type : local, remote\nDebian-specific: no\nCVE Ids : CVE-2002-0429 CAN-2003-0001 CAN-2003-0127 CAN-2003-0244 CAN-2003-0246 CAN-2003-0247 CAN-2003-0248 CAN-2003-0364\n\nA number of vulnerabilities have been discovered in the Linux kernel.\n\n- - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for\n Linux kernels 2.4.18 and earlier on x86 systems allow local users to\n kill arbitrary processes via a a binary compatibility interface\n (lcall)\n\n- - CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device\n drivers do not pad frames with null bytes, which allows remote\n attackers to obtain information from previous packets or kernel\n memory by using malformed packets\n\n- - CAN-2003-0127: The kernel module loader allows local users to gain\n root privileges by using ptrace to attach to a child process that is\n spawned by the kernel\n\n- - CAN-2003-0244: The route cache implementation in Linux 2.4, and the\n Netfilter IP conntrack module, allows remote attackers to cause a\n denial of service (CPU consumption) via packets with forged source\n addresses that cause a large number of hash table collisions related\n to the PREROUTING chain\n\n- - CAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and\n earlier does not properly restrict privileges, which allows local\n users to gain read or write access to certain I/O ports.\n\n- - CAN-2003-0247: vulnerability in the TTY layer of the Linux kernel\n 2.4 allows attackers to cause a denial of service ("kernel oops")\n\n- - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers\n to modify CPU state registers via a malformed address.\n\n- - CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux\n kernel 2.4 allows remote attackers to cause a denial of service (CPU\n consumption) via certain packets that cause a large number of hash\n table collisions\n\nThis advisory provides updated 2.2.20 kernel source, and binary kernel\nimages for the i386 architecture. Other architectures and kernel\nversions will be covered by separate advisories.\n\nFor the stable distribution (woody) on the powerpc architecture, these\nproblems have been fixed in kernel-source-2.2.20 version\n2.2.20-5woody2 and kernel-image-i386 version 2.2.20-5woody3.\n\nFor the unstable distribution (sid) these problems are fixed in\nkernel-source-2.2.25 and kernel-image-2.2.25-i386 version 2.2.25-2.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully\nand follow the instructions given during the kernel upgrade process.\n\nNOTE: These kernels are not binary-compatible with the previous\nversion. Any loadable modules will need to be recompiled in order to\nwork with the new kernel.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.2.20/kernel-source-2.2.20_2.2.20-5woody2.dsc\n Size/MD5 checksum: 661 d3215fce4f216c046cccff92446e7918\n http://security.debian.org/pool/updates/main/k/kernel-source-2.2.20/kernel-source-2.2.20_2.2.20-5woody2.diff.gz\n Size/MD5 checksum: 159446 a579fda249086961d987de8781049f78\n http://security.debian.org/pool/updates/main/k/kernel-source-2.2.20/kernel-source-2.2.20_2.2.20.orig.tar.gz\n Size/MD5 checksum: 19394649 57c0edf86cb23a5b215db9121c9b3557\n http://security.debian.org/pool/updates/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20-i386_2.2.20-5woody3.dsc\n Size/MD5 checksum: 834 fa03ee805dd5024d730f49e0316dbf53\n http://security.debian.org/pool/updates/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20-i386_2.2.20-5woody3.tar.gz\n Size/MD5 checksum: 13928 0ccb61809634f83fd20de3079deb297c\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.2.20/kernel-doc-2.2.20_2.2.20-5woody2_all.deb\n Size/MD5 checksum: 1162314 d3f23563af939c6d1f68860ce0419744\n http://security.debian.org/pool/updates/main/k/kernel-source-2.2.20/kernel-source-2.2.20_2.2.20-5woody2_all.deb\n Size/MD5 checksum: 15848472 0682fd4283579c341fa9ca27461cbad0\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.2.20-i386/kernel-headers-2.2.20_2.2.20-5woody3_i386.deb\n Size/MD5 checksum: 1918624 d1d1f98e147fdf12a7374ff705ba89a7\n http://security.debian.org/pool/updates/main/k/kernel-image-2.2.20-i386/kernel-headers-2.2.20-compact_2.2.20-5woody3_i386.deb\n Size/MD5 checksum: 1867132 93d8ac12f8a884913ad88aeeb7a8ea1b\n http://security.debian.org/pool/updates/main/k/kernel-image-2.2.20-i386/kernel-headers-2.2.20-idepci_2.2.20-5woody3_i386.deb\n Size/MD5 checksum: 1839328 e3fb8a95dd2a1ba641fd598a019879c0\n http://security.debian.org/pool/updates/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20_2.2.20-5woody3_i386.deb\n Size/MD5 checksum: 5901626 3fa8bae1676466e02992a1ce80009697\n http://security.debian.org/pool/updates/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20-compact_2.2.20-5woody3_i386.deb\n Size/MD5 checksum: 1733362 5d5293e99f68cbabb1489226903f4895\n http://security.debian.org/pool/updates/main/k/kernel-image-2.2.20-i386/kernel-image-2.2.20-idepci_2.2.20-5woody3_i386.deb\n Size/MD5 checksum: 1395212 70389d3561e392a5487b493d24e2abfe\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 1, "reporter": "Debian", "published": "2003-06-29T00:00:00", "title": "[SECURITY] [DSA-336-1] New Linux 2.2.20 packages and i386 kernel images fix several vulnerabilities", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:12:57", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2003-06-29T00:00:00", "id": "DEBIAN:DSA-336-1:77295", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00130.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-16T22:13:36", "references": [], "affectedPackage": [], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 311-1 security@debian.org\nhttp://www.debian.org/security/ Matt Zimmerman\nJune 8th, 2003 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel\nVulnerability : several\nProblem-Type : local, remote\nDebian-specific: no\nCVE Ids : CVE-2002-0429 CAN-2003-0001 CAN-2003-0127 CAN-2003-0244 CAN-2003-0246 CAN-2003-0247 CAN-2003-0248 CAN-2003-0364\n\nA number of vulnerabilities have been discovered in the Linux kernel.\n\n- - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for\n Linux kernels 2.4.18 and earlier on x86 systems allow local users to\n kill arbitrary processes via a a binary compatibility interface\n (lcall)\n\n- - CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device\n drivers do not pad frames with null bytes, which allows remote\n attackers to obtain information from previous packets or kernel\n memory by using malformed packets\n\n- - CAN-2003-0127: The kernel module loader allows local users to gain\n root privileges by using ptrace to attach to a child process that is\n spawned by the kernel\n\n- - CAN-2003-0244: The route cache implementation in Linux 2.4, and the\n Netfilter IP conntrack module, allows remote attackers to cause a\n denial of service (CPU consumption) via packets with forged source\n addresses that cause a large number of hash table collisions related\n to the PREROUTING chain\n\n- - CAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and\n earlier does not properly restrict privileges, which allows local\n users to gain read or write access to certain I/O ports.\n\n- - CAN-2003-0247: vulnerability in the TTY layer of the Linux kernel\n 2.4 allows attackers to cause a denial of service ("kernel oops")\n\n- - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers\n to modify CPU state registers via a malformed address.\n\n- - CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux\n kernel 2.4 allows remote attackers to cause a denial of service (CPU\n consumption) via certain packets that cause a large number of hash\n table collisions\n\nThis advisory covers only the i386 (Intel IA32) architectures. Other\narchitectures will be covered by separate advisories.\n\nFor the stable distribution (woody) on the i386 architecture, these\nproblems have been fixed in kernel-source-2.4.18 version 2.4.18-9,\nkernel-image-2.4.18-1-i386 version 2.4.18-8, and\nkernel-image-2.4.18-i386bf version 2.4.18-5woody1.\n\nFor the unstable distribution (sid) these problems are fixed in the\n2.4.20 series kernels based on Debian sources.\n\nWe recommend that you update your kernel packages.\n\nIf you are using the kernel installed by the installation system when\nthe "bf24" option is selected (for a 2.4.x kernel), you should install\nthe kernel-image-2.4.18-bf2.4 package. If you installed a different\nkernel-image package after installation, you should install the\ncorresponding 2.4.18-1 kernel. You may use the table below as a\nguide.\n\n| If "uname -r" shows: | Install this package:\n- ------------------------------------------------------\n| 2.4.18-bf2.4 | kernel-image-2.4.18-bf2.4\n| 2.4.18-386 | kernel-image-2.4.18-1-386\n| 2.4.18-586tsc | kernel-image-2.4.18-1-586tsc\n| 2.4.18-686 | kernel-image-2.4.18-1-686\n| 2.4.18-686-smp | kernel-image-2.4.18-1-686-smp\n| 2.4.18-k6 | kernel-image-2.4.18-1-k6\n| 2.4.18-k7 | kernel-image-2.4.18-1-k7\n\nNOTE: that this kernel is not binary compatible with the previous\nversion. For this reason, the kernel has a different version number\nand will not be installed automatically as part of the normal upgrade\nprocess. Any custom modules will need to be rebuilt in order to work\nwith the new kernel. New PCMCIA modules are provided for all of the\nabove kernels.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully\nand follow the instructions given during the kernel upgrade process.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-8.dsc\n Size/MD5 checksum: 1322 945d8d05b054684880e3af31b28a9e49\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-8.tar.gz\n Size/MD5 checksum: 69411 0fa830e16d4f5e46fe1f0ebe0343d11c\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1_2.4.18-8_i386.deb\n Size/MD5 checksum: 3397470 b79b975b73aa31da8b9938aba905a9f6\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-386_2.4.18-8_i386.deb\n Size/MD5 checksum: 3487116 90799a6ccc058be247b235c21ec61503\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-586tsc_2.4.18-8_i386.deb\n Size/MD5 checksum: 3487614 9453587923dd16a964b028d4ba2f9a63\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686_2.4.18-8_i386.deb\n Size/MD5 checksum: 3487368 5513db336e824b2d16aa503a292047f0\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686-smp_2.4.18-8_i386.deb\n Size/MD5 checksum: 3488672 afbb191c23dfabb30fe7a8aa1a99bd1f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k6_2.4.18-8_i386.deb\n Size/MD5 checksum: 3487282 70ee63953c653de7dfa83531b8ce1245\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k7_2.4.18-8_i386.deb\n Size/MD5 checksum: 3487402 27c7b5077ed009217a01dbeafa311915\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-386_2.4.18-8_i386.deb\n Size/MD5 checksum: 8795814 1cc6de04aa29d9766d48c4c36ae64b3e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-586tsc_2.4.18-8_i386.deb\n Size/MD5 checksum: 8703468 43a2d50765140751ac8fd878f7b66950\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686_2.4.18-8_i386.deb\n Size/MD5 checksum: 8700336 894ded8e3e34be04b741ac706d5cc288\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686-smp_2.4.18-8_i386.deb\n Size/MD5 checksum: 8959054 b59983d4ed1d9f214fe17bf624a85df7\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k6_2.4.18-8_i386.deb\n Size/MD5 checksum: 8659474 6d86c580433b69464c238e69eec8ad9e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k7_2.4.18-8_i386.deb\n Size/MD5 checksum: 8861530 5f1935679b4628636f8da61f54a95fee\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-386_2.4.18-8_i386.deb\n Size/MD5 checksum: 227910 06d05b43ca1a5ec9700274f6d1035c31\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-8_i386.deb\n Size/MD5 checksum: 227482 c5f357cf54a363ff62f6037a41a0702a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686_2.4.18-8_i386.deb\n Size/MD5 checksum: 226924 9d8aa23b21e71aa603c66f47f35e967f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-8_i386.deb\n Size/MD5 checksum: 230574 7d25c186114a62b609bedab0f5354d0b\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-8_i386.deb\n Size/MD5 checksum: 226564 540eabdaf90bcda800221c712c996524\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-8_i386.deb\n Size/MD5 checksum: 229836 d63194dd5ae452d0a7d814ee9b75a60a\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody1.dsc\n Size/MD5 checksum: 653 d3a0a6b26b6282d9ba8af5c2f7008378\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody1.tar.gz\n Size/MD5 checksum: 25420 66fe5aac9c60c4dfa865d563dfbbaed5\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-headers-2.4.18-bf2.4_2.4.18-5woody1_i386.deb\n Size/MD5 checksum: 3409156 325717b6867a715d5a0ef8364d8cb29c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-bf2.4_2.4.18-5woody1_i386.deb\n Size/MD5 checksum: 6423164 d510d8aaedbeb91fa2e90e9cabf5b39b\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-9.dsc\n Size/MD5 checksum: 796 fac77414e913e144645d22048b19bf01\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-9.diff.gz\n Size/MD5 checksum: 60409 443b9fee98c7d22995efbdeca3ca1afc\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18.orig.tar.gz\n Size/MD5 checksum: 29818323 24b4c45a04a23eb4ce465eb326a6ddf2\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-doc-2.4.18_2.4.18-9_all.deb\n Size/MD5 checksum: 1709588 9bbb7ae427dc843d0c5ebe0f4a013cb4\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-9_all.deb\n Size/MD5 checksum: 23885800 e12cb29bd638ec9bdedacd07f31a6921\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/p/pcmcia-cs/pcmcia-modules-2.4.18-bf2.4_3.1.33-6woody1k5woody1_i386.deb\n Size/MD5 checksum: 403194 30c203861afa9678cc5fb08f90021ba6\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 1, "reporter": "Debian", "published": "2003-06-08T00:00:00", "title": "[SECURITY] [DSA-311-1] New kernel packages fix several vulnerabilities", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:13:36", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2003-06-08T00:00:00", "id": "DEBIAN:DSA-311-1:8C207", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00100.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-16T22:13:03", "references": [], "affectedPackage": [], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 332-1 security@debian.org\nhttp://www.debian.org/security/ Matt Zimmerman\nJune 27th, 2003 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel-source-2.4.17, kernel-patch-2.4.17-mips\nVulnerability : several\nProblem-Type : local, remote\nDebian-specific: no\nCVE Ids : CVE-2002-0429 CAN-2003-0001 CAN-2003-0127 CAN-2003-0244 CAN-2003-0246 CAN-2003-0247 CAN-2003-0248 CAN-2003-0364\n\nA number of vulnerabilities have been discovered in the Linux kernel.\n\n- - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for\n Linux kernels 2.4.18 and earlier on x86 systems allow local users to\n kill arbitrary processes via a a binary compatibility interface\n (lcall)\n\n- - CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device\n drivers do not pad frames with null bytes, which allows remote\n attackers to obtain information from previous packets or kernel\n memory by using malformed packets\n\n- - CAN-2003-0127: The kernel module loader allows local users to gain\n root privileges by using ptrace to attach to a child process that is\n spawned by the kernel\n\n- - CAN-2003-0244: The route cache implementation in Linux 2.4, and the\n Netfilter IP conntrack module, allows remote attackers to cause a\n denial of service (CPU consumption) via packets with forged source\n addresses that cause a large number of hash table collisions related\n to the PREROUTING chain\n\n- - CAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and\n earlier does not properly restrict privileges, which allows local\n users to gain read or write access to certain I/O ports.\n\n- - CAN-2003-0247: vulnerability in the TTY layer of the Linux kernel\n 2.4 allows attackers to cause a denial of service ("kernel oops")\n\n- - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers\n to modify CPU state registers via a malformed address.\n\n- - CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux\n kernel 2.4 allows remote attackers to cause a denial of service (CPU\n consumption) via certain packets that cause a large number of hash\n table collisions\n\nThis advisory provides corrected source code for Linux 2.4.17, and\ncorrected binary kernel images for the mips and mipsel architectures.\nOther versions and architectures will be covered by separate\nadvisories.\n\nFor the stable distribution (woody), these problems have been fixed in\nkernel-source-2.4.17 version 2.4.17-1woody1 and\nkernel-patch-2.4.17-mips version 2.4.17-0.020226.2.woody2.\n\nFor the unstable distribution (sid) these problems are fixed in\nkernel-source-2.4.20 version 2.4.20-8.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully\nand follow the instructions given during the kernel upgrade process.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody2.dsc\n Size/MD5 checksum: 786 22545e621e57307760966baa10b841fc\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody2.tar.gz\n Size/MD5 checksum: 1146581 9f28eec81b8eb17d10b92655304ee892\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody2_all.deb\n Size/MD5 checksum: 1148854 3b24c4ea5d2d64219de78708abe97457\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-headers-2.4.17_2.4.17-0.020226.2.woody2_mips.deb\n Size/MD5 checksum: 3475338 10faf449f8d96e17f6bf250b83de9b09\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r4k-ip22_2.4.17-0.020226.2.woody2_mips.deb\n Size/MD5 checksum: 2042164 5d9c3e556d4b25a3966bbd2e1b2db765\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r5k-ip22_2.4.17-0.020226.2.woody2_mips.deb\n Size/MD5 checksum: 2041978 02f5c02d1937ef5aed708e975e828b3f\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-headers-2.4.17_2.4.17-0.020226.2.woody2_mipsel.deb\n Size/MD5 checksum: 3474076 708d1aefc6b95869373cbd3beec2643d\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r3k-kn02_2.4.17-0.020226.2.woody2_mipsel.deb\n Size/MD5 checksum: 2196544 42b2446e2c7b19cc3c5ddc674e3f7d06\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r4k-kn04_2.4.17-0.020226.2.woody2_mipsel.deb\n Size/MD5 checksum: 2192732 c531b9515e1e7ac9b555a6ebc58fd172\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/mips-tools_2.4.17-0.020226.2.woody2_mipsel.deb\n Size/MD5 checksum: 14884 341113e795e533fb6de04eb49ad17c97\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody1.dsc\n Size/MD5 checksum: 690 4c2994b996abb2960711fe1e6e962712\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody1.diff.gz\n Size/MD5 checksum: 38092 4cec4a35b4bbd27a9f54a6c9d9dc5019\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17.orig.tar.gz\n Size/MD5 checksum: 29445154 d5de2a4dc49e32c37e557ef856d5d132\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-doc-2.4.17_2.4.17-1woody1_all.deb\n Size/MD5 checksum: 1719692 ec59d9331d0654a67859c40ab3abf260\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody1_all.deb\n Size/MD5 checksum: 23878706 031649d73da791becf1c4f0c69d13ce1\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody1_alpha.deb\n Size/MD5 checksum: 16510 381f00dd2c315eb7926dd18a039a4d4a\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody1_arm.deb\n Size/MD5 checksum: 15224 37d883ab4530e22b28b29c86ccbe4c0a\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody1_i386.deb\n Size/MD5 checksum: 14876 46fa25b8cce097c219e16d96947abb7d\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody1_ia64.deb\n Size/MD5 checksum: 18600 503f0919f883668553f8bd973c84eb98\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody1_hppa.deb\n Size/MD5 checksum: 16216 90ba4a9476c5126fc581331866f59040\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody1_m68k.deb\n Size/MD5 checksum: 14718 e316ab0b4c10c64f9644667c475c53ac\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody1_mips.deb\n Size/MD5 checksum: 15884 3498ee16ddc2738919e244282087ab7f\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody1_mipsel.deb\n Size/MD5 checksum: 15882 4feae5bd3f11ce0e326fa9f0dfb00c74\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody1_powerpc.deb\n Size/MD5 checksum: 15618 44262ab37f81982802aeef31d9688d79\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody1_s390.deb\n Size/MD5 checksum: 15750 54f39327009b585031595a8d89628bca\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody1_sparc.deb\n Size/MD5 checksum: 17710 1967f9527247961f55e98d7d6edc4d86\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 1, "reporter": "Debian", "published": "2003-06-28T00:00:00", "title": "[SECURITY] [DSA-332-1] New Linux 2.4.17 source code and MIPS kernel images fix several vulnerabilities", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:13:03", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2003-06-28T00:00:00", "id": "DEBIAN:DSA-332-1:21823", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00126.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-16T22:13:36", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "3", "packageVersion": "2.4.17-2.woody.3", "arch": "all", "packageFilename": "kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390_2.4.17-2.woody.3_all.deb", "packageName": "kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390", "operator": "lt"}], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 442-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nFebruary 19th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390\nVulnerability : several\nProblem-Type : local, remote\nDebian-specific: no\nCVE ID : CAN-2003-0001 CAN-2003-0244 CAN-2003-0246 CAN-2003-0247 CAN-2003-0248 CAN-2003-0364 CAN-2003-0961 CAN-2003-0985 CAN-2004-0077 CVE-2002-0429\n\nSeveral security related problems have been fixed in the Linux kernel\n2.4.17 used for the S/390 architecture, mostly by backporting fixes\nfrom 2.4.18 and incorporating recent security fixes. The corrections\nare listed below with the identification from the Common\nVulnerabilities and Exposures (CVE) project:\n\nCAN-2002-0429:\n\n The iBCS routines in arch/i386/kernel/traps.c for Linux kernels\n 2.4.18 and earlier on x86 systems allow local users to kill\n arbitrary processes via a a binary compatibility interface (lcall)\n\nCAN-2003-0001:\n\n Multiple ethernet network interface card (NIC) device drivers do\n not pad frames with null bytes, which allows remote attackers to\n obtain information from previous packets or kernel memory by using\n malformed packets, as demonstrated by Etherleak.\n\nCAN-2003-0244:\n\n The route cache implementation in Linux 2.4, and the Netfilter IP\n conntrack module, allows remote attackers to cause a denial of\n service (CPU consumption) via packets with forged source addresses\n that cause a large number of hash table collisions related to the\n PREROUTING chain\n\nCAN-2003-0246:\n\n The ioperm system call in Linux kernel 2.4.20 and earlier does not\n properly restrict privileges, which allows local users to gain read\n or write access to certain I/O ports.\n\nCAN-2003-0247:\n\n A vulnerability in the TTY layer of the Linux kernel 2.4 allows\n attackers to cause a denial of service ("kernel oops").\n\nCAN-2003-0248:\n\n The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU\n state registers via a malformed address.\n\nCAN-2003-0364:\n\n The TCP/IP fragment reassembly handling in the Linux kernel 2.4\n allows remote attackers to cause a denial of service (CPU\n consumption) via certain packets that cause a large number of hash\n table collisions\n\nCAN-2003-0961:\n\n An integer overflow in brk() system call (do_brk() function) for\n Linux allows a local attacker to gain root privileges. Fixed\n upstream in Linux 2.4.23.\n\nCAN-2003-0985:\n\n Paul Starzetz discovered a flaw in bounds checking in mremap() in\n the Linux kernel (present in version 2.4.x and 2.6.x) which may\n allow a local attacker to gain root privileges. Version 2.2 is not\n affected by this bug. Fixed upstream in Linux 2.4.24.\n\nCAN-2004-0077:\n\n Paul Starzetz and Wojciech Purczynski of isec.pl discovered a\n critical security vulnerability in the memory management code of\n Linux inside the mremap(2) system call. Due to missing function\n return value check of internal functions a local attacker can gain\n root privileges. Fixed upstream in Linux 2.4.25 and 2.6.3.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 2.4.17-2.woody.3 of s390 images and in version\n0.0.20020816-0.woody.2 of the patch packages.\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your Linux kernel packages immediately.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.2.dsc\n Size/MD5 checksum: 754 8f59252c74198c796f544ac312cbf522\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.2.diff.gz\n Size/MD5 checksum: 5824 81d3c045df500f3e2da56de87b4c434d\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816.orig.tar.gz\n Size/MD5 checksum: 338001 5979fbe7c3325033536dfd3914e22dbd\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.3.dsc\n Size/MD5 checksum: 793 fd4b67d1ba928ded93263c2d95327b65\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.3.tar.gz\n Size/MD5 checksum: 7866 50f9e176f8d7fbf6eb6124bf864e6c48\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.2_all.deb\n Size/MD5 checksum: 300766 03b0017cad1c479c4109c0ad5f072ab0\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-headers-2.4.17_2.4.17-2.woody.3_s390.deb\n Size/MD5 checksum: 3335312 84663c81b952cfa9407c84985f5623d7\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.3_s390.deb\n Size/MD5 checksum: 1342758 b5cd48b7cde59c3893c983d95e451a23\n\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 1, "reporter": "Debian", "published": "2004-02-19T00:00:00", "title": "[SECURITY] [DSA 442-1] New Linux 2.4.17 packages fix local root exploits and more (s390)", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:13:36", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2003-0248", "CVE-2003-0961", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0985", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244", "CVE-2004-0077"], "modified": "2004-02-19T00:00:00", "id": "DEBIAN:DSA-442-1:2E9B0", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00038.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-24T12:50:03", "references": [], "pluginID": "53601", "description": "The remote host is missing an update to kernel-patch-2.4.18-powerpc\nannounced via advisory DSA 312-1.", "edition": 2, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "Debian Security Advisory DSA 312-1 (kernel-patch-2.4.18-powerpc)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53601", "id": "OPENVAS:53601", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_312_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 312-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been discovered in the Linux kernel.\n\n- - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for\nLinux kernels 2.4.18 and earlier on x86 systems allow local users to\nkill arbitrary processes via a a binary compatibility interface\n(lcall)\n\n- - CVE-2003-0001: Multiple ethernet Network Interface Card (NIC) device\ndrivers do not pad frames with null bytes, which allows remote\nattackers to obtain information from previous packets or kernel\nmemory by using malformed packets\n\n- - CVE-2003-0127: The kernel module loader allows local users to gain\nroot privileges by using ptrace to attach to a child process that is\nspawned by the kernel\n\n- - CVE-2003-0244: The route cache implementation in Linux 2.4, and the\nNetfilter IP conntrack module, allows remote attackers to cause a\ndenial of service (CPU consumption) via packets with forged source\naddresses that cause a large number of hash table collisions related\nto the PREROUTING chain\n\n- - CVE-2003-0246: The ioperm system call in Linux kernel 2.4.20 and\nearlier does not properly restrict privileges, which allows local\nusers to gain read or write access to certain I/O ports.\n\n- - CVE-2003-0247: vulnerability in the TTY layer of the Linux kernel\n2.4 allows attackers to cause a denial of service ('kernel oops')\n\n- - CVE-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers\nto modify CPU state registers via a malformed address.\n\n- - CVE-2003-0364: The TCP/IP fragment reassembly handling in the Linux\nkernel 2.4 allows remote attackers to cause a denial of service (CPU\nconsumption) via certain packets that cause a large number of hash\ntable collisions\n\nThis advisory covers only the powerpc architecture. Other\narchitectures will be covered by separate advisories.\n\nFor the stable distribution (woody) on the powerpc architecture, these\nproblems have been fixed in version 2.4.18-1woody1.\n\nFor the unstable distribution (sid) these problems are fixed in\nversion 2.4.20-2.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully\nand follow the instructions given during the kernel upgrade process.\";\ntag_summary = \"The remote host is missing an update to kernel-patch-2.4.18-powerpc\nannounced via advisory DSA 312-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20312-1\";\n\nif(description)\n{\n script_id(53601);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:36:24 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 312-1 (kernel-patch-2.4.18-powerpc)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.18-powerpc\", ver:\"2.4.18-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18\", ver:\"2.4.18-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-newpmac\", ver:\"2.4.18-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-powerpc\", ver:\"2.4.18-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-powerpc-smp\", ver:\"2.4.18-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:55", "references": [], "pluginID": "53694", "description": "The remote host is missing an update to kernel\nannounced via advisory DSA 311-1.", "edition": 2, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Debian Security Advisory DSA 311-1 (kernel)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53694", "id": "OPENVAS:53694", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_311_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 311-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been discovered in the Linux kernel.\n\nFor a more detailed description of the problems addressed,\nplease visit the referenced security advisory.\n\nThis advisory covers only the i386 (Intel IA32) architectures. Other\narchitectures will be covered by separate advisories.\n\nFor the stable distribution (woody) on the i386 architecture, these\nproblems have been fixed in kernel-source-2.4.18 version 2.4.18-9,\nkernel-image-2.4.18-1-i386 version 2.4.18-8, and\nkernel-image-2.4.18-i386bf version 2.4.18-5woody1.\n\nFor the unstable distribution (sid) these problems are fixed in the\n2.4.20 series kernels based on Debian sources.\n\nWe recommend that you update your kernel packages.\n\nIf you are using the kernel installed by the installation system when\nthe 'bf24' option is selected (for a 2.4.x kernel), you should install\nthe kernel-image-2.4.18-bf2.4 package. If you installed a different\nkernel-image package after installation, you should install the\ncorresponding 2.4.18-1 kernel. You may use the table below as a\nguide.\n\n* If 'uname -r' shows: * Install this package:\n- ------------------------------------------------------\n* 2.4.18-bf2.4 * kernel-image-2.4.18-bf2.4\n* 2.4.18-386 * kernel-image-2.4.18-1-386\n* 2.4.18-586tsc * kernel-image-2.4.18-1-586tsc\n* 2.4.18-686 * kernel-image-2.4.18-1-686\n* 2.4.18-686-smp * kernel-image-2.4.18-1-686-smp\n* 2.4.18-k6 * kernel-image-2.4.18-1-k6\n* 2.4.18-k7 * kernel-image-2.4.18-1-k7\n\nNOTE: that this kernel is not binary compatible with the previous\nversion. For this reason, the kernel has a different version number\nand will not be installed automatically as part of the normal upgrade\nprocess. Any custom modules will need to be rebuilt in order to work\nwith the new kernel. New PCMCIA modules are provided for all of the\nabove kernels.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully\nand follow the instructions given during the kernel upgrade process.\";\ntag_summary = \"The remote host is missing an update to kernel\nannounced via advisory DSA 311-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20311-1\";\n\nif(description)\n{\n script_id(53694);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:36:24 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 311-1 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-386\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-586tsc\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-686\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-686-smp\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-k6\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-k7\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-386\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-586tsc\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-686\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-686-smp\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-k6\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-k7\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-386\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-586tsc\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-686\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-686-smp\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-k6\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-k7\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-bf2.4\", ver:\"2.4.18-5woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-bf2.4\", ver:\"2.4.18-5woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.4.18\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.18\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.18-bf2.4\", ver:\"3.1.33-6woody1k5woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:13", "references": [], "pluginID": "53625", "description": "The remote host is missing an update to kernel-source-2.2.20, kernel-image-2.2.20-i386\nannounced via advisory DSA 336-1.", "edition": 2, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "Debian Security Advisory DSA 336-1 (kernel-source-2.2.20, kernel-image-2.2.20-i386)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53625", "id": "OPENVAS:53625", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_336_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 336-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been discovered in the Linux kernel.\n\n- - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for\nLinux kernels 2.4.18 and earlier on x86 systems allow local users to\nkill arbitrary processes via a a binary compatibility interface\n(lcall)\n\n- - CVE-2003-0001: Multiple ethernet Network Interface Card (NIC) device\ndrivers do not pad frames with null bytes, which allows remote\nattackers to obtain information from previous packets or kernel\nmemory by using malformed packets\n\n- - CVE-2003-0127: The kernel module loader allows local users to gain\nroot privileges by using ptrace to attach to a child process that is\nspawned by the kernel\n\n- - CVE-2003-0244: The route cache implementation in Linux 2.4, and the\nNetfilter IP conntrack module, allows remote attackers to cause a\ndenial of service (CPU consumption) via packets with forged source\naddresses that cause a large number of hash table collisions related\nto the PREROUTING chain\n\n- - CVE-2003-0246: The ioperm system call in Linux kernel 2.4.20 and\nearlier does not properly restrict privileges, which allows local\nusers to gain read or write access to certain I/O ports.\n\n- - CVE-2003-0247: vulnerability in the TTY layer of the Linux kernel\n2.4 allows attackers to cause a denial of service ('kernel oops')\n\n- - CVE-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers\nto modify CPU state registers via a malformed address.\n\n- - CVE-2003-0364: The TCP/IP fragment reassembly handling in the Linux\nkernel 2.4 allows remote attackers to cause a denial of service (CPU\nconsumption) via certain packets that cause a large number of hash\ntable collisions\n\nThis advisory provides updated 2.2.20 kernel source, and binary kernel\nimages for the i386 architecture. Other architectures and kernel\nversions will be covered by separate advisories.\n\nFor the stable distribution (woody) on the powerpc architecture, these\nproblems have been fixed in kernel-source-2.2.20 version\n2.2.20-5woody2 and kernel-image-i386 version 2.2.20-5woody3.\n\nFor the unstable distribution (sid) these problems are fixed in\nkernel-source-2.2.25 and kernel-image-2.2.25-i386 version 2.2.25-2.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully\nand follow the instructions given during the kernel upgrade process.\n\nNOTE: These kernels are not binary-compatible with the previous\nversion. Any loadable modules will need to be recompiled in order to\nwork with the new kernel.\";\ntag_summary = \"The remote host is missing an update to kernel-source-2.2.20, kernel-image-2.2.20-i386\nannounced via advisory DSA 336-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20336-1\";\n\nif(description)\n{\n script_id(53625);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:36:24 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 336-1 (kernel-source-2.2.20, kernel-image-2.2.20-i386)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.2.20\", ver:\"2.2.20-5woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.2.20\", ver:\"2.2.20-5woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.2.20\", ver:\"2.2.20-5woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.2.20-compact\", ver:\"2.2.20-5woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.2.20-idepci\", ver:\"2.2.20-5woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.2.20\", ver:\"2.2.20-5woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.2.20-compact\", ver:\"2.2.20-5woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.2.20-idepci\", ver:\"2.2.20-5woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:23", "references": [], "pluginID": "53621", "description": "The remote host is missing an update to kernel-source-2.4.17, kernel-patch-2.4.17-mips\nannounced via advisory DSA 332-1.", "edition": 2, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "title": "Debian Security Advisory DSA 332-1 (kernel-source-2.4.17, kernel-patch-2.4.17-mips)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53621", "id": "OPENVAS:53621", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_332_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 332-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been discovered in the Linux kernel.\n\n- - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for\nLinux kernels 2.4.18 and earlier on x86 systems allow local users to\nkill arbitrary processes via a a binary compatibility interface\n(lcall)\n\n- - CVE-2003-0001: Multiple ethernet Network Interface Card (NIC) device\ndrivers do not pad frames with null bytes, which allows remote\nattackers to obtain information from previous packets or kernel\nmemory by using malformed packets\n\n- - CVE-2003-0127: The kernel module loader allows local users to gain\nroot privileges by using ptrace to attach to a child process that is\nspawned by the kernel\n\n- - CVE-2003-0244: The route cache implementation in Linux 2.4, and the\nNetfilter IP conntrack module, allows remote attackers to cause a\ndenial of service (CPU consumption) via packets with forged source\naddresses that cause a large number of hash table collisions related\nto the PREROUTING chain\n\n- - CVE-2003-0246: The ioperm system call in Linux kernel 2.4.20 and\nearlier does not properly restrict privileges, which allows local\nusers to gain read or write access to certain I/O ports.\n\n- - CVE-2003-0247: vulnerability in the TTY layer of the Linux kernel\n2.4 allows attackers to cause a denial of service ('kernel oops')\n\n- - CVE-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers\nto modify CPU state registers via a malformed address.\n\n- - CVE-2003-0364: The TCP/IP fragment reassembly handling in the Linux\nkernel 2.4 allows remote attackers to cause a denial of service (CPU\nconsumption) via certain packets that cause a large number of hash\ntable collisions\n\nThis advisory provides corrected source code for Linux 2.4.17, and\ncorrected binary kernel images for the mips and mipsel architectures.\nOther versions and architectures will be covered by separate\nadvisories.\n\nFor the stable distribution (woody), these problems have been fixed in\nkernel-source-2.4.17 version 2.4.17-1woody1 and\nkernel-patch-2.4.17-mips version 2.4.17-0.020226.2.woody2.\n\nFor the unstable distribution (sid) these problems are fixed in\nkernel-source-2.4.20 version 2.4.20-8.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully\nand follow the instructions given during the kernel upgrade process.\";\ntag_summary = \"The remote host is missing an update to kernel-source-2.4.17, kernel-patch-2.4.17-mips\nannounced via advisory DSA 332-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20332-1\";\n\nif(description)\n{\n script_id(53621);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:36:24 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 332-1 (kernel-source-2.4.17, kernel-patch-2.4.17-mips)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.17-mips\", ver:\"2.4.17-0.020226.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.17\", ver:\"2.4.17-0.020226.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-r4k-ip22\", ver:\"2.4.17-0.020226.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-r5k-ip22\", ver:\"2.4.17-0.020226.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-r3k-kn02\", ver:\"2.4.17-0.020226.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-r4k-kn04\", ver:\"2.4.17-0.020226.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mips-tools\", ver:\"2.4.17-0.020226.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.4.17\", ver:\"2.4.17-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.17\", ver:\"2.4.17-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mkcramfs\", ver:\"2.4.17-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:22", "references": [], "pluginID": "53142", "description": "The remote host is missing an update to kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390\nannounced via advisory DSA 442-1.", "edition": 2, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Debian Security Advisory DSA 442-1 (kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0961", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0985", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244", "CVE-2004-0077"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53142", "id": "OPENVAS:53142", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_442_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 442-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several security related problems have been fixed in the Linux kernel\n2.4.17 used for the S/390 architecture, mostly by backporting fixes\nfrom 2.4.18 and incorporating recent security fixes. \n\nFor a more detailed description of the problems addressed,\nplease visit the referenced security advisory.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 2.4.17-2.woody.3 of s390 images and in version\n0.0.20020816-0.woody.2 of the patch packages.\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your Linux kernel packages immediately.\";\ntag_summary = \"The remote host is missing an update to kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390\nannounced via advisory DSA 442-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20442-1\";\n\nif(description)\n{\n script_id(53142);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:41:51 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2003-0001\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\", \"CVE-2003-0961\", \"CVE-2003-0985\", \"CVE-2004-0077\", \"CVE-2002-0429\", \"CVE-2002-0429\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 442-1 (kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.17-s390\", ver:\"0.0.20020816-0.woody.2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.17\", ver:\"2.4.17-2.woody.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-s390\", ver:\"2.4.17-2.woody.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
