{"osvdb": [{"lastseen": "2017-04-28T13:19:59", "references": [], "edition": 1, "description": "## Vulnerability Description\nLinux kernel contains a flaw that may allow a local denial of service. The issue is triggered when the Linux kernel function \"set_fpxregs\" doesn't consider the \"__copy_from_user\" failed condition. This could cause the contents of the MXCSR register to be corrupted, and potentially cause a reserved bit within the register to be unexpectedly set, resulting in loss of availability for the platform.\n## Technical Description\nFrom the vulnerable source code in the kernel:\n\n475 int set_fpxregs( struct task_struct *tsk, struct user_fxsr_struct *buf )\n476 {\n477 if ( cpu_has_fxsr ) {\n478 __copy_from_user( &tsk->thread.i387.fxsave, (void *)buf,\n479 sizeof(struct user_fxsr_struct) );\n480 /* mxcsr bit 6 and 31-16 must be zero for security reasons */\n481 tsk->thread.i387.fxsave.mxcsr &= 0xffbf;\n482 return 0;\n483 } else {\n484 return -EIO;\n485 }\n486 }\n\nIf the __copy_from_user in line 478 fails, it will jump over line 481. This could leave a sizeable amount of garbage in the MXCSR register and trigger a general protection fault within the kernel.\n## Solution Description\nUpgrade the linux kernel to version 2.4.23 or higher, as it has been reported to fix this vulnerability. This can be done through various Linux vendor patches or manually installing a newer kernel. An upgrade is required as there are no known workarounds.\n## Short Description\nLinux kernel contains a flaw that may allow a local denial of service. The issue is triggered when the Linux kernel function \"set_fpxregs\" doesn't consider the \"__copy_from_user\" failed condition. This could cause the contents of the MXCSR register to be corrupted, and potentially cause a reserved bit within the register to be unexpectedly set, resulting in loss of availability for the platform.\n## References:\n[Vendor Specific Advisory URL](http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000701)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2003/dsa-332)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2003/dsa-336)\n[Vendor Specific Advisory URL](https://rhn.redhat.com/errata/RHSA-2003-187.html)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2003/dsa-311)\n[Vendor Specific Advisory URL](http://www-1.ibm.com/services/continuity/recover1.nsf/MSS/MSS-OAR-E01-2003.0946.1)\n[Vendor Specific Advisory URL](http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000796)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2003/dsa-312)\n[Vendor Specific Advisory URL](https://rhn.redhat.com/errata/RHSA-2003-195.html)\n[Vendor Specific Advisory URL](http://cc.turbolinux.com/security/TLSA-2003-41.txt)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2004/dsa-442)\nOther Advisory URL: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:066-2\nISS X-Force ID: 12159\n[CVE-2003-0248](https://vulners.com/cve/CVE-2003-0248)\nBugtraq ID: 7793\n", "reporter": "Andrea Arcangeli(andrea@e-mind.com)", "published": "2003-06-03T00:00:00", "type": "osvdb", "title": "Linux Kernel mxcsr CPU State Register Modification", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Kernel", "version": "2.4.20", "operator": "eq"}, {"name": "Kernel", "version": "2.4.1", "operator": "eq"}, {"name": "Kernel", "version": "2.4.18", "operator": "eq"}, {"name": "Kernel", "version": "2.4.10", "operator": "eq"}, {"name": "Kernel", "version": "2.4.21", "operator": "eq"}, {"name": "Kernel", "version": "2.4.13", "operator": "eq"}, {"name": "Kernel", "version": "2.4.3", "operator": "eq"}, {"name": "Kernel", "version": "2.4.15", "operator": "eq"}, {"name": "Kernel", "version": "2.4.17", "operator": "eq"}, {"name": "Kernel", "version": "2.4.0", "operator": "eq"}, {"name": "Kernel", "version": "2.4.8", "operator": "eq"}, {"name": "Kernel", "version": "2.4.12", "operator": "eq"}, {"name": "Kernel", "version": "2.4.2", "operator": "eq"}, {"name": "Kernel", "version": "2.4.16", "operator": "eq"}, {"name": "Kernel", "version": "2.4.5", "operator": "eq"}, {"name": "Kernel", "version": "2.0.22", "operator": "eq"}, {"name": "Kernel", "version": "2.4.19", "operator": "eq"}, {"name": "Kernel", "version": "2.4.9", "operator": "eq"}, {"name": "Kernel", "version": "2.4.4", "operator": "eq"}, {"name": "Kernel", "version": "2.4.14", "operator": "eq"}, {"name": "Kernel", "version": "2.4.6", "operator": "eq"}, {"name": "Kernel", "version": "2.4.11", "operator": "eq"}, {"name": "Kernel", "version": "2.4.7", "operator": "eq"}, {"name": "Kernel", "version": "2.2.18", "operator": "eq"}], "cvelist": ["CVE-2003-0248"], "modified": "2003-06-03T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:4456", "id": "OSVDB:4456", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-01T23:38:22", "references": ["http://rhn.redhat.com/errata/RHSA-2003-195.html", "https://www.redhat.com/security/data/cve/CVE-2003-0248.html", "https://www.redhat.com/security/data/cve/CVE-2001-1572.html", "https://www.redhat.com/security/data/cve/CVE-2003-0364.html", "https://www.redhat.com/security/data/cve/CVE-2003-0247.html"], "pluginID": "12401", "description": "Updated kernel packages for Red Hat Enterprise Linux are now available which address several security vulnerabilities.\n\nThe Linux kernel handles the basic functions of the operating system.\n\nSeveral security issues have been found that affect the Linux kernel :\n\nAl Viro found a security issue in the tty layer whereby any user could cause a kernel oops. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0247 to this issue.\n\nAndrea Arcangeli found an issue in the low-level mxcsr code in which a malformed address would leave garbage in cpu state registers. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0248 to this issue.\n\nThe TCP/IP fragment reassembly handling allows remote attackers to cause a denial of service (CPU consumption) via packets that cause a large number of hash table collisions, a vulnerability similar to CVE-2003-0244. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0364 to this issue.\n\nThese kernels also contain updated fixes for the ioperm security issue, as well as fixes for a number of bugs.\n\nIt is recommended that users upgrade to these erratum kernels, which contain patches to correct these vulnerabilities.", "edition": 6, "reporter": "Tenable", "published": "2004-07-06T00:00:00", "title": "RHEL 2.1 : kernel (RHSA-2003:195)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2003-0364", "CVE-2001-1572"], "modified": "2018-07-25T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-BOOT", "cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-source", "p-cpe:/a:redhat:enterprise_linux:kernel-summit", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-enterprise"], "id": "REDHAT-RHSA-2003-195.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=12401", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2003:195. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(12401);\n script_version (\"1.25\");\n script_cvs_date(\"Date: 2018/07/25 18:58:04\");\n\n script_cve_id(\"CVE-2001-1572\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_bugtraq_id(7791, 7797);\n script_xref(name:\"RHSA\", value:\"2003:195\");\n\n script_name(english:\"RHEL 2.1 : kernel (RHSA-2003:195)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages for Red Hat Enterprise Linux are now available\nwhich address several security vulnerabilities.\n\nThe Linux kernel handles the basic functions of the operating system.\n\nSeveral security issues have been found that affect the Linux kernel :\n\nAl Viro found a security issue in the tty layer whereby any user could\ncause a kernel oops. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2003-0247 to this issue.\n\nAndrea Arcangeli found an issue in the low-level mxcsr code in which a\nmalformed address would leave garbage in cpu state registers. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2003-0248 to this issue.\n\nThe TCP/IP fragment reassembly handling allows remote attackers to\ncause a denial of service (CPU consumption) via packets that cause a\nlarge number of hash table collisions, a vulnerability similar to\nCVE-2003-0244. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2003-0364 to this issue.\n\nThese kernels also contain updated fixes for the ioperm security\nissue, as well as fixes for a number of bugs.\n\nIt is recommended that users upgrade to these erratum kernels, which\ncontain patches to correct these vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2001-1572.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2003-0247.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2003-0248.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2003-0364.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2003-195.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-enterprise\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-summit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/06\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2003:195\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-debug-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-doc-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-enterprise-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-headers-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-smp-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-source-2.4.9-e.25\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-summit-2.4.9-e.25\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-debug / kernel-doc / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:38:25", "references": ["http://marc.info/?l=bugtraq&m=105664924024009&w=2"], "pluginID": "14049", "description": "Multiple vulnerabilities were discovered and fixed in the Linux kernel.\n\n - CVE-2003-0001: Multiple ethernet network card drivers do not pad frames with null bytes which allows remote attackers to obtain information from previous packets or kernel memory by using special malformed packets.\n\n - CVE-2003-0244: The route cache implementation in the 2.4 kernel and the Netfilter IP conntrack module allows remote attackers to cause a Denial of Service (DoS) via CPU consumption due to packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain.\n\n - CVE-2003-0246: The ioperm implementation in 2.4.20 and earlier kernels does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\n - CVE-2003-0247: A vulnerability in the TTY layer of the 2.4 kernel allows attackers to cause a kernel oops resulting in a DoS.\n\n - CVE-2003-0248: The mxcsr code in the 2.4 kernel allows attackers to modify CPU state registers via a malformed address.\n\n - CVE-2003-0462: A file read race existed in the execve() system call.\n\nAs well, a number of bug fixes were made in the 9.1 kernel including :\n\n - Support for more machines that did not work with APIC\n\n - Audigy2 support\n\n - New/updated modules: prims25, adiusbadsl, thinkpad, ieee1394, orinoco, via-rhine,\n\n - Fixed SiS IOAPIC\n\n - IRQ balancing has been fixed for SMP\n\n - Updates to ext3\n\n - The previous ptrace fix has been redone to work better\n\n - Bugs with compiling kernels using xconfig have been fixed\n\n - Problems with ipsec have been corrected\n\n - XFS ACLs are now present\n\n - gdb not working on XFS root filesystems has been fixed\n\nMandrakeSoft encourages all users to upgrade to these new kernels.\nUpdated kernels will be available shortly for other supported platforms and architectures.\n\nFor full instructions on how to properly upgrade your kernel, please review http://www.mandrakesecure.net/en/docs/magic.php.\n\nUpdate :\n\nThe kernels provided in MDKSA-2003:066-1 (2.4.21-0.24mdk) had a problem where all files created on any filesystem other than XFS, and using any kernel other than kernel-secure, would be created with mode 0666, or world writeable. The 0.24mdk kernels have been removed from the mirrors and users are encouraged to upgrade and remove those kernels from their systems to prevent accidentally booting into them.\n\nThat issue has been addressed and fixed with these new kernels.", "edition": 5, "reporter": "Tenable", "published": "2004-07-31T00:00:00", "title": "Mandrake Linux Security Advisory : kernel (MDKSA-2003:066-2)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244", "CVE-2003-0462"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:kernel-2.4.21.0.25mdk", "cpe:/o:mandrakesoft:mandrake_linux:9.1", "p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.21.0.25mdk", "p-cpe:/a:mandriva:linux:kernel-BOOT-2.4.21.0.25mdk", "p-cpe:/a:mandriva:linux:kernel-smp-2.4.21.0.25mdk", "p-cpe:/a:mandriva:linux:kernel-source", "p-cpe:/a:mandriva:linux:kernel-secure-2.4.21.0.25mdk", "p-cpe:/a:mandriva:linux:kernel-doc"], "id": "MANDRAKE_MDKSA-2003-066.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14049", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2003:066. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14049);\n script_version (\"1.21\");\n script_cvs_date(\"Date: 2018/07/19 20:59:12\");\n\n script_cve_id(\"CVE-2003-0001\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0462\");\n script_xref(name:\"MDKSA\", value:\"2003:066-2\");\n\n script_name(english:\"Mandrake Linux Security Advisory : kernel (MDKSA-2003:066-2)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered and fixed in the Linux\nkernel.\n\n - CVE-2003-0001: Multiple ethernet network card drivers do\n not pad frames with null bytes which allows remote\n attackers to obtain information from previous packets or\n kernel memory by using special malformed packets.\n\n - CVE-2003-0244: The route cache implementation in the 2.4\n kernel and the Netfilter IP conntrack module allows\n remote attackers to cause a Denial of Service (DoS) via\n CPU consumption due to packets with forged source\n addresses that cause a large number of hash table\n collisions related to the PREROUTING chain.\n\n - CVE-2003-0246: The ioperm implementation in 2.4.20 and\n earlier kernels does not properly restrict privileges,\n which allows local users to gain read or write access to\n certain I/O ports.\n\n - CVE-2003-0247: A vulnerability in the TTY layer of the\n 2.4 kernel allows attackers to cause a kernel oops\n resulting in a DoS.\n\n - CVE-2003-0248: The mxcsr code in the 2.4 kernel allows\n attackers to modify CPU state registers via a malformed\n address.\n\n - CVE-2003-0462: A file read race existed in the execve()\n system call.\n\nAs well, a number of bug fixes were made in the 9.1 kernel including :\n\n - Support for more machines that did not work with APIC\n\n - Audigy2 support\n\n - New/updated modules: prims25, adiusbadsl, thinkpad,\n ieee1394, orinoco, via-rhine,\n\n - Fixed SiS IOAPIC\n\n - IRQ balancing has been fixed for SMP\n\n - Updates to ext3\n\n - The previous ptrace fix has been redone to work better\n\n - Bugs with compiling kernels using xconfig have been\n fixed\n\n - Problems with ipsec have been corrected\n\n - XFS ACLs are now present\n\n - gdb not working on XFS root filesystems has been fixed\n\nMandrakeSoft encourages all users to upgrade to these new kernels.\nUpdated kernels will be available shortly for other supported\nplatforms and architectures.\n\nFor full instructions on how to properly upgrade your kernel, please\nreview http://www.mandrakesecure.net/en/docs/magic.php.\n\nUpdate :\n\nThe kernels provided in MDKSA-2003:066-1 (2.4.21-0.24mdk) had a\nproblem where all files created on any filesystem other than XFS, and\nusing any kernel other than kernel-secure, would be created with mode\n0666, or world writeable. The 0.24mdk kernels have been removed from\nthe mirrors and users are encouraged to upgrade and remove those\nkernels from their systems to prevent accidentally booting into them.\n\nThat issue has been addressed and fixed with these new kernels.\"\n );\n # http://marc.theaimsgroup.com/?l=bugtraq&m=105664924024009&w=2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://marc.info/?l=bugtraq&m=105664924024009&w=2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.4.21.0.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-BOOT-2.4.21.0.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.21.0.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-secure-2.4.21.0.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-smp-2.4.21.0.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-2.4.21.0.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21.0.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-doc-2.4.21-0.25mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-enterprise-2.4.21.0.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-secure-2.4.21.0.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-smp-2.4.21.0.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-source-2.4.21-0.25mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:56:59", "references": ["http://www.debian.org/security/2003/dsa-336"], "pluginID": "15173", "description": "A number of vulnerabilities have been discovered in the Linux kernel.\n\n - CAN-2002-1380: Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface.\n - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall)\n\n - CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets\n\n - CAN-2003-0127: The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel\n\n - CAN-2003-0244: The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain\n\n - CAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\n - CAN-2003-0247: vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ('kernel oops')\n\n - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.\n\n - CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions\n\nThis advisory provides updated 2.2.20 kernel source, and binary kernel images for the i386 architecture. Other architectures and kernel versions will be covered by separate advisories.", "edition": 6, "reporter": "Tenable", "published": "2004-09-29T00:00:00", "title": "Debian DSA-336-1 : linux-kernel-2.2.20 - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244", "CVE-2002-1380"], "modified": "2018-07-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:kernel-image-2.2.20-i386", "cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:kernel-source-2.2.20"], "id": "DEBIAN_DSA-336.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15173", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-336. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15173);\n script_version(\"1.27\");\n script_cvs_date(\"Date: 2018/07/20 2:17:10\");\n\n script_cve_id(\"CVE-2002-0429\", \"CVE-2002-1380\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_bugtraq_id(4259, 6420, 6535, 7112, 7600, 7601, 7791, 7793, 7797);\n script_xref(name:\"DSA\", value:\"336\");\n\n script_name(english:\"Debian DSA-336-1 : linux-kernel-2.2.20 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities have been discovered in the Linux kernel.\n\n - CAN-2002-1380: Linux kernel 2.2.x allows local users to\n cause a denial of service (crash) by using the mmap()\n function with a PROT_READ parameter to access\n non-readable memory pages through the /proc/pid/mem\n interface.\n - CVE-2002-0429: The iBCS routines in\n arch/i386/kernel/traps.c for Linux kernels 2.4.18 and\n earlier on x86 systems allow local users to kill\n arbitrary processes via a binary compatibility interface\n (lcall)\n\n - CAN-2003-0001: Multiple ethernet Network Interface Card\n (NIC) device drivers do not pad frames with null bytes,\n which allows remote attackers to obtain information from\n previous packets or kernel memory by using malformed\n packets\n\n - CAN-2003-0127: The kernel module loader allows local\n users to gain root privileges by using ptrace to attach\n to a child process that is spawned by the kernel\n\n - CAN-2003-0244: The route cache implementation in Linux\n 2.4, and the Netfilter IP conntrack module, allows\n remote attackers to cause a denial of service (CPU\n consumption) via packets with forged source addresses\n that cause a large number of hash table collisions\n related to the PREROUTING chain\n\n - CAN-2003-0246: The ioperm system call in Linux kernel\n 2.4.20 and earlier does not properly restrict\n privileges, which allows local users to gain read or\n write access to certain I/O ports.\n\n - CAN-2003-0247: vulnerability in the TTY layer of the\n Linux kernel 2.4 allows attackers to cause a denial of\n service ('kernel oops')\n\n - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows\n attackers to modify CPU state registers via a malformed\n address.\n\n - CAN-2003-0364: The TCP/IP fragment reassembly handling\n in the Linux kernel 2.4 allows remote attackers to cause\n a denial of service (CPU consumption) via certain\n packets that cause a large number of hash table\n collisions\n\nThis advisory provides updated 2.2.20 kernel source, and binary kernel\nimages for the i386 architecture. Other architectures and kernel\nversions will be covered by separate advisories.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2003/dsa-336\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (woody) on the i386 architecture, these\nproblems have been fixed in kernel-source-2.2.20 version\n2.2.20-5woody2 and kernel-image-i386 version 2.2.20-5woody3.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully and\nfollow the instructions given during the kernel upgrade process.\n\nNOTE: These kernels are not binary-compatible with the previous\nversion. Any loadable modules will need to be recompiled in order to\nwork with the new kernel.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-2.2.20-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-source-2.2.20\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-doc-2.2.20\", reference:\"2.2.20-5woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.2.20\", reference:\"2.2.20-5woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.2.20-compact\", reference:\"2.2.20-5woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.2.20-idepci\", reference:\"2.2.20-5woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.2.20\", reference:\"2.2.20-5woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.2.20-compact\", reference:\"2.2.20-5woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.2.20-idepci\", reference:\"2.2.20-5woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-source-2.2.20\", reference:\"2.2.20-5woody2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:33:41", "references": ["http://www.debian.org/security/2003/dsa-312"], "pluginID": "15149", "description": "A number of vulnerabilities have been discovered in the Linux kernel.\n\nCVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall).\n\nCAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets.\n\nCAN-2003-0127: The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.\n\nCAN-2003-0244: The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain.\n\nCAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\nCAN-2003-0247: Vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ('kernel oops').\n\nCAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.\n\nCAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.\n\nThis advisory covers only the powerpc architecture. Other architectures will be covered by separate advisories.", "edition": 6, "reporter": "Tenable", "published": "2004-09-29T00:00:00", "title": "Debian DSA-312-1 : kernel-patch-2.4.18-powerpc - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2018-07-20T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:kernel-patch-2.4.18-powerpc"], "id": "DEBIAN_DSA-312.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15149", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-312. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15149);\n script_version(\"1.24\");\n script_cvs_date(\"Date: 2018/07/20 2:17:10\");\n\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_bugtraq_id(6535, 7112, 7600, 7601, 7791, 7793, 7797);\n script_xref(name:\"DSA\", value:\"312\");\n\n script_name(english:\"Debian DSA-312-1 : kernel-patch-2.4.18-powerpc - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities have been discovered in the Linux kernel.\n\nCVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux\nkernels 2.4.18 and earlier on x86 systems allow local users to kill\narbitrary processes via a binary compatibility interface (lcall).\n\nCAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device\ndrivers do not pad frames with null bytes, which allows remote\nattackers to obtain information from previous packets or kernel memory\nby using malformed packets.\n\nCAN-2003-0127: The kernel module loader allows local users to gain\nroot privileges by using ptrace to attach to a child process that is\nspawned by the kernel.\n\nCAN-2003-0244: The route cache implementation in Linux 2.4, and the\nNetfilter IP conntrack module, allows remote attackers to cause a\ndenial of service (CPU consumption) via packets with forged source\naddresses that cause a large number of hash table collisions related\nto the PREROUTING chain.\n\nCAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and\nearlier does not properly restrict privileges, which allows local\nusers to gain read or write access to certain I/O ports.\n\nCAN-2003-0247: Vulnerability in the TTY layer of the Linux kernel 2.4\nallows attackers to cause a denial of service ('kernel oops').\n\nCAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to\nmodify CPU state registers via a malformed address.\n\nCAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux\nkernel 2.4 allows remote attackers to cause a denial of service (CPU\nconsumption) via certain packets that cause a large number of hash\ntable collisions.\n\nThis advisory covers only the powerpc architecture. Other\narchitectures will be covered by separate advisories.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2003/dsa-312\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (woody) on the powerpc architecture, these\nproblems have been fixed in version 2.4.18-1woody1.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully and\nfollow the instructions given during the kernel upgrade process.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-patch-2.4.18-powerpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18\", reference:\"2.4.18-1woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-newpmac\", reference:\"2.4.18-1woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-powerpc\", reference:\"2.4.18-1woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-powerpc-smp\", reference:\"2.4.18-1woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-patch-2.4.18-powerpc\", reference:\"2.4.18-1woody1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:40:53", "references": ["http://www.debian.org/security/2003/dsa-332"], "pluginID": "15169", "description": "A number of vulnerabilities have been discovered in the Linux kernel.\n\n - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall)\n - CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets\n\n - CAN-2003-0127: The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel\n\n - CAN-2003-0244: The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain\n\n - CAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\n - CAN-2003-0247: vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ('kernel oops')\n\n - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.\n\n - CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions\n\nThis advisory provides corrected source code for Linux 2.4.17, and corrected binary kernel images for the mips and mipsel architectures.\nOther versions and architectures will be covered by separate advisories.", "edition": 6, "reporter": "Tenable", "published": "2004-09-29T00:00:00", "title": "Debian DSA-332-1 : linux-kernel-2.4.17 - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2018-07-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:kernel-patch-2.4.17-mips", "cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:kernel-source-2.4.17"], "id": "DEBIAN_DSA-332.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15169", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-332. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15169);\n script_version(\"1.25\");\n script_cvs_date(\"Date: 2018/07/20 2:17:10\");\n\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_bugtraq_id(4259, 6535, 7112, 7600, 7601, 7791, 7793, 7797);\n script_xref(name:\"DSA\", value:\"332\");\n\n script_name(english:\"Debian DSA-332-1 : linux-kernel-2.4.17 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities have been discovered in the Linux kernel.\n\n - CVE-2002-0429: The iBCS routines in\n arch/i386/kernel/traps.c for Linux kernels 2.4.18 and\n earlier on x86 systems allow local users to kill\n arbitrary processes via a binary compatibility interface\n (lcall)\n - CAN-2003-0001: Multiple ethernet Network Interface Card\n (NIC) device drivers do not pad frames with null bytes,\n which allows remote attackers to obtain information from\n previous packets or kernel memory by using malformed\n packets\n\n - CAN-2003-0127: The kernel module loader allows local\n users to gain root privileges by using ptrace to attach\n to a child process that is spawned by the kernel\n\n - CAN-2003-0244: The route cache implementation in Linux\n 2.4, and the Netfilter IP conntrack module, allows\n remote attackers to cause a denial of service (CPU\n consumption) via packets with forged source addresses\n that cause a large number of hash table collisions\n related to the PREROUTING chain\n\n - CAN-2003-0246: The ioperm system call in Linux kernel\n 2.4.20 and earlier does not properly restrict\n privileges, which allows local users to gain read or\n write access to certain I/O ports.\n\n - CAN-2003-0247: vulnerability in the TTY layer of the\n Linux kernel 2.4 allows attackers to cause a denial of\n service ('kernel oops')\n\n - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows\n attackers to modify CPU state registers via a malformed\n address.\n\n - CAN-2003-0364: The TCP/IP fragment reassembly handling\n in the Linux kernel 2.4 allows remote attackers to cause\n a denial of service (CPU consumption) via certain\n packets that cause a large number of hash table\n collisions\n\nThis advisory provides corrected source code for Linux 2.4.17, and\ncorrected binary kernel images for the mips and mipsel architectures.\nOther versions and architectures will be covered by separate\nadvisories.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2003/dsa-332\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (woody), these problems have been fixed in\nkernel-source-2.4.17 version 2.4.17-1woody1 and\nkernel-patch-2.4.17-mips version 2.4.17-0.020226.2.woody2.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully and\nfollow the instructions given during the kernel upgrade process.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-patch-2.4.17-mips\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-source-2.4.17\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-doc-2.4.17\", reference:\"2.4.17-1woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.17\", reference:\"2.4.17-0.020226.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-r3k-kn02\", reference:\"2.4.17-0.020226.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-r4k-ip22\", reference:\"2.4.17-0.020226.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-r4k-kn04\", reference:\"2.4.17-0.020226.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-r5k-ip22\", reference:\"2.4.17-0.020226.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-patch-2.4.17-mips\", reference:\"2.4.17-0.020226.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-source-2.4.17\", reference:\"2.4.17-1woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"mips-tools\", reference:\"2.4.17-0.020226.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"mkcramfs\", reference:\"2.4.17-1woody1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:08:13", "references": ["http://marc.info/?l=bugtraq&m=105664924024009&w=2"], "pluginID": "14057", "description": "Multiple vulnerabilities were discovered and fixed in the Linux kernel.\n\n - CVE-2003-0001: Multiple ethernet network card drivers do not pad frames with null bytes which allows remote attackers to obtain information from previous packets or kernel memory by using special malformed packets.\n\n - CVE-2003-0244: The route cache implementation in the 2.4 kernel and the Netfilter IP conntrack module allows remote attackers to cause a Denial of Service (DoS) via CPU consumption due to packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain.\n\n - CVE-2003-0246: The ioperm implementation in 2.4.20 and earlier kernels does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\n - CVE-2003-0247: A vulnerability in the TTY layer of the 2.4 kernel allows attackers to cause a kernel oops resulting in a DoS.\n\n - CVE-2003-0248: The mxcsr code in the 2.4 kernel allows attackers to modify CPU state registers via a malformed address.\n\n - CVE-2003-0462: A file read race existed in the execve() system call.\n\nKernels for 9.1/x86 are also available (see MDKSA-2003:066).\n\nMandrakeSoft encourages all users to upgrade to these new kernels.\n\nFor full instructions on how to properly upgrade your kernel, please review http://www.mandrakesecure.net/en/docs/magic.php.", "edition": 5, "reporter": "Tenable", "published": "2004-07-31T00:00:00", "title": "Mandrake Linux Security Advisory : kernel (MDKSA-2003:074)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0476", "CVE-2003-0244", "CVE-2003-0462"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:kernel-2.4.19.35mdk", "cpe:/o:mandrakesoft:mandrake_linux:8.2", "p-cpe:/a:mandriva:linux:kernel-secure-2.4.19.35mdk", "p-cpe:/a:mandriva:linux:kernel-BOOT-2.4.19.35mdk", "cpe:/o:mandrakesoft:mandrake_linux:9.0", "p-cpe:/a:mandriva:linux:kernel-source", "p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.19.35mdk", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-smp-2.4.19.35mdk"], "id": "MANDRAKE_MDKSA-2003-074.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14057", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2003:074. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14057);\n script_version (\"1.17\");\n script_cvs_date(\"Date: 2018/07/19 20:59:12\");\n\n script_cve_id(\"CVE-2003-0001\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0462\", \"CVE-2003-0476\");\n script_xref(name:\"MDKSA\", value:\"2003:074\");\n\n script_name(english:\"Mandrake Linux Security Advisory : kernel (MDKSA-2003:074)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered and fixed in the Linux\nkernel.\n\n - CVE-2003-0001: Multiple ethernet network card drivers do\n not pad frames with null bytes which allows remote\n attackers to obtain information from previous packets or\n kernel memory by using special malformed packets.\n\n - CVE-2003-0244: The route cache implementation in the 2.4\n kernel and the Netfilter IP conntrack module allows\n remote attackers to cause a Denial of Service (DoS) via\n CPU consumption due to packets with forged source\n addresses that cause a large number of hash table\n collisions related to the PREROUTING chain.\n\n - CVE-2003-0246: The ioperm implementation in 2.4.20 and\n earlier kernels does not properly restrict privileges,\n which allows local users to gain read or write access to\n certain I/O ports.\n\n - CVE-2003-0247: A vulnerability in the TTY layer of the\n 2.4 kernel allows attackers to cause a kernel oops\n resulting in a DoS.\n\n - CVE-2003-0248: The mxcsr code in the 2.4 kernel allows\n attackers to modify CPU state registers via a malformed\n address.\n\n - CVE-2003-0462: A file read race existed in the execve()\n system call.\n\nKernels for 9.1/x86 are also available (see MDKSA-2003:066).\n\nMandrakeSoft encourages all users to upgrade to these new kernels.\n\nFor full instructions on how to properly upgrade your kernel, please\nreview http://www.mandrakesecure.net/en/docs/magic.php.\"\n );\n # http://marc.theaimsgroup.com/?l=bugtraq&m=105664924024009&w=2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://marc.info/?l=bugtraq&m=105664924024009&w=2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.4.19.35mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-BOOT-2.4.19.35mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.19.35mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-secure-2.4.19.35mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-smp-2.4.19.35mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"kernel-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"kernel-doc-2.4.19-35mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"kernel-enterprise-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"kernel-secure-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"kernel-smp-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"kernel-source-2.4.19-35mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-doc-2.4.19-35mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-enterprise-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-secure-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-smp-2.4.19.35mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-source-2.4.19-35mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:36:07", "references": ["http://www.debian.org/security/2003/dsa-311"], "pluginID": "15148", "description": "A number of vulnerabilities have been discovered in the Linux kernel.\n\nCVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall).\n\nCAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets.\n\nCAN-2003-0127: The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.\n\nCAN-2003-0244: The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain.\n\nCAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\nCAN-2003-0247: Vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ('kernel oops').\n\nCAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.\n\nCAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.\n\nThis advisory covers only the i386 (Intel IA32) architectures. Other architectures will be covered by separate advisories.", "edition": 6, "reporter": "Tenable", "published": "2004-09-29T00:00:00", "title": "Debian DSA-311-1 : linux-kernel-2.4.18 - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2018-07-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:kernel", "cpe:/o:debian:debian_linux:3.0"], "id": "DEBIAN_DSA-311.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15148", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-311. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15148);\n script_version(\"1.23\");\n script_cvs_date(\"Date: 2018/07/20 2:17:10\");\n\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_xref(name:\"DSA\", value:\"311\");\n\n script_name(english:\"Debian DSA-311-1 : linux-kernel-2.4.18 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities have been discovered in the Linux kernel.\n\nCVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux\nkernels 2.4.18 and earlier on x86 systems allow local users to kill\narbitrary processes via a binary compatibility interface (lcall).\n\nCAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device\ndrivers do not pad frames with null bytes, which allows remote\nattackers to obtain information from previous packets or kernel memory\nby using malformed packets.\n\nCAN-2003-0127: The kernel module loader allows local users to gain\nroot privileges by using ptrace to attach to a child process that is\nspawned by the kernel.\n\nCAN-2003-0244: The route cache implementation in Linux 2.4, and the\nNetfilter IP conntrack module, allows remote attackers to cause a\ndenial of service (CPU consumption) via packets with forged source\naddresses that cause a large number of hash table collisions related\nto the PREROUTING chain.\n\nCAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and\nearlier does not properly restrict privileges, which allows local\nusers to gain read or write access to certain I/O ports.\n\nCAN-2003-0247: Vulnerability in the TTY layer of the Linux kernel 2.4\nallows attackers to cause a denial of service ('kernel oops').\n\nCAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to\nmodify CPU state registers via a malformed address.\n\nCAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux\nkernel 2.4 allows remote attackers to cause a denial of service (CPU\nconsumption) via certain packets that cause a large number of hash\ntable collisions.\n\nThis advisory covers only the i386 (Intel IA32) architectures. Other\narchitectures will be covered by separate advisories.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2003/dsa-311\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (woody) on the i386 architecture, these\nproblems have been fixed in kernel-source-2.4.18 version 2.4.18-9,\nkernel-image-2.4.18-1-i386 version 2.4.18-8, and\nkernel-image-2.4.18-i386bf version 2.4.18-5woody1.\n\nWe recommend that you update your kernel packages.\n\nIf you are using the kernel installed by the installation system when\nthe 'bf24' option is selected (for a 2.4.x kernel), you should install\nthe kernel-image-2.4.18-bf2.4 package. If you installed a different\nkernel-image package after installation, you should install the\ncorresponding 2.4.18-1 kernel. You may use the table below as a guide.\n\n| If 'uname -r' shows: | Install this package: | 2.4.18-bf2.4 |\nkernel-image-2.4.18-bf2.4 | 2.4.18-386 | kernel-image-2.4.18-1-386 |\n2.4.18-586tsc | kernel-image-2.4.18-1-586tsc | 2.4.18-686 |\nkernel-image-2.4.18-1-686 | 2.4.18-686-smp |\nkernel-image-2.4.18-1-686-smp | 2.4.18-k6 | kernel-image-2.4.18-1-k6 |\n2.4.18-k7 | kernel-image-2.4.18-1-k7\n\nNOTE: that this kernel is not binary compatible with the previous\nversion. For this reason, the kernel has a different version number\nand will not be installed automatically as part of the normal upgrade\nprocess. Any custom modules will need to be rebuilt in order to work\nwith the new kernel. New PCMCIA modules are provided for all of the\nabove kernels.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully and\nfollow the instructions given during the kernel upgrade process.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-doc-2.4.18\", reference:\"2.4.18-9\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-386\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-586tsc\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-686\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-686-smp\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-k6\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-k7\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-bf2.4\", reference:\"2.4.18-5woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-386\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-586tsc\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-686\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-686-smp\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-k6\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-k7\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-bf2.4\", reference:\"2.4.18-5woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-386\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-586tsc\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-686\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-686-smp\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-k6\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-k7\", reference:\"2.4.18-8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-source-2.4.18\", reference:\"2.4.18-9\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"pcmcia-modules-2.4.18-bf2.4\", reference:\"3.1.33-6woody1k5woody1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:52:39", "references": ["http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt", "http://isec.pl/vulnerabilities/isec-0013-mremap.txt", "http://www.debian.org/security/2004/dsa-442"], "pluginID": "15279", "description": "Several security related problems have been fixed in the Linux kernel 2.4.17 used for the S/390 architecture, mostly by backporting fixes from 2.4.18 and incorporating recent security fixes. The corrections are listed below with the identification from the Common Vulnerabilities and Exposures (CVE) project :\n\n - CVE-2002-0429 :\n The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall).\n\n - CAN-2003-0001 :\n\n Multiple ethernet network interface card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.\n\n - CAN-2003-0244 :\n\n The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain.\n\n - CAN-2003-0246 :\n\n The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\n - CAN-2003-0247 :\n\n A vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ('kernel oops').\n\n - CAN-2003-0248 :\n\n The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.\n\n - CAN-2003-0364 :\n\n The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.\n\n - CAN-2003-0961 :\n\n An integer overflow in brk() system call (do_brk() function) for Linux allows a local attacker to gain root privileges. Fixed upstream in Linux 2.4.23.\n\n - CAN-2003-0985 :\n\n Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug.\n Fixed upstream in Linux 2.4.24.\n\n - CAN-2004-0077 :\n\n Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to missing function return value check of internal functions a local attacker can gain root privileges. Fixed upstream in Linux 2.4.25 and 2.6.3.", "edition": 7, "reporter": "Tenable", "published": "2004-09-29T00:00:00", "title": "Debian DSA-442-1 : linux-kernel-2.4.17-s390 - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0961", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0985", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244", "CVE-2004-0077"], "modified": "2018-07-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:kernel-image-2.4.17-s390", "cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:kernel-patch-2.4.17-s390"], "id": "DEBIAN_DSA-442.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15279", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-442. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15279);\n script_version(\"1.32\");\n script_cvs_date(\"Date: 2018/07/20 2:17:11\");\n\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\", \"CVE-2003-0961\", \"CVE-2003-0985\", \"CVE-2004-0077\");\n script_bugtraq_id(4259, 6535, 7600, 7601, 7791, 7793, 7797, 9138, 9356, 9686);\n script_xref(name:\"CERT\", value:\"981222\");\n script_xref(name:\"DSA\", value:\"442\");\n\n script_name(english:\"Debian DSA-442-1 : linux-kernel-2.4.17-s390 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several security related problems have been fixed in the Linux kernel\n2.4.17 used for the S/390 architecture, mostly by backporting fixes\nfrom 2.4.18 and incorporating recent security fixes. The corrections\nare listed below with the identification from the Common\nVulnerabilities and Exposures (CVE) project :\n\n - CVE-2002-0429 :\n The iBCS routines in arch/i386/kernel/traps.c for Linux\n kernels 2.4.18 and earlier on x86 systems allow local\n users to kill arbitrary processes via a binary\n compatibility interface (lcall).\n\n - CAN-2003-0001 :\n\n Multiple ethernet network interface card (NIC) device\n drivers do not pad frames with null bytes, which allows\n remote attackers to obtain information from previous\n packets or kernel memory by using malformed packets, as\n demonstrated by Etherleak.\n\n - CAN-2003-0244 :\n\n The route cache implementation in Linux 2.4, and the\n Netfilter IP conntrack module, allows remote attackers\n to cause a denial of service (CPU consumption) via\n packets with forged source addresses that cause a large\n number of hash table collisions related to the\n PREROUTING chain.\n\n - CAN-2003-0246 :\n\n The ioperm system call in Linux kernel 2.4.20 and\n earlier does not properly restrict privileges, which\n allows local users to gain read or write access to\n certain I/O ports.\n\n - CAN-2003-0247 :\n\n A vulnerability in the TTY layer of the Linux kernel 2.4\n allows attackers to cause a denial of service ('kernel\n oops').\n\n - CAN-2003-0248 :\n\n The mxcsr code in Linux kernel 2.4 allows attackers to\n modify CPU state registers via a malformed address.\n\n - CAN-2003-0364 :\n\n The TCP/IP fragment reassembly handling in the Linux\n kernel 2.4 allows remote attackers to cause a denial of\n service (CPU consumption) via certain packets that cause\n a large number of hash table collisions.\n\n - CAN-2003-0961 :\n\n An integer overflow in brk() system call (do_brk()\n function) for Linux allows a local attacker to gain root\n privileges. Fixed upstream in Linux 2.4.23.\n\n - CAN-2003-0985 :\n\n Paul Starzetz discovered a flaw in bounds checking in\n mremap() in the Linux kernel (present in version 2.4.x\n and 2.6.x) which may allow a local attacker to gain root\n privileges. Version 2.2 is not affected by this bug.\n Fixed upstream in Linux 2.4.24.\n\n - CAN-2004-0077 :\n\n Paul Starzetz and Wojciech Purczynski of isec.pl\n discovered a critical security vulnerability in the\n memory management code of Linux inside the mremap(2)\n system call. Due to missing function return value check\n of internal functions a local attacker can gain root\n privileges. Fixed upstream in Linux 2.4.25 and 2.6.3.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://isec.pl/vulnerabilities/isec-0013-mremap.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-442\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the Linux kernel packages immediately.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 2.4.17-2.woody.3 of s390 images and in version\n0.0.20020816-0.woody.2 of the patch packages.\n\n Vulnerability matrix for CAN-2004-0077\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-2.4.17-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-patch-2.4.17-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.17\", reference:\"2.4.17-2.woody.3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-s390\", reference:\"2.4.17-2.woody.3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-patch-2.4.17-s390\", reference:\"0.0.20020816-0.woody.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:07", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n________________________________________________________________________\r\n\r\n Mandrake Linux Security Update Advisory\r\n________________________________________________________________________\r\n\r\nPackage name: kernel\r\nAdvisory ID: MDKSA-2003:066\r\nDate: June 11th, 2003\r\n\r\nAffected versions: 9.1\r\n________________________________________________________________________\r\n\r\nProblem Description:\r\n\r\n Multiple vulnerabilities were discovered and fixed in the Linux kernel.\r\n \r\n * CAN-2003-0001: Multiple ethernet network card drivers do not pad\r\n frames with null bytes which allows remote attackers to obtain\r\n information from previous packets or kernel memory by using\r\n special malformed packets.\r\n \r\n * CAN-2003-0244: The route cache implementation in the 2.4 kernel and\r\n the Netfilter IP conntrack module allows remote attackers to cause a\r\n Denial of Service (DoS) via CPU consumption due to packets with\r\n forged source addresses that cause a large number of hash table\r\n collisions related to the PREROUTING chain.\r\n \r\n * CAN-2003-0246: The ioperm implementation in 2.4.20 and earlier\r\n kernels does not properly restrict privileges, which allows local\r\n users to gain read or write access to certain I/O ports.\r\n \r\n * CAN-2003-0247: A vulnerability in the TTY layer of the 2.4 kernel\r\n allows attackers to cause a kernel oops resulting in a DoS.\r\n \r\n * CAN-2003-0248: The mxcsr code in the 2.4 kernel allows attackers to\r\n modify CPU state registers via a malformed address.\r\n \r\n As well, a number of bug fixes were made in the 9.1 kernel including:\r\n \r\n * Support for more machines that did not work with APIC\r\n * Audigy2 support\r\n * New/updated modules: prims25, adiusbadsl, thinkpad, ieee1394,\r\n orinoco, via-rhine, \r\n * Fixed SiS IOAPIC\r\n * IRQ balancing has been fixed for SMP\r\n * Updates to ext3\r\n * The previous ptrace fix has been redone to work better\r\n \r\n MandrakeSoft encourages all users to upgrade to these new kernels.\r\n Updated kernels will be available shortly for other supported platforms\r\n and architectures.\r\n________________________________________________________________________\r\n\r\nReferences:\r\n \r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0001\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0244\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0246\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0247\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0248\r\n________________________________________________________________________\r\n\r\nUpdated Packages:\r\n \r\n Mandrake Linux 9.1:\r\n bca5bada0476e53911f157e9ec5ca504 9.1/RPMS/kernel-2.4.21.0.18mdk-1-1mdk.i586.rpm\r\n 57ee4b2b038598cbd020f1e0752a61dd 9.1/RPMS/kernel-BOOT-2.4.21.0.18mdk-1-1mdk.i586.rpm\r\n b14c3291fab83bd1894c8b5217311dfa 9.1/RPMS/kernel-doc-2.4.21-0.18mdk.i586.rpm\r\n ed766922171751e1f05c6ce590af9755 9.1/RPMS/kernel-enterprise-2.4.21.0.18mdk-1-1mdk.i586.rpm\r\n 64c554564115626ff86cf3fd5e40ece1 9.1/RPMS/kernel-secure-2.4.21.0.18mdk-1-1mdk.i586.rpm\r\n 944017f71e79714767d94517cd41110d 9.1/RPMS/kernel-smp-2.4.21.0.18mdk-1-1mdk.i586.rpm\r\n 9621bebecb94bc6031ffaa073c4967f1 9.1/RPMS/kernel-source-2.4.21-0.18mdk.i586.rpm\r\n 9d0c651808a2874256489f3a90ad6fdb 9.1/SRPMS/kernel-2.4.21.0.18mdk-1-1mdk.src.rpm\r\n________________________________________________________________________\r\n\r\nBug IDs fixed (see https://qa.mandrakesoft.com for more information):\r\n________________________________________________________________________\r\n\r\nTo upgrade automatically, use MandrakeUpdate. The verification of md5\r\nchecksums and GPG signatures is performed automatically for you.\r\n\r\nIf you want to upgrade manually, download the updated package from one\r\nof our FTP server mirrors and upgrade with "rpm -Fvh *.rpm". A list of\r\nFTP mirrors can be obtained from:\r\n\r\n http://www.mandrakesecure.net/en/ftp.php\r\n\r\nPlease verify the update prior to upgrading to ensure the integrity of\r\nthe downloaded package. You can do this with the command:\r\n\r\n rpm --checksig <filename>\r\n\r\nAll packages are signed by MandrakeSoft for security. You can obtain\r\nthe GPG public key of the Mandrake Linux Security Team from:\r\n\r\n https://www.mandrakesecure.net/RPM-GPG-KEYS\r\n\r\nPlease be aware that sometimes it takes the mirrors a few hours to\r\nupdate.\r\n\r\nYou can view other update advisories for Mandrake Linux at:\r\n\r\n http://www.mandrakesecure.net/en/advisories/\r\n\r\nMandrakeSoft has several security-related mailing list services that\r\nanyone can subscribe to. Information on these lists can be obtained by\r\nvisiting:\r\n\r\n http://www.mandrakesecure.net/en/mlist.php\r\n\r\nIf you want to report vulnerabilities, please contact\r\n\r\n security_linux-mandrake.com\r\n\r\nType Bits/KeyID Date User ID\r\npub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team\r\n <security linux-mandrake.com>\r\n\r\n- -----BEGIN PGP PUBLIC KEY BLOCK-----\r\nVersion: GnuPG v1.0.7 (GNU/Linux)\r\n\r\nmQGiBDlp594RBAC2tDozI3ZgQsE7XwxurJCJrX0L5vx7SDByR5GHDdWekGhdiday\r\nL4nfUax+SeR9SCoCgTgPW1xB8vtQc8/sinJlMjp9197a2iKM0FOcPlkpa3HcOdt7\r\nWKJqQhlMrHvRcsivzcgqjH44GBBJIT6sygUF8k0lU6YnMHj5MPc/NGWt8wCg9vKo\r\nP0l5QVAFSsHtqcU9W8cc7wMEAJzQsAlnvPXDBfBLEH6u7ptWFdp0GvbSuG2wRaPl\r\nhynHvRiE01ZvwbJZXsPsKm1z7uVoW+NknKLunWKB5axrNXDHxCYJBzY3jTeFjsqx\r\nPFZkIEAQphLTkeXXelAjQ5u9tEshPswEtMvJvUgNiAfbzHfPYmq8D6x5xOw1IySg\r\n2e/LBACxr2UJYCCB2BZ3p508mAB0RpuLGukq+7UWiOizy+kSskIBg2O7sQkVY/Cs\r\niyGEo4XvXqZFMY39RBdfm2GY+WB/5NFiTOYJRKjfprP6K1YbtsmctsX8dG+foKsD\r\nLLFs7OuVfaydLQYp1iiN6D+LJDSMPM8/LCWzZsgr9EKJ8NXiyrQ6TGludXggTWFu\r\nZHJha2UgU2VjdXJpdHkgVGVhbSA8c2VjdXJpdHlAbGludXgtbWFuZHJha2UuY29t\r\nPohWBBMRAgAWBQI5aefeBAsKBAMDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmK6LAKCy\r\n/NInDsaMSI+WHwrquwC5PZrcnQCeI+v3gUDsNfQfiKBvQSANu1hdulqIRgQQEQIA\r\nBgUCOtNVGQAKCRBZ5w3um0pAJJWQAKDUoL5He+mKbfrMaTuyU5lmRyJ0fwCgoFAP\r\nWdvQlu/kFjphF740XeOwtOqIRgQQEQIABgUCOu8A6QAKCRBynDnb9lq3CnpjAJ4w\r\nPk0SEE9U4r40IxWpwLU+wrWVugCdFfSPllPpZRCiaC7HwbFcfExRmPaIRgQQEQIA\r\nBgUCPI+UAwAKCRDniYrgcHcf8xK5AKCm/Mq8qP8GE0o1hEX22QsJMZwH5gCfZ72H\r\n8TacOb3oAmBdprf+K6gkdOiIRgQQEQIABgUCOtOieAAKCRCv2bZyU0yB80MeAJ9K\r\n+jXt0cKuaUonRU+CRGetk6t9dgCfTRRL6/puOKdD6md70+K5EBBSvsG0OE1hbmRy\r\nYWtlIExpbnV4IFNlY3VyaXR5IFRlYW0gPHNlY3VyaXR5QG1hbmRyYWtlc29mdC5j\r\nb20+iFcEExECABcFAjyPnuUFCwcKAwQDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmFi+\r\nAJsHhohgnU3ik4+gy3EdFlB2i/MBoACg6lHn5cnVvTcmgNccWxeNxLLZI5e5AQ0E\r\nOWnn7xAEAOQlTVY4TiNo5V/iP0J1xnqjqlqZsU7yEBKo/gZz6/+hx75RURe1ebiJ\r\n9F779FQbpJ9Epz1KLSXvq974rnVb813zuGdmgFyk+ryA/rTR2RQ8h+EoNkwmATzR\r\nxBXVJb57fFQjxOu4eNjZAtfII/YXb0uyXXrdr5dlJ/3eXrcO4p0XAAMFBACCxo6Z\r\n269s+A4v8C6Ui12aarOQcCDlV8cVG9LkyatU3FNTlnasqwo6EkaP572448weJWwN\r\n6SCXVl+xOYLiK0hL/6Jb/O9Agw75yUVdk+RMM2I4fNEi+y4hmfMh2siBv8yEkEvZ\r\njTcl3TpkTfzYky85tu433wmKaLFOv0WjBFSikohGBBgRAgAGBQI5aefvAAoJEJqo\r\n0NAiRYqYid0AoJgeWzXrEdIClBOSW5Q6FzqJJyaqAKC0Y9YI3UFlE4zSIGjcFlLJ\r\nEJGXlA==\r\n=yGlX\r\n- -----END PGP PUBLIC KEY BLOCK-----\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.0.7 (GNU/Linux)\r\n\r\niD8DBQE+56V+mqjQ0CJFipgRAu0bAJsElc3QmEl4WBRhUO7PNwit3HAjrwCfSClk\r\n972cH4+NoFhTz+l8rQg1o88=\r\n=rOjs\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2003-06-21T00:00:00", "title": "MDKSA-2003:066 - Updated kernel packages fix multiple vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:07", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2003-06-21T00:00:00", "id": "SECURITYVULNS:DOC:4715", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:4715", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-03-28T01:01:23", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.4.9-e.25", "arch": "i686", "packageFilename": "kernel-2.4.9-e.25.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.4.9-e.25", "arch": "athlon", "packageFilename": "kernel-smp-2.4.9-e.25.athlon.rpm", "packageName": "kernel-smp", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.4.9-e.25", "arch": "i386", "packageFilename": "kernel-doc-2.4.9-e.25.i386.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.4.9-e.25", "arch": "i686", "packageFilename": "kernel-summit-2.4.9-e.25.i686.rpm", "packageName": "kernel-summit", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.4.9-e.25", "arch": "i386", "packageFilename": "kernel-headers-2.4.9-e.25.i386.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.4.9-e.25", "arch": "i386", "packageFilename": "kernel-source-2.4.9-e.25.i386.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.4.9-e.25", "arch": "i686", "packageFilename": "kernel-enterprise-2.4.9-e.25.i686.rpm", "packageName": "kernel-enterprise", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.4.9-e.25", "arch": "athlon", "packageFilename": "kernel-2.4.9-e.25.athlon.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.4.9-e.25", "arch": "i386", "packageFilename": "kernel-BOOT-2.4.9-e.25.i386.rpm", "packageName": "kernel-BOOT", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.4.9-e.25", "arch": "i686", "packageFilename": "kernel-smp-2.4.9-e.25.i686.rpm", "packageName": "kernel-smp", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "packageVersion": "2.4.9-e.25", "arch": "i686", "packageFilename": "kernel-debug-2.4.9-e.25.i686.rpm", "packageName": "kernel-debug", "operator": "lt"}], "description": "The Linux kernel handles the basic functions of the operating system. \n\nSeveral security issues have been found that affect the Linux kernel:\n\nAl Viro found a security issue in the tty layer whereby any user could\ncause a kernel oops. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2003-0247 to this issue.\n\nAndrea Arcangeli found an issue in the low-level mxcsr code in which a\nmalformed address would leave garbage in cpu state registers. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CAN-2003-0248 to this issue.\n\nThe TCP/IP fragment reassembly handling allows remote attackers to cause a\ndenial of service (CPU consumption) via packets that cause a large number\nof hash table collisions, a vulnerability similar to CAN-2003-0244. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2003-0364 to this issue.\n\nThese kernels also contain updated fixes for the ioperm security issue, as\nwell as fixes for a number of bugs.\n\nIt is recommended that users upgrade to these erratum kernels, which\ncontain patches to correct these vulnerabilities.", "reporter": "RedHat", "published": "2003-06-19T04:00:00", "type": "redhat", "title": "(RHSA-2003:195) kernel security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2001-1572", "CVE-2003-0244", "CVE-2003-0247", "CVE-2003-0248", "CVE-2003-0364"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-03-14T19:27:11", "id": "RHSA-2003:195", "href": "https://access.redhat.com/errata/RHSA-2003:195", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2016-09-02T18:35:30", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.2.20-5woody3", "packageName": "kernel-image-2.2.20-i386", "arch": "src", "packageFilename": "kernel-image-2.2.20-i386_2.2.20-5woody3.tar.gz", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.2.20-5woody3", "packageName": "kernel-image-2.2.20-idepci", "arch": "i686", "packageFilename": "kernel-image-2.2.20-idepci_2.2.20-5woody3_i386.deb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.2.20-5woody2", "packageName": "kernel-source-2.2.20", "arch": "all", "packageFilename": "kernel-source-2.2.20_2.2.20-5woody2_all.deb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.2.20-5woody3", "packageName": "kernel-headers-2.2.20", "arch": "i686", "packageFilename": "kernel-headers-2.2.20_2.2.20-5woody3_i386.deb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.2.20-5woody2.diff", "packageName": "kernel-source-2.2.20", "arch": "src", "packageFilename": "kernel-source-2.2.20_2.2.20-5woody2.diff.gz", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.2.20-5woody3", "packageName": "kernel-image-2.2.20", "arch": "i686", "packageFilename": "kernel-image-2.2.20_2.2.20-5woody3_i386.deb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.2.20-5woody3", "packageName": "kernel-image-2.2.20-i386", "arch": "src", "packageFilename": "kernel-image-2.2.20-i386_2.2.20-5woody3.dsc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.2.20-5woody2", "packageName": "kernel-doc-2.2.20", "arch": "all", "packageFilename": "kernel-doc-2.2.20_2.2.20-5woody2_all.deb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.2.20.orig", "packageName": "kernel-source-2.2.20", "arch": "src", "packageFilename": "kernel-source-2.2.20_2.2.20.orig.tar.gz", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.2.20-5woody3", "packageName": "kernel-image-2.2.20-compact", "arch": "i686", "packageFilename": "kernel-image-2.2.20-compact_2.2.20-5woody3_i386.deb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.2.20-5woody3", "packageName": "kernel-headers-2.2.20-compact", "arch": "i686", "packageFilename": "kernel-headers-2.2.20-compact_2.2.20-5woody3_i386.deb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.2.20-5woody2", "packageName": "kernel-source-2.2.20", "arch": "src", "packageFilename": "kernel-source-2.2.20_2.2.20-5woody2.dsc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.2.20-5woody3", "packageName": "kernel-headers-2.2.20-idepci", "arch": "i686", "packageFilename": "kernel-headers-2.2.20-idepci_2.2.20-5woody3_i386.deb", "operator": "lt"}], "edition": 1, "description": "A number of vulnerabilities have been discovered in the Linux kernel.\n\n * [CAN-2002-1380](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1380>): Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface.\n * [CVE-2002-0429](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0429>): The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall)\n * [CAN-2003-0001](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0001>): Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets\n * [CAN-2003-0127](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0127>): The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel\n * [CAN-2003-0244](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0244>): The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain\n * [CAN-2003-0246](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0246>): The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n * [CAN-2003-0247](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0247>): vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service (\"kernel oops\")\n * [CAN-2003-0248](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0248>): The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.\n * [CAN-2003-0364](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0364>): The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions\n\nThis advisory provides updated 2.2.20 kernel source, and binary kernel images for the i386 architecture. Other architectures and kernel versions will be covered by separate advisories.\n\nFor the stable distribution (woody) on the i386 architecture, these problems have been fixed in kernel-source-2.2.20 version 2.2.20-5woody2 and kernel-image-i386 version 2.2.20-5woody3.\n\nFor the unstable distribution (sid) these problems are fixed in kernel-source-2.2.25 and kernel-image-2.2.25-i386 version 2.2.25-2.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade in order to replace the running kernel. Remember to read carefully and follow the instructions given during the kernel upgrade process.\n\nNOTE: These kernels are not binary-compatible with the previous version. Any loadable modules will need to be recompiled in order to work with the new kernel.", "reporter": "Debian", "published": "2003-06-29T00:00:00", "title": "linux-kernel-2.2.20 -- several vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244", "CVE-2002-1380"], "modified": "2003-06-29T00:00:00", "href": "http://www.debian.org/security/dsa-336", "id": "DSA-336", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-02T18:28:21", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-1woody1", "packageFilename": "kernel-patch-2.4.18-powerpc_2.4.18-1woody1_all.deb", "arch": "all", "packageName": "kernel-patch-2.4.18-powerpc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-1woody1", "packageFilename": "kernel-patch-2.4.18-powerpc_2.4.18-1woody1.dsc", "arch": "src", "packageName": "kernel-patch-2.4.18-powerpc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-1woody1", "packageFilename": "kernel-image-2.4.18-powerpc-smp_2.4.18-1woody1_powerpc.deb", "arch": "ppc", "packageName": "kernel-image-2.4.18-powerpc-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-1woody1", "packageFilename": "kernel-image-2.4.18-newpmac_2.4.18-1woody1_powerpc.deb", "arch": "ppc", "packageName": "kernel-image-2.4.18-newpmac", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-1woody1", "packageFilename": "kernel-image-2.4.18-powerpc_2.4.18-1woody1_powerpc.deb", "arch": "ppc", "packageName": "kernel-image-2.4.18-powerpc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-1woody1", "packageFilename": "kernel-patch-2.4.18-powerpc_2.4.18-1woody1.tar.gz", "arch": "src", "packageName": "kernel-patch-2.4.18-powerpc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-1woody1", "packageFilename": "kernel-headers-2.4.18_2.4.18-1woody1_powerpc.deb", "arch": "ppc", "packageName": "kernel-headers-2.4.18", "operator": "lt"}], "edition": 1, "description": "A number of vulnerabilities have been discovered in the Linux kernel.\n\nCVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall).\n\nCAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets.\n\nCAN-2003-0127: The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.\n\nCAN-2003-0244: The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain.\n\nCAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\nCAN-2003-0247: Vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service (\"kernel oops\").\n\nCAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.\n\nCAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.\n\nThis advisory covers only the powerpc architecture. Other architectures will be covered by separate advisories.\n\nFor the stable distribution (woody) on the powerpc architecture, these problems have been fixed in version 2.4.18-1woody1.\n\nFor the unstable distribution (sid) these problems are fixed in version 2.4.20-2.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade in order to replace the running kernel. Remember to read carefully and follow the instructions given during the kernel upgrade process.", "reporter": "Debian", "published": "2003-06-09T00:00:00", "type": "debian", "title": "kernel-patch-2.4.18-powerpc -- several vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2003-06-09T00:00:00", "id": "DSA-312", "href": "http://www.debian.org/security/dsa-312", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-02T18:29:54", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-0.020226.2.woody2", "arch": "mipsel", "packageFilename": "kernel-image-2.4.17-r3k-kn02_2.4.17-0.020226.2.woody2_mipsel.deb", "packageName": "kernel-image-2.4.17-r3k-kn02", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-0.020226.2.woody2", "arch": "mips", "packageFilename": "kernel-headers-2.4.17_2.4.17-0.020226.2.woody2_mips.deb", "packageName": "kernel-headers-2.4.17", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1", "arch": "hppa", "packageFilename": "mkcramfs_2.4.17-1woody1_hppa.deb", "packageName": "mkcramfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1", "arch": "src", "packageFilename": "kernel-source-2.4.17_2.4.17-1woody1.dsc", "packageName": "kernel-source-2.4.17", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1.diff", "arch": "src", "packageFilename": "kernel-source-2.4.17_2.4.17-1woody1.diff.gz", "packageName": "kernel-source-2.4.17", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1", "arch": "s390x", "packageFilename": "mkcramfs_2.4.17-1woody1_s390.deb", "packageName": "mkcramfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1", "arch": "m68k", "packageFilename": "mkcramfs_2.4.17-1woody1_m68k.deb", "packageName": "mkcramfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1", "arch": "alpha", "packageFilename": "mkcramfs_2.4.17-1woody1_alpha.deb", "packageName": "mkcramfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-0.020226.2.woody2", "arch": "src", "packageFilename": "kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody2.dsc", "packageName": "kernel-patch-2.4.17-mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1", "arch": "mipsel", "packageFilename": "mkcramfs_2.4.17-1woody1_mipsel.deb", "packageName": "mkcramfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-0.020226.2.woody2", "arch": "mipsel", "packageFilename": "kernel-image-2.4.17-r4k-kn04_2.4.17-0.020226.2.woody2_mipsel.deb", "packageName": "kernel-image-2.4.17-r4k-kn04", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-0.020226.2.woody2", "arch": "mips", "packageFilename": "kernel-image-2.4.17-r5k-ip22_2.4.17-0.020226.2.woody2_mips.deb", "packageName": "kernel-image-2.4.17-r5k-ip22", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-0.020226.2.woody2", "arch": "mipsel", "packageFilename": "kernel-headers-2.4.17_2.4.17-0.020226.2.woody2_mipsel.deb", "packageName": "kernel-headers-2.4.17", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-0.020226.2.woody2", "arch": "mipsel", "packageFilename": "mips-tools_2.4.17-0.020226.2.woody2_mipsel.deb", "packageName": "mips-tools", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1", "arch": "all", "packageFilename": "kernel-source-2.4.17_2.4.17-1woody1_all.deb", "packageName": "kernel-source-2.4.17", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17.orig", "arch": "src", "packageFilename": "kernel-source-2.4.17_2.4.17.orig.tar.gz", "packageName": "kernel-source-2.4.17", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1", "arch": "mips", "packageFilename": "mkcramfs_2.4.17-1woody1_mips.deb", "packageName": "mkcramfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1", "arch": "ppc", "packageFilename": "mkcramfs_2.4.17-1woody1_powerpc.deb", "packageName": "mkcramfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1", "arch": "arm", "packageFilename": "mkcramfs_2.4.17-1woody1_arm.deb", "packageName": "mkcramfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1", "arch": "all", "packageFilename": "kernel-doc-2.4.17_2.4.17-1woody1_all.deb", "packageName": "kernel-doc-2.4.17", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-0.020226.2.woody2", "arch": "src", "packageFilename": "kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody2.tar.gz", "packageName": "kernel-patch-2.4.17-mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-0.020226.2.woody2", "arch": "all", "packageFilename": "kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody2_all.deb", "packageName": "kernel-patch-2.4.17-mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1", "arch": "i686", "packageFilename": "mkcramfs_2.4.17-1woody1_i386.deb", "packageName": "mkcramfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1", "arch": "ia64", "packageFilename": "mkcramfs_2.4.17-1woody1_ia64.deb", "packageName": "mkcramfs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-0.020226.2.woody2", "arch": "mips", "packageFilename": "kernel-image-2.4.17-r4k-ip22_2.4.17-0.020226.2.woody2_mips.deb", "packageName": "kernel-image-2.4.17-r4k-ip22", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-1woody1", "arch": "sparc", "packageFilename": "mkcramfs_2.4.17-1woody1_sparc.deb", "packageName": "mkcramfs", "operator": "lt"}], "description": "A number of vulnerabilities have been discovered in the Linux kernel.\n\n * [CVE-2002-0429](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0429>): The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall) \n * [CAN-2003-0001](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0001>): Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets \n * [CAN-2003-0127](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0127>): The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel \n * [CAN-2003-0244](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0244>): The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain \n * [CAN-2003-0246](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0246>): The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports. \n * [CAN-2003-0247](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0247>): vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service (\"kernel oops\") \n * [CAN-2003-0248](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0248>): The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address. \n * [CAN-2003-0364](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0364>): The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions \n\nThis advisory provides corrected source code for Linux 2.4.17, and corrected binary kernel images for the mips and mipsel architectures. Other versions and architectures will be covered by separate advisories.\n\nFor the stable distribution (woody), these problems have been fixed in kernel-source-2.4.17 version 2.4.17-1woody1 and kernel-patch-2.4.17-mips version 2.4.17-0.020226.2.woody2.\n\nFor the unstable distribution (sid) these problems are fixed in kernel-source-2.4.20 version 2.4.20-8.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade in order to replace the running kernel. Remember to read carefully and follow the instructions given during the kernel upgrade process.", "edition": 1, "reporter": "Debian", "published": "2003-06-27T00:00:00", "title": "linux-kernel-2.4.17 -- several vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2003-06-27T00:00:00", "id": "DSA-332", "href": "http://www.debian.org/security/dsa-332", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-02T18:32:39", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-pcmcia-modules-2.4.18-1-386_2.4.18-8_i386.deb", "packageName": "kernel-pcmcia-modules-2.4.18-1-386", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-9", "arch": "src", "packageFilename": "kernel-source-2.4.18_2.4.18-9.dsc", "packageName": "kernel-source-2.4.18", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-5woody1", "arch": "src", "packageFilename": "kernel-image-2.4.18-i386bf_2.4.18-5woody1.dsc", "packageName": "kernel-image-2.4.18-i386bf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-5woody1", "arch": "i686", "packageFilename": "kernel-headers-2.4.18-bf2.4_2.4.18-5woody1_i386.deb", "packageName": "kernel-headers-2.4.18-bf2.4", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-headers-2.4.18-1-386_2.4.18-8_i386.deb", "packageName": "kernel-headers-2.4.18-1-386", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "3.1.33-6woody1k5woody1", "arch": "i686", "packageFilename": "pcmcia-modules-2.4.18-bf2.4_3.1.33-6woody1k5woody1_i386.deb", "packageName": "pcmcia-modules-2.4.18-bf2.4", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-8_i386.deb", "packageName": "kernel-pcmcia-modules-2.4.18-1-k7", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "src", "packageFilename": "kernel-image-2.4.18-1-i386_2.4.18-8.dsc", "packageName": "kernel-image-2.4.18-1-i386", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-pcmcia-modules-2.4.18-1-686_2.4.18-8_i386.deb", "packageName": "kernel-pcmcia-modules-2.4.18-1-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-5woody1", "arch": "i686", "packageFilename": "kernel-image-2.4.18-bf2.4_2.4.18-5woody1_i386.deb", "packageName": "kernel-image-2.4.18-bf2.4", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-headers-2.4.18-1-686-smp_2.4.18-8_i386.deb", "packageName": "kernel-headers-2.4.18-1-686-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-image-2.4.18-1-k6_2.4.18-8_i386.deb", "packageName": "kernel-image-2.4.18-1-k6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-headers-2.4.18-1-k6_2.4.18-8_i386.deb", "packageName": "kernel-headers-2.4.18-1-k6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-headers-2.4.18-1-586tsc_2.4.18-8_i386.deb", "packageName": "kernel-headers-2.4.18-1-586tsc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-9.diff", "arch": "src", "packageFilename": "kernel-source-2.4.18_2.4.18-9.diff.gz", "packageName": "kernel-source-2.4.18", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-headers-2.4.18-1-686_2.4.18-8_i386.deb", "packageName": "kernel-headers-2.4.18-1-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-image-2.4.18-1-k7_2.4.18-8_i386.deb", "packageName": "kernel-image-2.4.18-1-k7", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-5woody1", "arch": "src", "packageFilename": "kernel-image-2.4.18-i386bf_2.4.18-5woody1.tar.gz", "packageName": "kernel-image-2.4.18-i386bf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-image-2.4.18-1-586tsc_2.4.18-8_i386.deb", "packageName": "kernel-image-2.4.18-1-586tsc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-headers-2.4.18-1-k7_2.4.18-8_i386.deb", "packageName": "kernel-headers-2.4.18-1-k7", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "src", "packageFilename": "kernel-image-2.4.18-1-i386_2.4.18-8.tar.gz", "packageName": "kernel-image-2.4.18-1-i386", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-8_i386.deb", "packageName": "kernel-pcmcia-modules-2.4.18-1-586tsc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-8_i386.deb", "packageName": "kernel-pcmcia-modules-2.4.18-1-686-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-9", "arch": "all", "packageFilename": "kernel-doc-2.4.18_2.4.18-9_all.deb", "packageName": "kernel-doc-2.4.18", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-image-2.4.18-1-386_2.4.18-8_i386.deb", "packageName": "kernel-image-2.4.18-1-386", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-8_i386.deb", "packageName": "kernel-pcmcia-modules-2.4.18-1-k6", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-image-2.4.18-1-686_2.4.18-8_i386.deb", "packageName": "kernel-image-2.4.18-1-686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-image-2.4.18-1-686-smp_2.4.18-8_i386.deb", "packageName": "kernel-image-2.4.18-1-686-smp", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-8", "arch": "i686", "packageFilename": "kernel-headers-2.4.18-1_2.4.18-8_i386.deb", "packageName": "kernel-headers-2.4.18-1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18-9", "arch": "all", "packageFilename": "kernel-source-2.4.18_2.4.18-9_all.deb", "packageName": "kernel-source-2.4.18", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.18.orig", "arch": "src", "packageFilename": "kernel-source-2.4.18_2.4.18.orig.tar.gz", "packageName": "kernel-source-2.4.18", "operator": "lt"}], "description": "A number of vulnerabilities have been discovered in the Linux kernel.\n\nCVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall).\n\nCAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets.\n\nCAN-2003-0127: The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.\n\nCAN-2003-0244: The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain.\n\nCAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\nCAN-2003-0247: Vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service (\"kernel oops\").\n\nCAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.\n\nCAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.\n\nThis advisory covers only the i386 (Intel IA32) architectures. Other architectures will be covered by separate advisories.\n\nFor the stable distribution (woody) on the i386 architecture, these problems have been fixed in kernel-source-2.4.18 version 2.4.18-9, kernel-image-2.4.18-1-i386 version 2.4.18-8, and kernel-image-2.4.18-i386bf version 2.4.18-5woody1.\n\nFor the unstable distribution (sid) these problems are fixed in the 2.4.20 series kernels based on Debian sources.\n\nWe recommend that you update your kernel packages.\n\nIf you are using the kernel installed by the installation system when the \"bf24\" option is selected (for a 2.4.x kernel), you should install the kernel-image-2.4.18-bf2.4 package. If you installed a different kernel-image package after installation, you should install the corresponding 2.4.18-1 kernel. You may use the table below as a guide.\n \n \n | If \"uname -r\" shows: | Install this package:\n | 2.4.18-bf2.4 | kernel-image-2.4.18-bf2.4\n | 2.4.18-386 | kernel-image-2.4.18-1-386\n | 2.4.18-586tsc | kernel-image-2.4.18-1-586tsc\n | 2.4.18-686 | kernel-image-2.4.18-1-686\n | 2.4.18-686-smp | kernel-image-2.4.18-1-686-smp\n | 2.4.18-k6 | kernel-image-2.4.18-1-k6\n | 2.4.18-k7 | kernel-image-2.4.18-1-k7\n \n\nNOTE: that this kernel is not binary compatible with the previous version. For this reason, the kernel has a different version number and will not be installed automatically as part of the normal upgrade process. Any custom modules will need to be rebuilt in order to work with the new kernel. New PCMCIA modules are provided for all of the above kernels.\n\nNOTE: A system reboot will be required immediately after the upgrade in order to replace the running kernel. Remember to read carefully and follow the instructions given during the kernel upgrade process.", "edition": 1, "reporter": "Debian", "published": "2003-06-08T00:00:00", "title": "linux-kernel-2.4.18 -- several vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2003-06-08T00:00:00", "id": "DSA-311", "href": "http://www.debian.org/security/dsa-311", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-02T18:19:42", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.0.20020816-0.woody.2", "packageName": "kernel-patch-2.4.17-s390", "arch": "all", "packageFilename": "kernel-patch-2.4.17-s390_0.0.20020816-0.woody.2_all.deb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-2.woody.3", "packageName": "kernel-image-2.4.17-s390", "arch": "src", "packageFilename": "kernel-image-2.4.17-s390_2.4.17-2.woody.3.dsc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.0.20020816-0.woody.2", "packageName": "kernel-patch-2.4.17-s390", "arch": "src", "packageFilename": "kernel-patch-2.4.17-s390_0.0.20020816-0.woody.2.dsc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-2.woody.3", "packageName": "kernel-headers-2.4.17", "arch": "s390x", "packageFilename": "kernel-headers-2.4.17_2.4.17-2.woody.3_s390.deb", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.0.20020816.orig", "packageName": "kernel-patch-2.4.17-s390", "arch": "src", "packageFilename": "kernel-patch-2.4.17-s390_0.0.20020816.orig.tar.gz", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "0.0.20020816-0.woody.2.diff", "packageName": "kernel-patch-2.4.17-s390", "arch": "src", "packageFilename": "kernel-patch-2.4.17-s390_0.0.20020816-0.woody.2.diff.gz", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-2.woody.3", "packageName": "kernel-image-2.4.17-s390", "arch": "src", "packageFilename": "kernel-image-2.4.17-s390_2.4.17-2.woody.3.tar.gz", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.0", "packageVersion": "2.4.17-2.woody.3", "packageName": "kernel-image-2.4.17-s390", "arch": "s390x", "packageFilename": "kernel-image-2.4.17-s390_2.4.17-2.woody.3_s390.deb", "operator": "lt"}], "edition": 1, "description": "Several security related problems have been fixed in the Linux kernel 2.4.17 used for the S/390 architecture, mostly by backporting fixes from 2.4.18 and incorporating recent security fixes. The corrections are listed below with the identification from the Common Vulnerabilities and Exposures (CVE) project:\n\n * [CVE-2002-0429](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0429>): \n\nThe iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface (lcall).\n\n * [CAN-2003-0001](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0001>): \n\nMultiple ethernet network interface card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.\n\n * [CAN-2003-0244](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0244>): \n\nThe route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain.\n\n * [CAN-2003-0246](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0246>): \n\nThe ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.\n\n * [CAN-2003-0247](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0247>): \n\nA vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service (\"kernel oops\").\n\n * [CAN-2003-0248](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0248>): \n\nThe mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.\n\n * [CAN-2003-0364](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0364>): \n\nThe TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.\n\n * [CAN-2003-0961](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0961>): \n\nAn integer overflow in brk() system call (do_brk() function) for Linux allows a local attacker to gain root privileges. Fixed upstream in Linux 2.4.23.\n\n * [CAN-2003-0985](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985>): \n\nPaul Starzetz [discovered](<http://isec.pl/vulnerabilities/isec-0013-mremap.txt>) a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. Version 2.2 is not affected by this bug. Fixed upstream in Linux 2.4.24.\n\n * [CAN-2004-0077](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0077>): \n\nPaul Starzetz and Wojciech Purczynski of isec.pl [discovered](<http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt>) a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to missing function return value check of internal functions a local attacker can gain root privileges. Fixed upstream in Linux 2.4.25 and 2.6.3.\n\nFor the stable distribution (woody) these problems have been fixed in version 2.4.17-2.woody.3 of s390 images and in version 0.0.20020816-0.woody.2 of the patch packages.\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your Linux kernel packages immediately.\n\n[Vulnerability matrix](<CAN-2004-0077>) for CAN-2004-0077", "reporter": "Debian", "published": "2004-02-19T00:00:00", "title": "linux-kernel-2.4.17-s390 -- several vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2003-0248", "CVE-2003-0961", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0985", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244", "CVE-2004-0077"], "modified": "2004-02-19T00:00:00", "href": "http://www.debian.org/security/dsa-442", "id": "DSA-442", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-24T12:50:13", "references": [], "pluginID": "53625", "description": "The remote host is missing an update to kernel-source-2.2.20, kernel-image-2.2.20-i386\nannounced via advisory DSA 336-1.", "edition": 2, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "Debian Security Advisory DSA 336-1 (kernel-source-2.2.20, kernel-image-2.2.20-i386)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53625", "id": "OPENVAS:53625", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_336_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 336-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been discovered in the Linux kernel.\n\n- - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for\nLinux kernels 2.4.18 and earlier on x86 systems allow local users to\nkill arbitrary processes via a a binary compatibility interface\n(lcall)\n\n- - CVE-2003-0001: Multiple ethernet Network Interface Card (NIC) device\ndrivers do not pad frames with null bytes, which allows remote\nattackers to obtain information from previous packets or kernel\nmemory by using malformed packets\n\n- - CVE-2003-0127: The kernel module loader allows local users to gain\nroot privileges by using ptrace to attach to a child process that is\nspawned by the kernel\n\n- - CVE-2003-0244: The route cache implementation in Linux 2.4, and the\nNetfilter IP conntrack module, allows remote attackers to cause a\ndenial of service (CPU consumption) via packets with forged source\naddresses that cause a large number of hash table collisions related\nto the PREROUTING chain\n\n- - CVE-2003-0246: The ioperm system call in Linux kernel 2.4.20 and\nearlier does not properly restrict privileges, which allows local\nusers to gain read or write access to certain I/O ports.\n\n- - CVE-2003-0247: vulnerability in the TTY layer of the Linux kernel\n2.4 allows attackers to cause a denial of service ('kernel oops')\n\n- - CVE-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers\nto modify CPU state registers via a malformed address.\n\n- - CVE-2003-0364: The TCP/IP fragment reassembly handling in the Linux\nkernel 2.4 allows remote attackers to cause a denial of service (CPU\nconsumption) via certain packets that cause a large number of hash\ntable collisions\n\nThis advisory provides updated 2.2.20 kernel source, and binary kernel\nimages for the i386 architecture. Other architectures and kernel\nversions will be covered by separate advisories.\n\nFor the stable distribution (woody) on the powerpc architecture, these\nproblems have been fixed in kernel-source-2.2.20 version\n2.2.20-5woody2 and kernel-image-i386 version 2.2.20-5woody3.\n\nFor the unstable distribution (sid) these problems are fixed in\nkernel-source-2.2.25 and kernel-image-2.2.25-i386 version 2.2.25-2.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully\nand follow the instructions given during the kernel upgrade process.\n\nNOTE: These kernels are not binary-compatible with the previous\nversion. Any loadable modules will need to be recompiled in order to\nwork with the new kernel.\";\ntag_summary = \"The remote host is missing an update to kernel-source-2.2.20, kernel-image-2.2.20-i386\nannounced via advisory DSA 336-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20336-1\";\n\nif(description)\n{\n script_id(53625);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:36:24 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 336-1 (kernel-source-2.2.20, kernel-image-2.2.20-i386)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.2.20\", ver:\"2.2.20-5woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.2.20\", ver:\"2.2.20-5woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.2.20\", ver:\"2.2.20-5woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.2.20-compact\", ver:\"2.2.20-5woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.2.20-idepci\", ver:\"2.2.20-5woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.2.20\", ver:\"2.2.20-5woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.2.20-compact\", ver:\"2.2.20-5woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.2.20-idepci\", ver:\"2.2.20-5woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:23", "references": [], "pluginID": "53621", "description": "The remote host is missing an update to kernel-source-2.4.17, kernel-patch-2.4.17-mips\nannounced via advisory DSA 332-1.", "edition": 2, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "title": "Debian Security Advisory DSA 332-1 (kernel-source-2.4.17, kernel-patch-2.4.17-mips)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53621", "id": "OPENVAS:53621", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_332_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 332-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been discovered in the Linux kernel.\n\n- - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for\nLinux kernels 2.4.18 and earlier on x86 systems allow local users to\nkill arbitrary processes via a a binary compatibility interface\n(lcall)\n\n- - CVE-2003-0001: Multiple ethernet Network Interface Card (NIC) device\ndrivers do not pad frames with null bytes, which allows remote\nattackers to obtain information from previous packets or kernel\nmemory by using malformed packets\n\n- - CVE-2003-0127: The kernel module loader allows local users to gain\nroot privileges by using ptrace to attach to a child process that is\nspawned by the kernel\n\n- - CVE-2003-0244: The route cache implementation in Linux 2.4, and the\nNetfilter IP conntrack module, allows remote attackers to cause a\ndenial of service (CPU consumption) via packets with forged source\naddresses that cause a large number of hash table collisions related\nto the PREROUTING chain\n\n- - CVE-2003-0246: The ioperm system call in Linux kernel 2.4.20 and\nearlier does not properly restrict privileges, which allows local\nusers to gain read or write access to certain I/O ports.\n\n- - CVE-2003-0247: vulnerability in the TTY layer of the Linux kernel\n2.4 allows attackers to cause a denial of service ('kernel oops')\n\n- - CVE-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers\nto modify CPU state registers via a malformed address.\n\n- - CVE-2003-0364: The TCP/IP fragment reassembly handling in the Linux\nkernel 2.4 allows remote attackers to cause a denial of service (CPU\nconsumption) via certain packets that cause a large number of hash\ntable collisions\n\nThis advisory provides corrected source code for Linux 2.4.17, and\ncorrected binary kernel images for the mips and mipsel architectures.\nOther versions and architectures will be covered by separate\nadvisories.\n\nFor the stable distribution (woody), these problems have been fixed in\nkernel-source-2.4.17 version 2.4.17-1woody1 and\nkernel-patch-2.4.17-mips version 2.4.17-0.020226.2.woody2.\n\nFor the unstable distribution (sid) these problems are fixed in\nkernel-source-2.4.20 version 2.4.20-8.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully\nand follow the instructions given during the kernel upgrade process.\";\ntag_summary = \"The remote host is missing an update to kernel-source-2.4.17, kernel-patch-2.4.17-mips\nannounced via advisory DSA 332-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20332-1\";\n\nif(description)\n{\n script_id(53621);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:36:24 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 332-1 (kernel-source-2.4.17, kernel-patch-2.4.17-mips)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.17-mips\", ver:\"2.4.17-0.020226.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.17\", ver:\"2.4.17-0.020226.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-r4k-ip22\", ver:\"2.4.17-0.020226.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-r5k-ip22\", ver:\"2.4.17-0.020226.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-r3k-kn02\", ver:\"2.4.17-0.020226.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-r4k-kn04\", ver:\"2.4.17-0.020226.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mips-tools\", ver:\"2.4.17-0.020226.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.4.17\", ver:\"2.4.17-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.17\", ver:\"2.4.17-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mkcramfs\", ver:\"2.4.17-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:55", "references": [], "pluginID": "53694", "description": "The remote host is missing an update to kernel\nannounced via advisory DSA 311-1.", "edition": 2, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Debian Security Advisory DSA 311-1 (kernel)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53694", "id": "OPENVAS:53694", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_311_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 311-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been discovered in the Linux kernel.\n\nFor a more detailed description of the problems addressed,\nplease visit the referenced security advisory.\n\nThis advisory covers only the i386 (Intel IA32) architectures. Other\narchitectures will be covered by separate advisories.\n\nFor the stable distribution (woody) on the i386 architecture, these\nproblems have been fixed in kernel-source-2.4.18 version 2.4.18-9,\nkernel-image-2.4.18-1-i386 version 2.4.18-8, and\nkernel-image-2.4.18-i386bf version 2.4.18-5woody1.\n\nFor the unstable distribution (sid) these problems are fixed in the\n2.4.20 series kernels based on Debian sources.\n\nWe recommend that you update your kernel packages.\n\nIf you are using the kernel installed by the installation system when\nthe 'bf24' option is selected (for a 2.4.x kernel), you should install\nthe kernel-image-2.4.18-bf2.4 package. If you installed a different\nkernel-image package after installation, you should install the\ncorresponding 2.4.18-1 kernel. You may use the table below as a\nguide.\n\n* If 'uname -r' shows: * Install this package:\n- ------------------------------------------------------\n* 2.4.18-bf2.4 * kernel-image-2.4.18-bf2.4\n* 2.4.18-386 * kernel-image-2.4.18-1-386\n* 2.4.18-586tsc * kernel-image-2.4.18-1-586tsc\n* 2.4.18-686 * kernel-image-2.4.18-1-686\n* 2.4.18-686-smp * kernel-image-2.4.18-1-686-smp\n* 2.4.18-k6 * kernel-image-2.4.18-1-k6\n* 2.4.18-k7 * kernel-image-2.4.18-1-k7\n\nNOTE: that this kernel is not binary compatible with the previous\nversion. For this reason, the kernel has a different version number\nand will not be installed automatically as part of the normal upgrade\nprocess. Any custom modules will need to be rebuilt in order to work\nwith the new kernel. New PCMCIA modules are provided for all of the\nabove kernels.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully\nand follow the instructions given during the kernel upgrade process.\";\ntag_summary = \"The remote host is missing an update to kernel\nannounced via advisory DSA 311-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20311-1\";\n\nif(description)\n{\n script_id(53694);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:36:24 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 311-1 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-386\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-586tsc\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-686\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-686-smp\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-k6\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-k7\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-386\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-586tsc\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-686\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-686-smp\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-k6\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-k7\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-386\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-586tsc\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-686\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-686-smp\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-k6\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-k7\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-bf2.4\", ver:\"2.4.18-5woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-bf2.4\", ver:\"2.4.18-5woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.4.18\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.18\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.18-bf2.4\", ver:\"3.1.33-6woody1k5woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:03", "references": [], "pluginID": "53601", "description": "The remote host is missing an update to kernel-patch-2.4.18-powerpc\nannounced via advisory DSA 312-1.", "edition": 2, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "Debian Security Advisory DSA 312-1 (kernel-patch-2.4.18-powerpc)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0127", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53601", "id": "OPENVAS:53601", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_312_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 312-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been discovered in the Linux kernel.\n\n- - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for\nLinux kernels 2.4.18 and earlier on x86 systems allow local users to\nkill arbitrary processes via a a binary compatibility interface\n(lcall)\n\n- - CVE-2003-0001: Multiple ethernet Network Interface Card (NIC) device\ndrivers do not pad frames with null bytes, which allows remote\nattackers to obtain information from previous packets or kernel\nmemory by using malformed packets\n\n- - CVE-2003-0127: The kernel module loader allows local users to gain\nroot privileges by using ptrace to attach to a child process that is\nspawned by the kernel\n\n- - CVE-2003-0244: The route cache implementation in Linux 2.4, and the\nNetfilter IP conntrack module, allows remote attackers to cause a\ndenial of service (CPU consumption) via packets with forged source\naddresses that cause a large number of hash table collisions related\nto the PREROUTING chain\n\n- - CVE-2003-0246: The ioperm system call in Linux kernel 2.4.20 and\nearlier does not properly restrict privileges, which allows local\nusers to gain read or write access to certain I/O ports.\n\n- - CVE-2003-0247: vulnerability in the TTY layer of the Linux kernel\n2.4 allows attackers to cause a denial of service ('kernel oops')\n\n- - CVE-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers\nto modify CPU state registers via a malformed address.\n\n- - CVE-2003-0364: The TCP/IP fragment reassembly handling in the Linux\nkernel 2.4 allows remote attackers to cause a denial of service (CPU\nconsumption) via certain packets that cause a large number of hash\ntable collisions\n\nThis advisory covers only the powerpc architecture. Other\narchitectures will be covered by separate advisories.\n\nFor the stable distribution (woody) on the powerpc architecture, these\nproblems have been fixed in version 2.4.18-1woody1.\n\nFor the unstable distribution (sid) these problems are fixed in\nversion 2.4.20-2.\n\nWe recommend that you update your kernel packages.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully\nand follow the instructions given during the kernel upgrade process.\";\ntag_summary = \"The remote host is missing an update to kernel-patch-2.4.18-powerpc\nannounced via advisory DSA 312-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20312-1\";\n\nif(description)\n{\n script_id(53601);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:36:24 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2002-0429\", \"CVE-2003-0001\", \"CVE-2003-0127\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 312-1 (kernel-patch-2.4.18-powerpc)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.18-powerpc\", ver:\"2.4.18-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18\", ver:\"2.4.18-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-newpmac\", ver:\"2.4.18-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-powerpc\", ver:\"2.4.18-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-powerpc-smp\", ver:\"2.4.18-1woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:22", "references": [], "pluginID": "53142", "description": "The remote host is missing an update to kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390\nannounced via advisory DSA 442-1.", "edition": 2, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Debian Security Advisory DSA 442-1 (kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0248", "CVE-2003-0961", "CVE-2003-0247", "CVE-2002-0429", "CVE-2003-0985", "CVE-2003-0364", "CVE-2003-0001", "CVE-2003-0246", "CVE-2003-0244", "CVE-2004-0077"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53142", "id": "OPENVAS:53142", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_442_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 442-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several security related problems have been fixed in the Linux kernel\n2.4.17 used for the S/390 architecture, mostly by backporting fixes\nfrom 2.4.18 and incorporating recent security fixes. \n\nFor a more detailed description of the problems addressed,\nplease visit the referenced security advisory.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 2.4.17-2.woody.3 of s390 images and in version\n0.0.20020816-0.woody.2 of the patch packages.\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your Linux kernel packages immediately.\";\ntag_summary = \"The remote host is missing an update to kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390\nannounced via advisory DSA 442-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20442-1\";\n\nif(description)\n{\n script_id(53142);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:41:51 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2003-0001\", \"CVE-2003-0244\", \"CVE-2003-0246\", \"CVE-2003-0247\", \"CVE-2003-0248\", \"CVE-2003-0364\", \"CVE-2003-0961\", \"CVE-2003-0985\", \"CVE-2004-0077\", \"CVE-2002-0429\", \"CVE-2002-0429\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 442-1 (kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.17-s390\", ver:\"0.0.20020816-0.woody.2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.17\", ver:\"2.4.17-2.woody.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-s390\", ver:\"2.4.17-2.woody.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
