ID CVE-2004-0814 Type cve Reporter cve@mitre.org Modified 2017-10-11T01:29:00
Description
Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch.
{"osvdb": [{"lastseen": "2017-04-28T13:20:06", "bulletinFamily": "software", "description": "## Vulnerability Description\nThe Linux kernel's PPP subsystem contains a flaw that may allow a malicious user to crash a remote host. This is due to a race condition in the PPP system -- if an attacker connects via PPP and then issues the command to switch from console to terminal mode and then sends data at precisely the right moment so that it arrives as the line is making the disclipline switch, the condition will be triggered. It is likely that the flaw will cause an operating system lock, resulting in a loss of availability.\n## Solution Description\nUpgrade to version 2.6.9 or higher for 2.6 series kernels, and apply the latest patches for 2.4 series kernels, as these upgrades have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nThe Linux kernel's PPP subsystem contains a flaw that may allow a malicious user to crash a remote host. This is due to a race condition in the PPP system -- if an attacker connects via PPP and then issues the command to switch from console to terminal mode and then sends data at precisely the right moment so that it arrives as the line is making the disclipline switch, the condition will be triggered. It is likely that the flaw will cause an operating system lock, resulting in a loss of availability.\n## References:\nVendor URL: http://www.kernel.org/\n[Vendor Specific Advisory URL](http://support.avaya.com/elmodocs2/security/ASA-2005-120_RHSA-2005-283_RHSA-2005-284_RHSA-2005-293_RHSA-2005-472.pdf)\n[Secunia Advisory ID:12951](https://secuniaresearch.flexerasoftware.com/advisories/12951/)\n[Secunia Advisory ID:15092](https://secuniaresearch.flexerasoftware.com/advisories/15092/)\n[Secunia Advisory ID:14002](https://secuniaresearch.flexerasoftware.com/advisories/14002/)\n[Secunia Advisory ID:14710](https://secuniaresearch.flexerasoftware.com/advisories/14710/)\n[Related OSVDB ID: 11044](https://vulners.com/osvdb/OSVDB:11044)\nRedHat RHSA: RHSA-2005:293\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:022\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2005_18_kernel.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-10/0212.html\nISS X-Force ID: 17817\n[CVE-2004-0814](https://vulners.com/cve/CVE-2004-0814)\n", "modified": "2004-10-20T17:43:02", "published": "2004-10-20T17:43:02", "id": "OSVDB:11045", "href": "https://vulners.com/osvdb/OSVDB:11045", "title": "Linux Kernel PPP/Terminal Subsystem Denial of Service", "type": "osvdb", "cvss": {"score": 1.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:06", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor URL: http://www.kernel.org/\n[Vendor Specific Advisory URL](http://support.avaya.com/elmodocs2/security/ASA-2005-120_RHSA-2005-283_RHSA-2005-284_RHSA-2005-293_RHSA-2005-472.pdf)\n[Secunia Advisory ID:12951](https://secuniaresearch.flexerasoftware.com/advisories/12951/)\n[Secunia Advisory ID:15092](https://secuniaresearch.flexerasoftware.com/advisories/15092/)\n[Secunia Advisory ID:14002](https://secuniaresearch.flexerasoftware.com/advisories/14002/)\n[Secunia Advisory ID:14710](https://secuniaresearch.flexerasoftware.com/advisories/14710/)\n[Related OSVDB ID: 11045](https://vulners.com/osvdb/OSVDB:11045)\nRedHat RHSA: RHSA-2005:293\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:022\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2005_18_kernel.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-10/0212.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-10/0264.html\n[CVE-2004-0814](https://vulners.com/cve/CVE-2004-0814)\n", "modified": "2004-10-20T15:48:02", "published": "2004-10-20T15:48:02", "href": "https://vulners.com/osvdb/OSVDB:11044", "id": "OSVDB:11044", "title": "Linux Kernel Terminal Subsystem TIOCSETLD Call Memory Disclosure", "type": "osvdb", "cvss": {"score": 1.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2020-08-10T09:41:24", "bulletinFamily": "unix", "description": "CAN-2004-0814:\n\nVitaly V. Bursov discovered a Denial of Service vulnerability in the \"serio\" \ncode; opening the same tty device twice and doing some particular operations on \nit caused a kernel panic and/or a system lockup.\n\nFixing this vulnerability required a change in the Application Binary \nInterface (ABI) of the kernel. This means that third party user installed \nmodules might not work any more with the new kernel, so this fixed kernel got \na new ABI version number. You have to recompile and reinstall all third party \nmodules.\n\nCAN-2004-1016:\n\nPaul Starzetz discovered a buffer overflow vulnerability in the \"__scm_send\" \nfunction which handles the sending of UDP network packets. A wrong validity \ncheck of the cmsghdr structure allowed a local attacker to modify kernel \nmemory, thus causing an endless loop (Denial of Service) or possibly even \nroot privilege escalation.\n\nCAN-2004-1056:\n\nThomas Hellstr\u00f6m discovered a Denial of Service vulnerability in the Direct \nRendering Manager (DRM) drivers. Due to an insufficient DMA lock checking, \nany authorized client could send arbitrary values to the video card, which \ncould cause an X server crash or modification of the video output.\n\nCAN-2004-1058:\n\nRob Landley discovered a race condition in the handling of /proc/.../cmdline. \nUnder very rare circumstances an user could read the environment variables of \nanother process that was still spawning. Environment variables are often used \nto pass passwords and other private information to other processes.\n\nCAN-2004-1068:\n\nA race condition was discovered in the handling of AF_UNIX network packets. \nThis reportedly allowed local users to modify arbitrary kernel memory, \nfacilitating privilege escalation, or possibly allowing code execution in the \ncontext of the kernel.\n\nCAN-2004-1069:\n\nRoss Kendall Axe discovered a possible kernel panic (causing a Denial of \nService) while sending AF_UNIX network packages if the kernel options \nCONFIG_SECURITY_NETWORK and CONFIG_SECURITY_SELINUX are enabled. This is not \nthe case in the kernel packages shipped in Warty Warthog; however, if you \nrecompiled the kernel using SELinux, you are affected by this flaw.\n\nCAN-2004-1137:\n\nPaul Starzetz discovered several flaws in the IGMP handling code. This \nallowed users to provoke a Denial of Service, read kernel memory, and execute \narbitrary code with root privileges. This flaw is also exploitable remotely \nif an application has bound a multicast socket.\n\nCAN-2004-1151:\n\nJeremy Fitzhardinge discovered two buffer overflows in the sys32_ni_syscall() \nand sys32_vm86_warning() functions. This could possibly be exploited to \noverwrite kernel memory with attacker-supplied code and cause root privilege \nescalation.\n\nThis vulnerability only affects the amd64 architecture.", "modified": "2004-12-15T00:00:00", "published": "2004-12-15T00:00:00", "id": "USN-38-1", "href": "https://ubuntu.com/security/notices/USN-38-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2020-08-01T05:33:30", "bulletinFamily": "scanner", "description": "CAN-2004-0814 :\n\nVitaly V. Bursov discovered a Denial of Service vulnerability in the\n", "modified": "2020-08-02T00:00:00", "id": "UBUNTU_USN-38-1.NASL", "href": "https://www.tenable.com/plugins/nessus/20654", "published": "2006-01-15T00:00:00", "title": "Ubuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-38-1)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-38-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(20654);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/08/02 13:33:00\");\n\n script_cve_id(\"CVE-2004-0814\", \"CVE-2004-1016\", \"CVE-2004-1056\", \"CVE-2004-1058\", \"CVE-2004-1068\", \"CVE-2004-1069\", \"CVE-2004-1137\", \"CVE-2004-1151\");\n script_xref(name:\"USN\", value:\"38-1\");\n\n script_name(english:\"Ubuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-38-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CAN-2004-0814 :\n\nVitaly V. Bursov discovered a Denial of Service vulnerability in the\n'serio' code; opening the same tty device twice and doing some\nparticular operations on it caused a kernel panic and/or a system\nlockup. \n\nFixing this vulnerability required a change in the\nApplication Binary Interface (ABI) of the kernel. This means\nthat third-party user installed modules might not work any\nmore with the new kernel, so this fixed kernel got a new ABI\nversion number. You have to recompile and reinstall all\nthird-party modules.\n\nCAN-2004-1016 :\n\nPaul Starzetz discovered a buffer overflow vulnerability in the\n'__scm_send' function which handles the sending of UDP network\npackets. A wrong validity check of the cmsghdr structure allowed a\nlocal attacker to modify kernel memory, thus causing an endless loop\n(Denial of Service) or possibly even root privilege escalation.\n\nCAN-2004-1056 :\n\nThomas Hellstrom discovered a Denial of Service vulnerability in the\nDirect Rendering Manager (DRM) drivers. Due to an insufficient DMA\nlock checking, any authorized client could send arbitrary values to\nthe video card, which could cause an X server crash or modification of\nthe video output.\n\nCAN-2004-1058 :\n\nRob Landley discovered a race condition in the handling of\n/proc/.../cmdline. Under very rare circumstances an user could read\nthe environment variables of another process that was still spawning.\nEnvironment variables are often used to pass passwords and other\nprivate information to other processes.\n\nCAN-2004-1068 :\n\nA race condition was discovered in the handling of AF_UNIX network\npackets. This reportedly allowed local users to modify arbitrary\nkernel memory, facilitating privilege escalation, or possibly allowing\ncode execution in the context of the kernel.\n\nCAN-2004-1069 :\n\nRoss Kendall Axe discovered a possible kernel panic (causing a Denial\nof Service) while sending AF_UNIX network packages if the kernel\noptions CONFIG_SECURITY_NETWORK and CONFIG_SECURITY_SELINUX are\nenabled. This is not the case in the kernel packages shipped in Warty\nWarthog; however, if you recompiled the kernel using SELinux, you are\naffected by this flaw.\n\nCAN-2004-1137 :\n\nPaul Starzetz discovered several flaws in the IGMP handling code. This\nallowed users to provoke a Denial of Service, read kernel memory, and\nexecute arbitrary code with root privileges. This flaw is also\nexploitable remotely if an application has bound a multicast socket.\n\nCAN-2004-1151 :\n\nJeremy Fitzhardinge discovered two buffer overflows in the\nsys32_ni_syscall() and sys32_vm86_warning() functions. This could\npossibly be exploited to overwrite kernel memory with\nattacker-supplied code and cause root privilege escalation. \n\nThis vulnerability only affects the amd64 architecture.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-control\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-driver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-driver-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-686-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4-686-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4-amd64-k8-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.8.1-4-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.8.1-4-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.8.1-4-686-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.8.1-4-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.8.1-4-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.8.1-4-amd64-k8-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.8.1-4-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-686-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-k8-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-patch-debian-2.6.8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6.8.1-4-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6.8.1-4-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6.8.1-4-686-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6.8.1-4-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6.8.1-4-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6.8.1-4-amd64-k8-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6.8.1-4-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-686-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-k8-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tree-2.6.8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2004-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"fglrx-control\", pkgver:\"2.6.8.1.3-5\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"fglrx-driver\", pkgver:\"2.6.8.1.3-5\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"fglrx-driver-dev\", pkgver:\"2.6.8.1.3-5\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-386\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-686\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-686-smp\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-amd64-generic\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-amd64-k8\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-amd64-k8-smp\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-amd64-xeon\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-doc\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-doc-2.6.8.1\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6-386\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6-686\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6-686-smp\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6-amd64-generic\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6-amd64-k8\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6-amd64-k8-smp\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6-amd64-xeon\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6.8.1-4\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6.8.1-4-386\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6.8.1-4-686\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6.8.1-4-686-smp\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6.8.1-4-amd64-generic\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6.8.1-4-amd64-k8\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6.8.1-4-amd64-k8-smp\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-headers-2.6.8.1-4-amd64-xeon\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-2.6-386\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-2.6-686\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-2.6-686-smp\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-2.6-amd64-generic\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-2.6-amd64-k8\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-2.6-amd64-k8-smp\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-2.6-amd64-xeon\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-2.6.8.1-4-386\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-2.6.8.1-4-686\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-2.6.8.1-4-686-smp\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-2.6.8.1-4-amd64-generic\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-2.6.8.1-4-amd64-k8\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-2.6.8.1-4-amd64-k8-smp\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-2.6.8.1-4-amd64-xeon\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-386\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-686\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-686-smp\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-amd64-generic\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-amd64-k8\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-amd64-k8-smp\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-image-amd64-xeon\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-patch-debian-2.6.8.1\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-2.6-386\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-2.6-686\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-2.6-686-smp\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-2.6-amd64-generic\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-2.6-amd64-k8\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-2.6-amd64-k8-smp\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-2.6-amd64-xeon\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-2.6.8.1-4-386\", pkgver:\"2.6.8.1.3-5\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-2.6.8.1-4-686\", pkgver:\"2.6.8.1.3-5\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-2.6.8.1-4-686-smp\", pkgver:\"2.6.8.1.3-5\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-2.6.8.1-4-amd64-generic\", pkgver:\"2.6.8.1.3-5\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-2.6.8.1-4-amd64-k8\", pkgver:\"2.6.8.1.3-5\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-2.6.8.1-4-amd64-k8-smp\", pkgver:\"2.6.8.1.3-5\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-2.6.8.1-4-amd64-xeon\", pkgver:\"2.6.8.1.3-5\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-386\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-686\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-686-smp\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-amd64-generic\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-amd64-k8\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-amd64-k8-smp\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-restricted-modules-amd64-xeon\", pkgver:\"2.6.8.1-14\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-source-2.6.8.1\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"linux-tree-2.6.8.1\", pkgver:\"2.6.8.1-16.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"nvidia-glx\", pkgver:\"1.0.6111-1ubuntu8\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"nvidia-glx-dev\", pkgver:\"1.0.6111-1ubuntu8\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"nvidia-kernel-source\", pkgver:\"1.0.6111-1ubuntu8\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"fglrx-control / fglrx-driver / fglrx-driver-dev / linux-386 / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-01T05:00:29", "bulletinFamily": "scanner", "description": "The remote host is missing the patch for the advisory SUSE-SA:2005:018 (kernel).\n\n\nThe Linux kernel is the core component of the Linux system.\n\nSeveral vulnerabilities were reported in the last few weeks which\nare fixed by this update.", "modified": "2020-08-02T00:00:00", "id": "SUSE_SA_2005_018.NASL", "href": "https://www.tenable.com/plugins/nessus/17617", "published": "2005-03-25T00:00:00", "title": "SUSE-SA:2005:018: kernel", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2005:018\n#\n\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(17617);\n script_version (\"1.12\");\n script_cve_id(\"CVE-2004-0814\", \"CVE-2004-1333\", \"CVE-2005-0003\", \"CVE-2005-0209\", \"CVE-2005-0210\", \"CVE-2005-0384\", \"CVE-2005-0449\", \"CVE-2005-0504\", \"CVE-2005-0529\", \"CVE-2005-0530\", \"CVE-2005-0532\");\n \n name[\"english\"] = \"SUSE-SA:2005:018: kernel\";\n \n script_name(english:name[\"english\"]);\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a vendor-supplied security patch\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing the patch for the advisory SUSE-SA:2005:018 (kernel).\n\n\nThe Linux kernel is the core component of the Linux system.\n\nSeveral vulnerabilities were reported in the last few weeks which\nare fixed by this update.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"http://www.suse.de/security/advisories/2005_18_kernel.html\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 119, 399);\n\n\n\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/03/25\");\n script_cvs_date(\"Date: 2019/10/25 13:36:28\");\n script_end_attributes();\n\n \n summary[\"english\"] = \"Check for the version of the kernel package\";\n script_summary(english:summary[\"english\"]);\n \n script_category(ACT_GATHER_INFO);\n \n script_copyright(english:\"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.\");\n family[\"english\"] = \"SuSE Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/SuSE/rpm-list\");\n exit(0);\n}\n\ninclude(\"rpm.inc\");\nif ( rpm_check( reference:\"k_athlon-2.4.20-131\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_deflt-2.4.20-131\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_psmp-2.4.20-131\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_smp-2.4.20-131\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-source-2.4.20.SuSE-131\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"Intel-536ep-4.62-23\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"Intel-v92ham-4.53-23\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_athlon-2.4.21-280\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_deflt-2.4.21-280\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_smp-2.4.21-280\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_smp4G-2.4.21-280\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_um-2.4.21-280\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-source-2.4.21-280\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"ltmodem-8.26a-212\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-bigsmp-2.6.5-7.151\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-default-2.6.5-7.151\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-smp-2.6.5-7.151\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-source-2.6.5-7.151\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-syms-2.6.5-7.151\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"ltmodem-2.6.2-38.14\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-docs-2.6.5-7.151\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"Intel-536ep-4.69-5.6\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-bigsmp-2.6.8-24.13\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-bigsmp-nongpl-2.6.8-24.13\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-default-2.6.8-24.13\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-default-nongpl-2.6.8-24.13\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-smp-2.6.8-24.13\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-smp-nongpl-2.6.8-24.13\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-source-2.6.8-24.13\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-syms-2.6.8-24.13\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-um-2.6.8-24.13\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-um-nongpl-2.6.8-24.13\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"ltmodem-8.31a8-6.6\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"um-host-install-initrd-1.0-48.6\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"um-host-kernel-2.6.8-24.13\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-docs-2.6.8-24.13\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif (rpm_exists(rpm:\"kernel-\", release:\"SUSE8.2\")\n || rpm_exists(rpm:\"kernel-\", release:\"SUSE9.0\")\n || rpm_exists(rpm:\"kernel-\", release:\"SUSE9.1\")\n || rpm_exists(rpm:\"kernel-\", release:\"SUSE9.2\") )\n{\n set_kb_item(name:\"CVE-2004-0814\", value:TRUE);\n set_kb_item(name:\"CVE-2004-1333\", value:TRUE);\n set_kb_item(name:\"CVE-2005-0003\", value:TRUE);\n set_kb_item(name:\"CVE-2005-0209\", value:TRUE);\n set_kb_item(name:\"CVE-2005-0210\", value:TRUE);\n set_kb_item(name:\"CVE-2005-0384\", value:TRUE);\n set_kb_item(name:\"CVE-2005-0449\", value:TRUE);\n set_kb_item(name:\"CVE-2005-0504\", value:TRUE);\n set_kb_item(name:\"CVE-2005-0529\", value:TRUE);\n set_kb_item(name:\"CVE-2005-0530\", value:TRUE);\n set_kb_item(name:\"CVE-2005-0532\", value:TRUE);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-08-01T03:22:44", "bulletinFamily": "scanner", "description": "A number of vulnerabilities are fixed in the 2.4 and 2.6 kernels with\nthis advisory :\n\n - Multiple race conditions in the terminal layer of 2.4\n and 2.6 kernels (prior to 2.6.9) can allow a local\n attacker to obtain portions of kernel data or allow\n remote attackers to cause a kernel panic by switching\n from console to PPP line discipline, then quickly\n sending data that is received during the switch\n (CVE-2004-0814)\n\n - Richard Hart found an integer underflow problem in the\n iptables firewall logging rules that can allow a remote\n attacker to crash the machine by using a specially\n crafted IP packet. This is only possible, however, if\n firewalling is enabled. The problem only affects 2.6\n kernels and was fixed upstream in 2.6.8 (CVE-2004-0816)\n\n - Stefan Esser found several remote DoS confitions in the\n smbfs file system. This could be exploited by a hostile\n SMB server (or an attacker injecting packets into the\n network) to crash the client systems (CVE-2004-0883 and\n CVE-2004-0949)\n\n - Paul Starzetz and Georgi Guninski reported,\n independently, that bad argument handling and bad\n integer arithmetics in the IPv4 sendmsg handling of\n control messages could lead to a local attacker crashing\n the machine. The fixes were done by Herbert Xu\n (CVE-2004-1016)\n\n - Rob Landley discovered a race condition in the handling\n of /proc/.../cmdline where, under rare circumstances, a\n user could read the environment variables of another\n process that was still spawning leading to the potential\n disclosure of sensitive information such as passwords\n (CVE-2004-1058)\n\n - Paul Starzetz reported that the missing serialization in\n unix_dgram_recvmsg() which was added to kernel 2.4.28\n can be used by a local attacker to gain elevated (root)\n privileges (CVE-2004-1068)\n\n - Ross Kendall Axe discovered a possible kernel panic\n (DoS) while sending AF_UNIX network packets if certain\n SELinux-related kernel options were enabled. By default\n the CONFIG_SECURITY_NETWORK and CONFIG_SECURITY_SELINUX\n options are not enabled (CVE-2004-1069)\n\n - Paul Starzetz of isec.pl discovered several issues with\n the error handling of the ELF loader routines in the\n kernel. The fixes were provided by Chris Wright\n (CVE-2004-1070, CVE-2004-1071, CVE-2004-1072,\n CVE-2004-1073)\n\n - It was discovered that hand-crafted a.out binaries could\n be used to trigger a local DoS condition in both the 2.4\n and 2.6 kernels. The fixes were done by Chris Wright\n (CVE-2004-1074)\n\n - Paul Starzetz found bad handling in the IGMP code which\n could lead to a local attacker being able to crash the\n machine. The fix was done by Chris Wright\n (CVE-2004-1137)\n\n - Jeremy Fitzhardinge discovered two buffer overflows in\n the sys32_ni_syscall() and sys32_vm86_warning()\n functions that could be used to overwrite kernel memory\n with attacker-supplied code resulting in privilege\n escalation (CVE-2004-1151)\n\n - Paul Starzetz found locally exploitable flaws in the\n binary format loader", "modified": "2020-08-02T00:00:00", "id": "MANDRAKE_MDKSA-2005-022.NASL", "href": "https://www.tenable.com/plugins/nessus/16259", "published": "2005-01-26T00:00:00", "title": "Mandrake Linux Security Advisory : kernel (MDKSA-2005:022)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2005:022. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(16259);\n script_version (\"1.20\");\n script_cvs_date(\"Date: 2019/08/02 13:32:47\");\n\n script_cve_id(\"CVE-2004-0814\", \"CVE-2004-0816\", \"CVE-2004-0883\", \"CVE-2004-0949\", \"CVE-2004-1016\", \"CVE-2004-1057\", \"CVE-2004-1058\", \"CVE-2004-1068\", \"CVE-2004-1069\", \"CVE-2004-1070\", \"CVE-2004-1071\", \"CVE-2004-1072\", \"CVE-2004-1073\", \"CVE-2004-1074\", \"CVE-2004-1137\", \"CVE-2004-1151\", \"CVE-2004-1191\", \"CVE-2004-1235\", \"CVE-2005-0001\", \"CVE-2005-0003\");\n script_xref(name:\"MDKSA\", value:\"2005:022\");\n\n script_name(english:\"Mandrake Linux Security Advisory : kernel (MDKSA-2005:022)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of vulnerabilities are fixed in the 2.4 and 2.6 kernels with\nthis advisory :\n\n - Multiple race conditions in the terminal layer of 2.4\n and 2.6 kernels (prior to 2.6.9) can allow a local\n attacker to obtain portions of kernel data or allow\n remote attackers to cause a kernel panic by switching\n from console to PPP line discipline, then quickly\n sending data that is received during the switch\n (CVE-2004-0814)\n\n - Richard Hart found an integer underflow problem in the\n iptables firewall logging rules that can allow a remote\n attacker to crash the machine by using a specially\n crafted IP packet. This is only possible, however, if\n firewalling is enabled. The problem only affects 2.6\n kernels and was fixed upstream in 2.6.8 (CVE-2004-0816)\n\n - Stefan Esser found several remote DoS confitions in the\n smbfs file system. This could be exploited by a hostile\n SMB server (or an attacker injecting packets into the\n network) to crash the client systems (CVE-2004-0883 and\n CVE-2004-0949)\n\n - Paul Starzetz and Georgi Guninski reported,\n independently, that bad argument handling and bad\n integer arithmetics in the IPv4 sendmsg handling of\n control messages could lead to a local attacker crashing\n the machine. The fixes were done by Herbert Xu\n (CVE-2004-1016)\n\n - Rob Landley discovered a race condition in the handling\n of /proc/.../cmdline where, under rare circumstances, a\n user could read the environment variables of another\n process that was still spawning leading to the potential\n disclosure of sensitive information such as passwords\n (CVE-2004-1058)\n\n - Paul Starzetz reported that the missing serialization in\n unix_dgram_recvmsg() which was added to kernel 2.4.28\n can be used by a local attacker to gain elevated (root)\n privileges (CVE-2004-1068)\n\n - Ross Kendall Axe discovered a possible kernel panic\n (DoS) while sending AF_UNIX network packets if certain\n SELinux-related kernel options were enabled. By default\n the CONFIG_SECURITY_NETWORK and CONFIG_SECURITY_SELINUX\n options are not enabled (CVE-2004-1069)\n\n - Paul Starzetz of isec.pl discovered several issues with\n the error handling of the ELF loader routines in the\n kernel. The fixes were provided by Chris Wright\n (CVE-2004-1070, CVE-2004-1071, CVE-2004-1072,\n CVE-2004-1073)\n\n - It was discovered that hand-crafted a.out binaries could\n be used to trigger a local DoS condition in both the 2.4\n and 2.6 kernels. The fixes were done by Chris Wright\n (CVE-2004-1074)\n\n - Paul Starzetz found bad handling in the IGMP code which\n could lead to a local attacker being able to crash the\n machine. The fix was done by Chris Wright\n (CVE-2004-1137)\n\n - Jeremy Fitzhardinge discovered two buffer overflows in\n the sys32_ni_syscall() and sys32_vm86_warning()\n functions that could be used to overwrite kernel memory\n with attacker-supplied code resulting in privilege\n escalation (CVE-2004-1151)\n\n - Paul Starzetz found locally exploitable flaws in the\n binary format loader's uselib() function that could be\n abused to allow a local user to obtain root privileges\n (CVE-2004-1235)\n\n - Paul Starzetz found an exploitable flaw in the page\n fault handler when running on SMP machines\n (CVE-2005-0001)\n\n - A vulnerability in insert_vm_struct could allow a locla\n user to trigger BUG() when the user created a large vma\n that overlapped with arg pages during exec\n (CVE-2005-0003)\n\n - Paul Starzetz also found a number of vulnerabilities in\n the kernel binfmt_elf loader that could lead a local\n user to obtain elevated (root) privileges\n (isec-0017-binfmt_elf)\n\nThe provided packages are patched to fix these vulnerabilities. All\nusers are encouraged to upgrade to these updated kernels.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandrakesoft.com/security/kernelupdate\n\nPLEASE NOTE: Mandrakelinux 10.0 users will need to upgrade to the\nlatest module-init-tools package prior to upgrading their kernel.\nLikewise, MNF8.2 users will need to upgrade to the latest modutils\npackage prior to upgrading their kernel.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://isec.pl/en/vulnerabilities/isec-0017-binfmt_elf.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.isec.pl/vulnerabilities/isec-0022-pagefault.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.ussg.iu.edu/hypermail/linux/kernel/0411.1/1222.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.4.22.41mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.4.25.13mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.4.28.0.rc1.5mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.3.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.8.1.24mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.22.41mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.25.13mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.28.0.rc1.5mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-enterprise-2.6.3.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-enterprise-2.6.8.1.24mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-i586-up-1GB-2.4.28.0.rc1.5mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-i586-up-1GB-2.6.8.1.24mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-i686-up-4GB-2.4.22.41mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-i686-up-4GB-2.4.25.13mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-i686-up-4GB-2.6.3.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-i686-up-64GB-2.6.8.1.24mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-p3-smp-64GB-2.4.22.41mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-p3-smp-64GB-2.4.25.13mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-p3-smp-64GB-2.6.3.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-secure-2.4.22.41mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-secure-2.6.3.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-secure-2.6.8.1.24mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-smp-2.4.22.41mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-smp-2.4.25.13mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-smp-2.4.28.0.rc1.5mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-smp-2.6.3.25mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-smp-2.6.8.1.24mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-stripped\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-stripped-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:module-init-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/01/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", reference:\"kernel-2.4.25.13mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kernel-2.6.3.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"kernel-enterprise-2.4.25.13mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"kernel-enterprise-2.6.3.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"kernel-i686-up-4GB-2.4.25.13mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"kernel-i686-up-4GB-2.6.3.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"kernel-p3-smp-64GB-2.4.25.13mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"kernel-p3-smp-64GB-2.6.3.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kernel-secure-2.6.3.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kernel-smp-2.4.25.13mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kernel-smp-2.6.3.25mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kernel-source-2.4.25-13mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kernel-source-stripped-2.6.3-25mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"module-init-tools-3.0-1.2.1.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.1\", reference:\"kernel-2.4.28.0.rc1.5mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kernel-2.6.8.1.24mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"kernel-enterprise-2.4.28.0.rc1.5mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"kernel-enterprise-2.6.8.1.24mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"kernel-i586-up-1GB-2.4.28.0.rc1.5mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"kernel-i586-up-1GB-2.6.8.1.24mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"kernel-i686-up-64GB-2.6.8.1.24mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kernel-secure-2.6.8.1.24mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kernel-smp-2.4.28.0.rc1.5mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kernel-smp-2.6.8.1.24mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kernel-source-2.4-2.4.28-0.rc1.5mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kernel-source-2.6-2.6.8.1-24mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kernel-source-stripped-2.6-2.6.8.1-24mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.2\", reference:\"kernel-2.4.22.41mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"kernel-enterprise-2.4.22.41mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"kernel-i686-up-4GB-2.4.22.41mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"kernel-p3-smp-64GB-2.4.22.41mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kernel-secure-2.4.22.41mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kernel-smp-2.4.22.41mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kernel-source-2.4.22-41mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-01T01:06:40", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix several security issues in the Red\nHat Enterprise Linux 3 kernel are now available.\n\nThis security advisory has been rated as having important security\nimpact by the Red Hat Security Response Team.\n\nThe Linux kernel handles the basic functions of the operating system.\n\nThe following security issues were fixed :\n\nThe Vicam USB driver did not use the copy_from_user function to access\nuserspace, crossing security boundaries. (CVE-2004-0075)\n\nThe ext3 and jfs code did not properly initialize journal descriptor\nblocks. A privileged local user could read portions of kernel memory.\n(CVE-2004-0177)\n\nThe terminal layer did not properly lock line discipline changes or\npending IO. An unprivileged local user could read portions of kernel\nmemory, or cause a denial of service (system crash). (CVE-2004-0814)\n\nA race condition was discovered. Local users could use this flaw to\nread the environment variables of another process that is still\nspawning via /proc/.../cmdline. (CVE-2004-1058)\n\nA flaw in the execve() syscall handling was discovered, allowing a\nlocal user to read setuid ELF binaries that should otherwise be\nprotected by standard permissions. (CVE-2004-1073). Red Hat originally\nreported this as being fixed by RHSA-2004:549, but the associated fix\nwas missing from that update.\n\nKeith Owens reported a flaw in the Itanium unw_unwind_to_user()\nfunction. A local user could use this flaw to cause a denial of\nservice (system crash) on the Itanium architecture. (CVE-2005-0135)\n\nA missing Itanium syscall table entry could allow an unprivileged\nlocal user to cause a denial of service (system crash) on the Itanium\narchitecture. (CVE-2005-0137)\n\nA flaw affecting the OUTS instruction on the AMD64 and Intel EM64T\narchitectures was discovered. A local user could use this flaw to\naccess privileged IO ports. (CVE-2005-0204)\n\nA flaw was discovered in the Linux PPP driver. On systems allowing\nremote users to connect to a server using ppp, a remote client could\ncause a denial of service (system crash). (CVE-2005-0384)\n\nA flaw in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3\nwas discovered that left a pointer to a freed tty structure. A local\nuser could potentially use this flaw to cause a denial of service\n(system crash) or possibly gain read or write access to ttys that\nshould normally be prevented. (CVE-2005-0403)\n\nA flaw in fragment queuing was discovered affecting the netfilter\nsubsystem. On systems configured to filter or process network packets\n(for example those configured to do firewalling), a remote attacker\ncould send a carefully crafted set of fragmented packets to a machine\nand cause a denial of service (system crash). In order to sucessfully\nexploit this flaw, the attacker would need to know (or guess) some\naspects of the firewall ruleset in place on the target system to be\nable to craft the right fragmented packets. (CVE-2005-0449)\n\nMissing validation of an epoll_wait() system call parameter could\nallow a local user to cause a denial of service (system crash) on the\nIBM S/390 and zSeries architectures. (CVE-2005-0736)\n\nA flaw when freeing a pointer in load_elf_library was discovered. A\nlocal user could potentially use this flaw to cause a denial of\nservice (system crash). (CVE-2005-0749)\n\nA flaw was discovered in the bluetooth driver system. On system where\nthe bluetooth modules are loaded, a local user could use this flaw to\ngain elevated (root) privileges. (CVE-2005-0750)\n\nIn addition to the security issues listed above, there was an\nimportant fix made to the handling of the msync() system call for a\nparticular case in which the call could return without queuing\nmodified mmap()", "modified": "2020-08-02T00:00:00", "id": "CENTOS_RHSA-2005-293.NASL", "href": "https://www.tenable.com/plugins/nessus/21923", "published": "2006-07-05T00:00:00", "title": "CentOS 3 : kernel (CESA-2005:293)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:293 and \n# CentOS Errata and Security Advisory 2005:293 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21923);\n script_version(\"1.24\");\n script_cvs_date(\"Date: 2019/10/25 13:36:02\");\n\n script_cve_id(\"CVE-2004-0075\", \"CVE-2004-0177\", \"CVE-2004-0814\", \"CVE-2004-1058\", \"CVE-2004-1073\", \"CVE-2005-0135\", \"CVE-2005-0137\", \"CVE-2005-0204\", \"CVE-2005-0384\", \"CVE-2005-0403\", \"CVE-2005-0449\", \"CVE-2005-0736\", \"CVE-2005-0749\", \"CVE-2005-0750\");\n script_xref(name:\"RHSA\", value:\"2005:293\");\n\n script_name(english:\"CentOS 3 : kernel (CESA-2005:293)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues in the Red\nHat Enterprise Linux 3 kernel are now available.\n\nThis security advisory has been rated as having important security\nimpact by the Red Hat Security Response Team.\n\nThe Linux kernel handles the basic functions of the operating system.\n\nThe following security issues were fixed :\n\nThe Vicam USB driver did not use the copy_from_user function to access\nuserspace, crossing security boundaries. (CVE-2004-0075)\n\nThe ext3 and jfs code did not properly initialize journal descriptor\nblocks. A privileged local user could read portions of kernel memory.\n(CVE-2004-0177)\n\nThe terminal layer did not properly lock line discipline changes or\npending IO. An unprivileged local user could read portions of kernel\nmemory, or cause a denial of service (system crash). (CVE-2004-0814)\n\nA race condition was discovered. Local users could use this flaw to\nread the environment variables of another process that is still\nspawning via /proc/.../cmdline. (CVE-2004-1058)\n\nA flaw in the execve() syscall handling was discovered, allowing a\nlocal user to read setuid ELF binaries that should otherwise be\nprotected by standard permissions. (CVE-2004-1073). Red Hat originally\nreported this as being fixed by RHSA-2004:549, but the associated fix\nwas missing from that update.\n\nKeith Owens reported a flaw in the Itanium unw_unwind_to_user()\nfunction. A local user could use this flaw to cause a denial of\nservice (system crash) on the Itanium architecture. (CVE-2005-0135)\n\nA missing Itanium syscall table entry could allow an unprivileged\nlocal user to cause a denial of service (system crash) on the Itanium\narchitecture. (CVE-2005-0137)\n\nA flaw affecting the OUTS instruction on the AMD64 and Intel EM64T\narchitectures was discovered. A local user could use this flaw to\naccess privileged IO ports. (CVE-2005-0204)\n\nA flaw was discovered in the Linux PPP driver. On systems allowing\nremote users to connect to a server using ppp, a remote client could\ncause a denial of service (system crash). (CVE-2005-0384)\n\nA flaw in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3\nwas discovered that left a pointer to a freed tty structure. A local\nuser could potentially use this flaw to cause a denial of service\n(system crash) or possibly gain read or write access to ttys that\nshould normally be prevented. (CVE-2005-0403)\n\nA flaw in fragment queuing was discovered affecting the netfilter\nsubsystem. On systems configured to filter or process network packets\n(for example those configured to do firewalling), a remote attacker\ncould send a carefully crafted set of fragmented packets to a machine\nand cause a denial of service (system crash). In order to sucessfully\nexploit this flaw, the attacker would need to know (or guess) some\naspects of the firewall ruleset in place on the target system to be\nable to craft the right fragmented packets. (CVE-2005-0449)\n\nMissing validation of an epoll_wait() system call parameter could\nallow a local user to cause a denial of service (system crash) on the\nIBM S/390 and zSeries architectures. (CVE-2005-0736)\n\nA flaw when freeing a pointer in load_elf_library was discovered. A\nlocal user could potentially use this flaw to cause a denial of\nservice (system crash). (CVE-2005-0749)\n\nA flaw was discovered in the bluetooth driver system. On system where\nthe bluetooth modules are loaded, a local user could use this flaw to\ngain elevated (root) privileges. (CVE-2005-0750)\n\nIn addition to the security issues listed above, there was an\nimportant fix made to the handling of the msync() system call for a\nparticular case in which the call could return without queuing\nmodified mmap()'ed data for file system update. (BZ 147969)\n\nNote: The kernel-unsupported package contains various drivers and\nmodules that are unsupported and therefore might contain security\nproblems that have not been addressed.\n\nRed Hat Enterprise Linux 3 users are advised to upgrade their kernels\nto the packages associated with their machine\narchitectures/configurations\n\nPlease note that the fix for CVE-2005-0449 required changing the\nexternal symbol linkages (kernel module ABI) for the ip_defrag() and\nip_ct_gather_frags() functions. Any third-party module using either of\nthese would also need to be fixed.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-April/011589.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?01b5e952\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-April/011590.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7ecd71e1\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-April/011592.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3a444c1e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-2.4.21-27.0.4.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-27.0.4.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-doc-2.4.21-27.0.4.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-27.0.4.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-27.0.4.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-smp-2.4.21-27.0.4.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-27.0.4.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-smp-unsupported-2.4.21-27.0.4.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-27.0.4.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-source-2.4.21-27.0.4.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-unsupported-2.4.21-27.0.4.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-01T04:22:27", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix several security issues in the Red\nHat Enterprise Linux 3 kernel are now available.\n\nThis security advisory has been rated as having important security\nimpact by the Red Hat Security Response Team.\n\nThe Linux kernel handles the basic functions of the operating system.\n\nThe following security issues were fixed :\n\nThe Vicam USB driver did not use the copy_from_user function to access\nuserspace, crossing security boundaries. (CVE-2004-0075)\n\nThe ext3 and jfs code did not properly initialize journal descriptor\nblocks. A privileged local user could read portions of kernel memory.\n(CVE-2004-0177)\n\nThe terminal layer did not properly lock line discipline changes or\npending IO. An unprivileged local user could read portions of kernel\nmemory, or cause a denial of service (system crash). (CVE-2004-0814)\n\nA race condition was discovered. Local users could use this flaw to\nread the environment variables of another process that is still\nspawning via /proc/.../cmdline. (CVE-2004-1058)\n\nA flaw in the execve() syscall handling was discovered, allowing a\nlocal user to read setuid ELF binaries that should otherwise be\nprotected by standard permissions. (CVE-2004-1073). Red Hat originally\nreported this as being fixed by RHSA-2004:549, but the associated fix\nwas missing from that update.\n\nKeith Owens reported a flaw in the Itanium unw_unwind_to_user()\nfunction. A local user could use this flaw to cause a denial of\nservice (system crash) on the Itanium architecture. (CVE-2005-0135)\n\nA missing Itanium syscall table entry could allow an unprivileged\nlocal user to cause a denial of service (system crash) on the Itanium\narchitecture. (CVE-2005-0137)\n\nA flaw affecting the OUTS instruction on the AMD64 and Intel EM64T\narchitectures was discovered. A local user could use this flaw to\naccess privileged IO ports. (CVE-2005-0204)\n\nA flaw was discovered in the Linux PPP driver. On systems allowing\nremote users to connect to a server using ppp, a remote client could\ncause a denial of service (system crash). (CVE-2005-0384)\n\nA flaw in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3\nwas discovered that left a pointer to a freed tty structure. A local\nuser could potentially use this flaw to cause a denial of service\n(system crash) or possibly gain read or write access to ttys that\nshould normally be prevented. (CVE-2005-0403)\n\nA flaw in fragment queuing was discovered affecting the netfilter\nsubsystem. On systems configured to filter or process network packets\n(for example those configured to do firewalling), a remote attacker\ncould send a carefully crafted set of fragmented packets to a machine\nand cause a denial of service (system crash). In order to sucessfully\nexploit this flaw, the attacker would need to know (or guess) some\naspects of the firewall ruleset in place on the target system to be\nable to craft the right fragmented packets. (CVE-2005-0449)\n\nMissing validation of an epoll_wait() system call parameter could\nallow a local user to cause a denial of service (system crash) on the\nIBM S/390 and zSeries architectures. (CVE-2005-0736)\n\nA flaw when freeing a pointer in load_elf_library was discovered. A\nlocal user could potentially use this flaw to cause a denial of\nservice (system crash). (CVE-2005-0749)\n\nA flaw was discovered in the bluetooth driver system. On system where\nthe bluetooth modules are loaded, a local user could use this flaw to\ngain elevated (root) privileges. (CVE-2005-0750)\n\nIn addition to the security issues listed above, there was an\nimportant fix made to the handling of the msync() system call for a\nparticular case in which the call could return without queuing\nmodified mmap()", "modified": "2020-08-02T00:00:00", "id": "REDHAT-RHSA-2005-293.NASL", "href": "https://www.tenable.com/plugins/nessus/18128", "published": "2005-04-25T00:00:00", "title": "RHEL 3 : kernel (RHSA-2005:293)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:293. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18128);\n script_version (\"1.33\");\n script_cvs_date(\"Date: 2019/10/25 13:36:11\");\n\n script_cve_id(\"CVE-2004-0075\", \"CVE-2004-0177\", \"CVE-2004-0814\", \"CVE-2004-1058\", \"CVE-2004-1073\", \"CVE-2005-0135\", \"CVE-2005-0137\", \"CVE-2005-0204\", \"CVE-2005-0384\", \"CVE-2005-0403\", \"CVE-2005-0449\", \"CVE-2005-0736\", \"CVE-2005-0749\", \"CVE-2005-0750\");\n script_xref(name:\"RHSA\", value:\"2005:293\");\n\n script_name(english:\"RHEL 3 : kernel (RHSA-2005:293)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues in the Red\nHat Enterprise Linux 3 kernel are now available.\n\nThis security advisory has been rated as having important security\nimpact by the Red Hat Security Response Team.\n\nThe Linux kernel handles the basic functions of the operating system.\n\nThe following security issues were fixed :\n\nThe Vicam USB driver did not use the copy_from_user function to access\nuserspace, crossing security boundaries. (CVE-2004-0075)\n\nThe ext3 and jfs code did not properly initialize journal descriptor\nblocks. A privileged local user could read portions of kernel memory.\n(CVE-2004-0177)\n\nThe terminal layer did not properly lock line discipline changes or\npending IO. An unprivileged local user could read portions of kernel\nmemory, or cause a denial of service (system crash). (CVE-2004-0814)\n\nA race condition was discovered. Local users could use this flaw to\nread the environment variables of another process that is still\nspawning via /proc/.../cmdline. (CVE-2004-1058)\n\nA flaw in the execve() syscall handling was discovered, allowing a\nlocal user to read setuid ELF binaries that should otherwise be\nprotected by standard permissions. (CVE-2004-1073). Red Hat originally\nreported this as being fixed by RHSA-2004:549, but the associated fix\nwas missing from that update.\n\nKeith Owens reported a flaw in the Itanium unw_unwind_to_user()\nfunction. A local user could use this flaw to cause a denial of\nservice (system crash) on the Itanium architecture. (CVE-2005-0135)\n\nA missing Itanium syscall table entry could allow an unprivileged\nlocal user to cause a denial of service (system crash) on the Itanium\narchitecture. (CVE-2005-0137)\n\nA flaw affecting the OUTS instruction on the AMD64 and Intel EM64T\narchitectures was discovered. A local user could use this flaw to\naccess privileged IO ports. (CVE-2005-0204)\n\nA flaw was discovered in the Linux PPP driver. On systems allowing\nremote users to connect to a server using ppp, a remote client could\ncause a denial of service (system crash). (CVE-2005-0384)\n\nA flaw in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3\nwas discovered that left a pointer to a freed tty structure. A local\nuser could potentially use this flaw to cause a denial of service\n(system crash) or possibly gain read or write access to ttys that\nshould normally be prevented. (CVE-2005-0403)\n\nA flaw in fragment queuing was discovered affecting the netfilter\nsubsystem. On systems configured to filter or process network packets\n(for example those configured to do firewalling), a remote attacker\ncould send a carefully crafted set of fragmented packets to a machine\nand cause a denial of service (system crash). In order to sucessfully\nexploit this flaw, the attacker would need to know (or guess) some\naspects of the firewall ruleset in place on the target system to be\nable to craft the right fragmented packets. (CVE-2005-0449)\n\nMissing validation of an epoll_wait() system call parameter could\nallow a local user to cause a denial of service (system crash) on the\nIBM S/390 and zSeries architectures. (CVE-2005-0736)\n\nA flaw when freeing a pointer in load_elf_library was discovered. A\nlocal user could potentially use this flaw to cause a denial of\nservice (system crash). (CVE-2005-0749)\n\nA flaw was discovered in the bluetooth driver system. On system where\nthe bluetooth modules are loaded, a local user could use this flaw to\ngain elevated (root) privileges. (CVE-2005-0750)\n\nIn addition to the security issues listed above, there was an\nimportant fix made to the handling of the msync() system call for a\nparticular case in which the call could return without queuing\nmodified mmap()'ed data for file system update. (BZ 147969)\n\nNote: The kernel-unsupported package contains various drivers and\nmodules that are unsupported and therefore might contain security\nproblems that have not been addressed.\n\nRed Hat Enterprise Linux 3 users are advised to upgrade their kernels\nto the packages associated with their machine\narchitectures/configurations\n\nPlease note that the fix for CVE-2005-0449 required changing the\nexternal symbol linkages (kernel module ABI) for the ip_defrag() and\nip_ct_gather_frags() functions. Any third-party module using either of\nthese would also need to be fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0177\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-1058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-1073\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0135\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0137\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0403\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0449\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0736\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0749\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0750\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:293\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/04/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2004-0075\", \"CVE-2004-0177\", \"CVE-2004-0814\", \"CVE-2004-1058\", \"CVE-2004-1073\", \"CVE-2005-0135\", \"CVE-2005-0137\", \"CVE-2005-0204\", \"CVE-2005-0384\", \"CVE-2005-0403\", \"CVE-2005-0449\", \"CVE-2005-0736\", \"CVE-2005-0749\", \"CVE-2005-0750\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2005:293\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:293\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-2.4.21-27.0.4.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-27.0.4.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-doc-2.4.21-27.0.4.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-hugemem-2.4.21-27.0.4.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-hugemem-unsupported-2.4.21-27.0.4.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-smp-2.4.21-27.0.4.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-27.0.4.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-smp-unsupported-2.4.21-27.0.4.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-27.0.4.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-source-2.4.21-27.0.4.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-unsupported-2.4.21-27.0.4.EL\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:11", "bulletinFamily": "software", "description": "===========================================================\r\nUbuntu Security Notice USN-38-1 December 14, 2004\r\nlinux-source-2.6.8.1 vulnerabilities\r\nCAN-2004-0814, CAN-2004-1016, CAN-2004-1056, CAN-2004-1058, \r\nCAN-2004-1068, CAN-2004-1069, CAN-2004-1137, CAN-2004-1151\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 4.10 (Warty Warthog)\r\n\r\nThe following packages are affected:\r\n\r\nlinux-image-2.6.8.1-4-386\r\nlinux-image-2.6.8.1-4-686\r\nlinux-image-2.6.8.1-4-686-smp\r\nlinux-image-2.6.8.1-4-amd64-generic\r\nlinux-image-2.6.8.1-4-amd64-k8\r\nlinux-image-2.6.8.1-4-amd64-k8-smp\r\nlinux-image-2.6.8.1-4-amd64-xeon\r\nlinux-image-2.6.8.1-4-k7\r\nlinux-image-2.6.8.1-4-k7-smp\r\nlinux-image-2.6.8.1-4-power3\r\nlinux-image-2.6.8.1-4-power3-smp\r\nlinux-image-2.6.8.1-4-power4\r\nlinux-image-2.6.8.1-4-power4-smp\r\nlinux-image-2.6.8.1-4-powerpc\r\nlinux-image-2.6.8.1-4-powerpc-smp\r\n\r\nThe problem can be corrected by upgrading the affected package to\r\nversion 2.6.8.1-16.3. You need to reboot the computer after doing a\r\nstandard system upgrade to effect the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change this kernel got a new\r\nversion number, which requires to recompile and reinstall all third\r\nparty kernel modules you might have installed. If you use\r\nlinux-restricted-modules, you have to update that package as well to\r\nget modules which work with the new kernel version.\r\n\r\nDetails follow:\r\n\r\nCAN-2004-0814:\r\n\r\n Vitaly V. Bursov discovered a Denial of Service vulnerability in the "serio"\r\n code; opening the same tty device twice and doing some particular operations on\r\n it caused a kernel panic and/or a system lockup. \r\n\r\n Fixing this vulnerability required a change in the Application Binary\r\n Interface (ABI) of the kernel. This means that third party user installed\r\n modules might not work any more with the new kernel, so this fixed kernel got\r\n a new ABI version number. You have to recompile and reinstall all third party\r\n modules.\r\n\r\nCAN-2004-1016:\r\n\r\n Paul Starzetz discovered a buffer overflow vulnerability in the "__scm_send"\r\n function which handles the sending of UDP network packets. A wrong validity\r\n check of the cmsghdr structure allowed a local attacker to modify kernel\r\n memory, thus causing an endless loop (Denial of Service) or possibly even\r\n root privilege escalation.\r\n\r\nCAN-2004-1056:\r\n\r\n Thomas Hellström discovered a Denial of Service vulnerability in the Direct\r\n Rendering Manager (DRM) drivers. Due to an insufficient DMA lock checking,\r\n any authorized client could send arbitrary values to the video card, which\r\n could cause an X server crash or modification of the video output.\r\n\r\nCAN-2004-1058:\r\n\r\n Rob Landley discovered a race condition in the handling of /proc/.../cmdline.\r\n Under very rare circumstances an user could read the environment variables of\r\n another process that was still spawning. Environment variables are often used\r\n to pass passwords and other private information to other processes.\r\n\r\nCAN-2004-1068:\r\n\r\n A race condition was discovered in the handling of AF_UNIX network packets.\r\n This reportedly allowed local users to modify arbitrary kernel memory,\r\n facilitating privilege escalation, or possibly allowing code execution in the\r\n context of the kernel.\r\n\r\nCAN-2004-1069:\r\n\r\n Ross Kendall Axe discovered a possible kernel panic (causing a Denial of\r\n Service) while sending AF_UNIX network packages if the kernel options\r\n CONFIG_SECURITY_NETWORK and CONFIG_SECURITY_SELINUX are enabled. This is not\r\n the case in the kernel packages shipped in Warty Warthog; however, if you\r\n recompiled the kernel using SELinux, you are affected by this flaw.\r\n\r\nCAN-2004-1137:\r\n\r\n Paul Starzetz discovered several flaws in the IGMP handling code. This\r\n allowed users to provoke a Denial of Service, read kernel memory, and execute\r\n arbitrary code with root privileges. This flaw is also exploitable remotely\r\n if an application has bound a multicast socket.\r\n\r\nCAN-2004-1151:\r\n\r\n Jeremy Fitzhardinge discovered two buffer overflows in the sys32_ni_syscall()\r\n and sys32_vm86_warning() functions. This could possibly be exploited to\r\n overwrite kernel memory with attacker-supplied code and cause root privilege\r\n escalation. \r\n \r\n This vulnerability only affects the amd64 architecture.\r\n\r\nSource archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-meta_2.6.8.1-14.dsc\r\n Size/MD5: 3103 2739fe6c67c4806736f22ddf67d17901\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-meta_2.6.8.1-14.tar.gz\r\n Size/MD5: 22328 d575ed63bf6792e09df35989e716a195\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/linux-restricted-modules-2.6.8.1_2.6.8.1.3-5.diff.gz\r\n Size/MD5: 60452 0299c2583d80faf5b2f09d055b74d089\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/linux-restricted-modules-2.6.8.1_2.6.8.1.3-5.dsc\r\n Size/MD5: 1731 b60b63663c37a9ab668249d5eed1bafa\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/linux-restricted-modules-2.6.8.1_2.6.8.1.3.orig.tar.gz\r\n Size/MD5: 17582377 8488fe31fcae94e0e69f7c0526803233\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1-16.3.diff.gz\r\n Size/MD5: 3119819 e627cd76aeb5ad91aa82577576d4e1c1\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1-16.3.dsc\r\n Size/MD5: 2119 302746973db569c99136632686ecb45b\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1.orig.tar.gz\r\n Size/MD5: 44728688 79730a3ad4773ba65fab65515369df84\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-doc-2.6.8.1_2.6.8.1-16.3_all.deb\r\n Size/MD5: 6161524 73585bf9aae2c2308781a7700c839167\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-doc_2.6.8.1-14_all.deb\r\n Size/MD5: 21230 f56d995d9180994c037ac74b63b8691f\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-patch-debian-2.6.8.1_2.6.8.1-16.3_all.deb\r\n Size/MD5: 1469456 f1b3599ba174f58c7061200b6639d2e9\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1-16.3_all.deb\r\n Size/MD5: 36720164 0bc92687431e8bc3afd4bde612874160\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-tree-2.6.8.1_2.6.8.1-16.3_all.deb\r\n Size/MD5: 306640 5cd61fc7db4e1772054507c0e3ef300d\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-amd64-generic_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21292 f2c1ce26eca4acf6facd82f6aac97587\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-amd64-k8-smp_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21366 12ac30be2de423f4cc4c4d87bfb8f3d5\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-amd64-k8_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21292 444c17a2861dc3a321562c1911eab909\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-amd64-xeon_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21292 bb86c97a0a08c49f40b7530c698036ff\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-amd64-generic_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21302 341eb8856ef3415f0595d6af4179bfed\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-amd64-k8-smp_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21376 0a2ca5c6cffc825b9f3940950c8bf0cb\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-amd64-k8_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21306 1f69208c01df7a700131cc71b146e1f4\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-amd64-xeon_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21296 84b1ecf0ffd8a749191b7a67e9e5019f\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-generic_2.6.8.1-16.3_amd64.deb\r\n Size/MD5: 246940 91c84dc4f0c8639d14142c20b7b5a6e0\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-k8-smp_2.6.8.1-16.3_amd64.deb\r\n Size/MD5: 242460 768f6eab93de7cc80f1ecea938bc6142\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-k8_2.6.8.1-16.3_amd64.deb\r\n Size/MD5: 246114 d566af4129840a05622318e603a844fc\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-xeon_2.6.8.1-16.3_amd64.deb\r\n Size/MD5: 240860 d5da1efb513b8e851f16517622abfd05\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4_2.6.8.1-16.3_amd64.deb\r\n Size/MD5: 3177400 b37af515256b59bf93da4bbd8bbd3025\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-amd64-generic_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21308 b4959ef4997a3c51750c07ce51d3f1d5\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-amd64-k8-smp_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21376 d4cd567e35106901f69532663a618dd4\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-amd64-k8_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21306 c8f69eb8f30c3b476ecb884251fc013b\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-amd64-xeon_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21304 e2693eab435cd7d3d2a464d58eab0b14\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-generic_2.6.8.1-16.3_amd64.deb\r\n Size/MD5: 14352544 00f22a714f8be9c11aad77160b4a3159\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-k8-smp_2.6.8.1-16.3_amd64.deb\r\n Size/MD5: 14827618 52120fa11e9c6d256667590a75a18b32\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-k8_2.6.8.1-16.3_amd64.deb\r\n Size/MD5: 14861064 9dd55bcaf2d30f6c8acd3be8f9f8d87d\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-xeon_2.6.8.1-16.3_amd64.deb\r\n Size/MD5: 14682290 88f009678279b290532152c5e89f154a\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-amd64-generic_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21290 97ff02f808d398401854b99c44e82cac\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-amd64-k8-smp_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21364 0289454f61e30cbc700455287b8af8e9\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-amd64-k8_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21286 e68e089113055a10d9741c114afe78e2\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-amd64-xeon_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21284 94b840f7eb26762e031213b4f996971b\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-amd64-generic_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21330 c82ccb88befae70d042e8d07d2815c62\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-amd64-k8-smp_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21406 93c3d802ac69eb595dc6d6d1e0109424\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-amd64-k8_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21332 25048a776ff997a5c116d3f5bfa037dd\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-amd64-xeon_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21330 0b800bc22c38eb546efaf2d6c99e0369\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/linux-restricted-modules-2.6.8.1-4-amd64-generic_2.6.8.1.3-5_amd64.deb\r\n Size/MD5: 1100662 d4f899d1041892c0dc54f3ab48516e47\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/linux-restricted-modules-2.6.8.1-4-amd64-k8-smp_2.6.8.1.3-5_amd64.deb\r\n Size/MD5: 1102030 c6839206eedae5778ae4d091216e68ea\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/linux-restricted-modules-2.6.8.1-4-amd64-k8_2.6.8.1.3-5_amd64.deb\r\n Size/MD5: 1100624 cb9810c1331ad1bef95d9b65172c85b5\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/linux-restricted-modules-2.6.8.1-4-amd64-xeon_2.6.8.1.3-5_amd64.deb\r\n Size/MD5: 1100566 3e7d980c2de6bb60bd55cc798ecce00d\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-amd64-generic_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21310 352d166ff12d7a41221809aaa7936515\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-amd64-k8-smp_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21388 4641bb4d47584ed8dc6a41126809eea5\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-amd64-k8_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21314 110c4690798fd4d49f92923f043014b1\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-amd64-xeon_2.6.8.1-14_amd64.deb\r\n Size/MD5: 21316 2134054c8aabda46d92c9e1dbc1baed8\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/nvidia-glx-dev_1.0.6111-1ubuntu8_amd64.deb\r\n Size/MD5: 127492 69fdb5f551adbaf88a088ce8820aae51\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/nvidia-glx_1.0.6111-1ubuntu8_amd64.deb\r\n Size/MD5: 5525400 d53ee7edea3aa6d33d0d3cc8608e5401\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/universe/l/linux-restricted-modules-2.6.8.1/nvidia-kernel-source_1.0.6111-1ubuntu8_amd64.deb\r\n Size/MD5: 1060224 2d540829c384b275282a288faa2539a0\r\n\r\n i386 architecture (x86 compatible Intel/AMD)\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/fglrx-control_2.6.8.1.3-5_i386.deb\r\n Size/MD5: 62478 188999f9aee2a63e97d9b0d5c8fa5c28\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/fglrx-driver-dev_2.6.8.1.3-5_i386.deb\r\n Size/MD5: 15388 5092149304ca3855544be73d78a96baa\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/fglrx-driver_2.6.8.1.3-5_i386.deb\r\n Size/MD5: 2564002 9884912def03161a6b30d8193d8e3843\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-386_2.6.8.1-14_i386.deb\r\n Size/MD5: 21274 294ba134da9dd35781e7e3c69ceabe0b\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-686-smp_2.6.8.1-14_i386.deb\r\n Size/MD5: 21374 ba1dab8c985f13b082df7cbce5278f2a\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-686_2.6.8.1-14_i386.deb\r\n Size/MD5: 21302 e35b8cae77283a4cc7df99b5477cdc10\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-386_2.6.8.1-14_i386.deb\r\n Size/MD5: 21270 08f1b3b11c09327178b4a8235f3b3943\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-686-smp_2.6.8.1-14_i386.deb\r\n Size/MD5: 21378 3b255e044462d26e3803ad018fece207\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-686_2.6.8.1-14_i386.deb\r\n Size/MD5: 21298 2232f60282de676c35387c14f893e147\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-k7-smp_2.6.8.1-14_i386.deb\r\n Size/MD5: 21350 c057e0773f8239ed96c960d62ba4163b\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-k7_2.6.8.1-14_i386.deb\r\n Size/MD5: 21284 9d649ccb84c037f99002e46a44af7096\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-386_2.6.8.1-16.3_i386.deb\r\n Size/MD5: 275632 f84b93f4eb9871786828911153d0aa95\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-686-smp_2.6.8.1-16.3_i386.deb\r\n Size/MD5: 270224 a1cb7eac91ee99704f944f119269bf47\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-686_2.6.8.1-16.3_i386.deb\r\n Size/MD5: 273446 aae8b7c2486a6150eb4e70e859caf516\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-k7-smp_2.6.8.1-16.3_i386.deb\r\n Size/MD5: 270520 c01dceb383c677e583cce044d11f21af\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-k7_2.6.8.1-16.3_i386.deb\r\n Size/MD5: 273596 f8c2bf7e7e0ea5f547830dbd726f508d\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4_2.6.8.1-16.3_i386.deb\r\n Size/MD5: 3218158 6248f76911d8ca4508ada30f4b780ba6\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-386_2.6.8.1-14_i386.deb\r\n Size/MD5: 21276 e8ec778bbb6f3d4bc7f4a1ae7e4f75dc\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-686-smp_2.6.8.1-14_i386.deb\r\n Size/MD5: 21374 cf14bdf679eb5a8675f225b4a8791ef3\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-686_2.6.8.1-14_i386.deb\r\n Size/MD5: 21306 38f92fadf352147bb92253eadf3ac5fa\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-k7-smp_2.6.8.1-14_i386.deb\r\n Size/MD5: 21360 80be1d7fdbf4ad15f6c2ea2a95a477c5\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-k7_2.6.8.1-14_i386.deb\r\n Size/MD5: 21292 cdf5217f74ebaa0b41bb8e6bd81040fe\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-386_2.6.8.1-16.3_i386.deb\r\n Size/MD5: 15495626 2c544ce0c06f812788cf672d17a8d92b\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-686-smp_2.6.8.1-16.3_i386.deb\r\n Size/MD5: 16344482 777a35e4dc62227bbed13749a4e2db7e\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-686_2.6.8.1-16.3_i386.deb\r\n Size/MD5: 16509660 13558b1d8b5f039761510e90cf511a7b\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-k7-smp_2.6.8.1-16.3_i386.deb\r\n Size/MD5: 16447164 94ddcb37ab4fd9e7682e4668f2c530ff\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-k7_2.6.8.1-16.3_i386.deb\r\n Size/MD5: 16572102 128369d662556373de78e2b808892f09\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-386_2.6.8.1-14_i386.deb\r\n Size/MD5: 21258 20b664abb2b03b2aa91b540e063a078d\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-686-smp_2.6.8.1-14_i386.deb\r\n Size/MD5: 21360 ec59b67c955e650531bd09617ad58702\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-686_2.6.8.1-14_i386.deb\r\n Size/MD5: 21292 b7259e930ddb75620ad42c862a4cdacb\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-k7-smp_2.6.8.1-14_i386.deb\r\n Size/MD5: 21342 811cc52cb01ecb0d754500fe6bde9b3a\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-k7_2.6.8.1-14_i386.deb\r\n Size/MD5: 21268 c8775c0d6960ebf24843a0e7673d63bc\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-k7-smp_2.6.8.1-14_i386.deb\r\n Size/MD5: 21350 0af30dd5bc077b2e1ebf871bb0d8998d\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-k7_2.6.8.1-14_i386.deb\r\n Size/MD5: 21286 ee9c14fe158634fedce2364691879c1b\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-386_2.6.8.1-14_i386.deb\r\n Size/MD5: 21298 8a1589754b9d42243cbf1aa4eb08bed4\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-686-smp_2.6.8.1-14_i386.deb\r\n Size/MD5: 21404 408967f31731a3fcfc86a209f93214d5\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-686_2.6.8.1-14_i386.deb\r\n Size/MD5: 21334 d5778e6e76327e46b251c6af92b7de83\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-k7-smp_2.6.8.1-14_i386.deb\r\n Size/MD5: 21386 9c75e48c26bde238b02b7267776ad1f4\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-k7_2.6.8.1-14_i386.deb\r\n Size/MD5: 21310 3abdea2703da95d2edbe59303ddc017e\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/linux-restricted-modules-2.6.8.1-4-386_2.6.8.1.3-5_i386.deb\r\n Size/MD5: 1319942 0fe802afb9693df2f629a308d4bd8729\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/linux-restricted-modules-2.6.8.1-4-686-smp_2.6.8.1.3-5_i386.deb\r\n Size/MD5: 1333318 b085a4723199065a663ef88295763384\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/linux-restricted-modules-2.6.8.1-4-686_2.6.8.1.3-5_i386.deb\r\n Size/MD5: 1331296 bb3098b2e5f7437ceb99eddc1d4bfb5e\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/linux-restricted-modules-2.6.8.1-4-k7-smp_2.6.8.1.3-5_i386.deb\r\n Size/MD5: 1334312 578b54a2f51a6f435236b0ffaf624fa7\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/linux-restricted-modules-2.6.8.1-4-k7_2.6.8.1.3-5_i386.deb\r\n Size/MD5: 1332306 8465a390f61a7059aa8aee4c7243566e\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-386_2.6.8.1-14_i386.deb\r\n Size/MD5: 21286 cb395241ff85c348d658029bda7cb5ba\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-686-smp_2.6.8.1-14_i386.deb\r\n Size/MD5: 21382 4dfed0465203a0e4b1f4a42f546db180\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-686_2.6.8.1-14_i386.deb\r\n Size/MD5: 21316 deea03f29abd2f1330fb2f6269337cf3\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-k7-smp_2.6.8.1-14_i386.deb\r\n Size/MD5: 21362 ff91c613fe9d25ea18c879307ac0dfc1\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-k7_2.6.8.1-14_i386.deb\r\n Size/MD5: 21294 885e5e4b9d0713e27a4862cafc423f4f\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/nvidia-glx-dev_1.0.6111-1ubuntu8_i386.deb\r\n Size/MD5: 106100 ebbf827ee29c2539ef80c67882a7b78e\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-restricted-modules-2.6.8.1/nvidia-glx_1.0.6111-1ubuntu8_i386.deb\r\n Size/MD5: 2815626 859c60c2f2aa6dc201f096712a684f1b\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/universe/l/linux-restricted-modules-2.6.8.1/nvidia-kernel-source_1.0.6111-1ubuntu8_i386.deb\r\n Size/MD5: 1040522 713f7168281e0105578583f8e72eae14\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5)\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-power3-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21352 dc8b3881aef86cc69d5f0028bee224e7\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-power3_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21282 df187a4128d311a5e6cad81a4a7173c6\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-power4-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21360 0d2921c42b479cae1a08b3601dd8627e\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-power4_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21288 c87cc15f0d46d21d281ed421481641c5\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-powerpc-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21358 4f6714044b2925a42ead5dfdbc1ca03c\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-headers-2.6-powerpc_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21288 9c134447ed2eb2cf39c4f19467f6f894\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power3-smp_2.6.8.1-16.3_powerpc.deb\r\n Size/MD5: 211692 2210cd76794c56e38b53b271874372df\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power3_2.6.8.1-16.3_powerpc.deb\r\n Size/MD5: 212546 475ff7872815fab763ec935a0657d453\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power4-smp_2.6.8.1-16.3_powerpc.deb\r\n Size/MD5: 211506 62eeeb84113f878e111ff110722b3056\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power4_2.6.8.1-16.3_powerpc.deb\r\n Size/MD5: 212292 3be1e6b0b7d9eb213f63dfaac0e0269c\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-powerpc-smp_2.6.8.1-16.3_powerpc.deb\r\n Size/MD5: 212180 09e88088425e285c6cb9f15e9546342c\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-powerpc_2.6.8.1-16.3_powerpc.deb\r\n Size/MD5: 213782 29e9670d6eeeaad5fe280b502ff73526\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4_2.6.8.1-16.3_powerpc.deb\r\n Size/MD5: 3295484 96f458047907e3866bc4b31d71f734de\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-power3-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21358 954182d8bd2c3afada6254b98169db5a\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-power3_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21282 a9ddbeb5e6368e47256f9feda52dc159\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-power4-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21354 22f0866e799b8e7ee77396b8b27630d1\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-power4_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21286 9c3f1587b16bc39644f7fe3f15fa0bae\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-powerpc-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21360 9705a00c06d2202dcd43a583d682b8de\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-2.6-powerpc_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21292 2d6ce348b4ff012177eed1f9ac2dc38e\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power3-smp_2.6.8.1-16.3_powerpc.deb\r\n Size/MD5: 16365278 44e431bb469d670f3af9acb2716b2996\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power3_2.6.8.1-16.3_powerpc.deb\r\n Size/MD5: 15943056 56f60dce37f430a5518a390bf595e9ab\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power4-smp_2.6.8.1-16.3_powerpc.deb\r\n Size/MD5: 16351872 c00455d866cc9a24e2a7bbf5f935bcd3\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power4_2.6.8.1-16.3_powerpc.deb\r\n Size/MD5: 15922326 788ffc685156c3ceece22a6fb9e08b86\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-powerpc-smp_2.6.8.1-16.3_powerpc.deb\r\n Size/MD5: 16288806 b5b32af1b92e8244713d60b2ce0f96a1\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-powerpc_2.6.8.1-16.3_powerpc.deb\r\n Size/MD5: 15977512 1edbd399c46042b4662113c44a5603d7\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-power3-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21344 a76ee915e402ad9486331c309cb790d6\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-power3_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21274 e4014c3c7cc172549ba6cbcb5c140c7f\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-power4-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21336 be1e34e0c0979f569671b0c0151f559c\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-power4_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21272 86cb5de45d0f6eabcc094a62802c1de9\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-powerpc-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21344 88cc0703094e375608fc0ec0db012878\r\n http://security.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-image-powerpc_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21272 aff8a836f6a57447df18c46fe84cb9ef\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-power3-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21340 0dd97f7868caf099ff896222421ac3b7\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-power3_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21274 28b0d611bb4b57558b8f59f5a41f6e3e\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-power4-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21342 adea762c876afce92c94c5ee3a587be1\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-power4_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21274 e58035bfc5270c8a0241bf812bf236c8\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-powerpc-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21346 c2159bd35230d0887735f31164306927\r\n http://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-powerpc_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21280 e470d754388235232acbad72ed7ed4d3\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-power3-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21382 57c9f0dffc021d0323c2d25c1ad571cd\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-power3_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21310 b3a8cbcc97e8ff4509dc265756665861\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-power4-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21382 8eed964fd659cbce5d8eb9003e5d2fc4\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-power4_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21318 4e367ee2145df67eb1e5aa1caf30e405\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-powerpc-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21384 c40928cef5cebe1f73339d2068b6feaf\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-2.6-powerpc_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21318 5903f3e6647e5007df955e9e06e8dcad\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-power3-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21368 508b0e5248debe65fe108cdf207722bc\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-power3_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21292 e51b4b41c1a2c43d20991c7492bd223c\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-power4-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21368 780eca136943443a316a516294cba3bc\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-power4_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21292 7f93c4b8c206614eafb90b709c2be40e\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-powerpc-smp_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21370 2641ea55b80fbc25d8b072f07dd750ef\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/restricted/l/linux-meta/linux-restricted-modules-powerpc_2.6.8.1-14_powerpc.deb\r\n Size/MD5: 21296 4ed14a92d0319b388f0e94f7ce8243c7", "modified": "2004-12-15T00:00:00", "published": "2004-12-15T00:00:00", "id": "SECURITYVULNS:DOC:7334", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:7334", "title": "[USN-38-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-26T08:56:07", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n um-host-kernel\n um-host-install-initrd\n kernel-bigsmp\n kernel-default\n kernel-um\n kernel-syms\n kernel-source\n kernel-smp\n kernel-debug\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5011171 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65101", "id": "OPENVAS:65101", "title": "SLES9: Security update for Linux kernel", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5011171.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n um-host-kernel\n um-host-install-initrd\n kernel-bigsmp\n kernel-default\n kernel-um\n kernel-syms\n kernel-source\n kernel-smp\n kernel-debug\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5011171 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65101);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-0449\", \"CVE-2005-0209\", \"CVE-2005-0529\", \"CVE-2005-0530\", \"CVE-2005-0136\", \"CVE-2005-0532\", \"CVE-2005-0135\", \"CVE-2005-0384\", \"CVE-2005-0210\", \"CVE-2005-0504\", \"CVE-2004-0814\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES9: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"um-host-kernel\", rpm:\"um-host-kernel~2.6.5~7.151\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:58", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n um-host-kernel\n um-host-install-initrd\n kernel-bigsmp\n kernel-default\n kernel-um\n kernel-syms\n kernel-source\n kernel-smp\n kernel-debug\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5011171 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065101", "id": "OPENVAS:136141256231065101", "title": "SLES9: Security update for Linux kernel", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5011171.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n um-host-kernel\n um-host-install-initrd\n kernel-bigsmp\n kernel-default\n kernel-um\n kernel-syms\n kernel-source\n kernel-smp\n kernel-debug\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5011171 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65101\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-0449\", \"CVE-2005-0209\", \"CVE-2005-0529\", \"CVE-2005-0530\", \"CVE-2005-0136\", \"CVE-2005-0532\", \"CVE-2005-0135\", \"CVE-2005-0384\", \"CVE-2005-0210\", \"CVE-2005-0504\", \"CVE-2004-0814\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES9: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"um-host-kernel\", rpm:\"um-host-kernel~2.6.5~7.151\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:24:48", "bulletinFamily": "unix", "description": "The Linux kernel is the core component of the Linux system.\n#### Solution\nNone. Please install the updated packages.", "modified": "2005-03-24T16:30:19", "published": "2005-03-24T16:30:19", "id": "SUSE-SA:2005:018", "href": "http://lists.opensuse.org/opensuse-security-announce/2005-03/msg00020.html", "type": "suse", "title": "remote denial of service in kernel", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "centos": [{"lastseen": "2019-12-20T18:24:06", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2005:293\n\n\nThe following security issues were fixed:\n\nThe Vicam USB driver did not use the copy_from_user function to access\nuserspace, crossing security boundaries. (CAN-2004-0075)\n\nThe ext3 and jfs code did not properly initialize journal descriptor\nblocks. A privileged local user could read portions of kernel memory.\n(CAN-2004-0177)\n\nThe terminal layer did not properly lock line discipline changes or pending\nIO. An unprivileged local user could read portions of kernel memory, or\ncause a denial of service (system crash). (CAN-2004-0814)\n\nA race condition was discovered. Local users could use this flaw to read\nthe environment variables of another process that is still spawning via\n/proc/.../cmdline. (CAN-2004-1058)\n\nA flaw in the execve() syscall handling was discovered, allowing a local\nuser to read setuid ELF binaries that should otherwise be protected by\nstandard permissions. (CAN-2004-1073). Red Hat originally reported this\nas being fixed by RHSA-2004:549, but the associated fix was missing from\nthat update.\n\nKeith Owens reported a flaw in the Itanium unw_unwind_to_user() function.\nA local user could use this flaw to cause a denial of service (system\ncrash) on the Itanium architecture. (CAN-2005-0135)\n\nA missing Itanium syscall table entry could allow an unprivileged\nlocal user to cause a denial of service (system crash) on the Itanium\narchitecture. (CAN-2005-0137)\n\nA flaw affecting the OUTS instruction on the AMD64 and Intel EM64T\narchitectures was discovered. A local user could use this flaw to\naccess privileged IO ports. (CAN-2005-0204)\n\nA flaw was discovered in the Linux PPP driver. On systems allowing remote\nusers to connect to a server using ppp, a remote client could cause a\ndenial of service (system crash). (CAN-2005-0384)\n\nA flaw in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 was\ndiscovered that left a pointer to a freed tty structure. A local user\ncould potentially use this flaw to cause a denial of service (system crash)\nor possibly gain read or write access to ttys that should normally be\nprevented. (CAN-2005-0403)\n\nA flaw in fragment queuing was discovered affecting the netfilter\nsubsystem. On systems configured to filter or process network packets (for\nexample those configured to do firewalling), a remote attacker could send a\ncarefully crafted set of fragmented packets to a machine and cause a denial\nof service (system crash). In order to sucessfully exploit this flaw, the\nattacker would need to know (or guess) some aspects of the firewall ruleset\nin place on the target system to be able to craft the right fragmented\npackets. (CAN-2005-0449)\n\nMissing validation of an epoll_wait() system call parameter could allow\na local user to cause a denial of service (system crash) on the IBM S/390\nand zSeries architectures. (CAN-2005-0736)\n\nA flaw when freeing a pointer in load_elf_library was discovered. A local\nuser could potentially use this flaw to cause a denial of service (system\ncrash). (CAN-2005-0749)\n\nA flaw was discovered in the bluetooth driver system. On system where the\nbluetooth modules are loaded, a local user could use this flaw to gain\nelevated (root) privileges. (CAN-2005-0750)\n\nIn addition to the security issues listed above, there was an important\nfix made to the handling of the msync() system call for a particular case\nin which the call could return without queuing modified mmap()'ed data for\nfile system update. (BZ 147969)\n\nNote: The kernel-unsupported package contains various drivers and modules\nthat are unsupported and therefore might contain security problems that\nhave not been addressed.\n\nRed Hat Enterprise Linux 3 users are advised to upgrade their kernels to\nthe packages associated with their machine architectures/configurations\n\nPlease note that the fix for CAN-2005-0449 required changing the\nexternal symbol linkages (kernel module ABI) for the ip_defrag()\nand ip_ct_gather_frags() functions. Any third-party module using either\nof these would also need to be fixed.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-April/023627.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-April/023628.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-April/023629.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-April/023630.html\n\n**Affected packages:**\nkernel\nkernel-BOOT\nkernel-doc\nkernel-hugemem\nkernel-hugemem-unsupported\nkernel-smp\nkernel-smp-unsupported\nkernel-source\nkernel-unsupported\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2005-293.html", "modified": "2005-04-23T07:30:17", "published": "2005-04-22T21:54:37", "href": "http://lists.centos.org/pipermail/centos-announce/2005-April/023627.html", "id": "CESA-2005:293", "title": "kernel security update", "type": "centos", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:36", "bulletinFamily": "unix", "description": "The following security issues were fixed:\n\nThe Vicam USB driver did not use the copy_from_user function to access\nuserspace, crossing security boundaries. (CAN-2004-0075)\n\nThe ext3 and jfs code did not properly initialize journal descriptor\nblocks. A privileged local user could read portions of kernel memory.\n(CAN-2004-0177)\n\nThe terminal layer did not properly lock line discipline changes or pending\nIO. An unprivileged local user could read portions of kernel memory, or\ncause a denial of service (system crash). (CAN-2004-0814)\n\nA race condition was discovered. Local users could use this flaw to read\nthe environment variables of another process that is still spawning via\n/proc/.../cmdline. (CAN-2004-1058)\n\nA flaw in the execve() syscall handling was discovered, allowing a local\nuser to read setuid ELF binaries that should otherwise be protected by\nstandard permissions. (CAN-2004-1073). Red Hat originally reported this\nas being fixed by RHSA-2004:549, but the associated fix was missing from\nthat update.\n\nKeith Owens reported a flaw in the Itanium unw_unwind_to_user() function.\nA local user could use this flaw to cause a denial of service (system\ncrash) on the Itanium architecture. (CAN-2005-0135)\n\nA missing Itanium syscall table entry could allow an unprivileged\nlocal user to cause a denial of service (system crash) on the Itanium\narchitecture. (CAN-2005-0137)\n\nA flaw affecting the OUTS instruction on the AMD64 and Intel EM64T\narchitectures was discovered. A local user could use this flaw to\naccess privileged IO ports. (CAN-2005-0204)\n\nA flaw was discovered in the Linux PPP driver. On systems allowing remote\nusers to connect to a server using ppp, a remote client could cause a\ndenial of service (system crash). (CAN-2005-0384)\n\nA flaw in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 was\ndiscovered that left a pointer to a freed tty structure. A local user\ncould potentially use this flaw to cause a denial of service (system crash)\nor possibly gain read or write access to ttys that should normally be\nprevented. (CAN-2005-0403)\n\nA flaw in fragment queuing was discovered affecting the netfilter\nsubsystem. On systems configured to filter or process network packets (for\nexample those configured to do firewalling), a remote attacker could send a\ncarefully crafted set of fragmented packets to a machine and cause a denial\nof service (system crash). In order to sucessfully exploit this flaw, the\nattacker would need to know (or guess) some aspects of the firewall ruleset\nin place on the target system to be able to craft the right fragmented\npackets. (CAN-2005-0449)\n\nMissing validation of an epoll_wait() system call parameter could allow\na local user to cause a denial of service (system crash) on the IBM S/390\nand zSeries architectures. (CAN-2005-0736)\n\nA flaw when freeing a pointer in load_elf_library was discovered. A local\nuser could potentially use this flaw to cause a denial of service (system\ncrash). (CAN-2005-0749)\n\nA flaw was discovered in the bluetooth driver system. On system where the\nbluetooth modules are loaded, a local user could use this flaw to gain\nelevated (root) privileges. (CAN-2005-0750)\n\nIn addition to the security issues listed above, there was an important\nfix made to the handling of the msync() system call for a particular case\nin which the call could return without queuing modified mmap()'ed data for\nfile system update. (BZ 147969)\n\nNote: The kernel-unsupported package contains various drivers and modules\nthat are unsupported and therefore might contain security problems that\nhave not been addressed.\n\nRed Hat Enterprise Linux 3 users are advised to upgrade their kernels to\nthe packages associated with their machine architectures/configurations\n\nPlease note that the fix for CAN-2005-0449 required changing the\nexternal symbol linkages (kernel module ABI) for the ip_defrag()\nand ip_ct_gather_frags() functions. Any third-party module using either\nof these would also need to be fixed.", "modified": "2017-07-29T20:29:53", "published": "2005-04-22T04:00:00", "id": "RHSA-2005:293", "href": "https://access.redhat.com/errata/RHSA-2005:293", "type": "redhat", "title": "(RHSA-2005:293) kernel security update", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}
