- -------------------------------------------------------------------------
Debian Security Advisory DSA-2153-1 security@debian.org
http://www.debian.org/security/ dann frazier
January 30, 2011 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : linux-2.6
Vulnerability : privilege escalation/denial of service/information leak
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2010-0435 CVE-2010-3699 CVE-2010-4158 CVE-2010-4162
CVE-2010-4163 CVE-2010-4242 CVE-2010-4243 CVE-2010-4248
CVE-2010-4249 CVE-2010-4258 CVE-2010-4342 CVE-2010-4346
CVE-2010-4526 CVE-2010-4527 CVE-2010-4529 CVE-2010-4565
CVE-2010-4649 CVE-2010-4656 CVE-2010-4668 CVE-2011-0521
Several vulnerabilities have been discovered in the Linux kernel that may lead
to a privilege escalation, denial of service or information leak. The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2010-0435
Gleb Napatov reported an issue in the KVM subsystem that allows virtual
machines to cause a denial of service of the host machine by executing mov
to/from DR instructions.
CVE-2010-3699
Keir Fraser provided a fix for an issue in the Xen subsystem. A guest can
cause a denial of service on the host by retaining a leaked reference to a
device. This can result in a zombie domain, xenwatch process hangs, and xm
command failures.
CVE-2010-4158
Dan Rosenberg discovered an issue in the socket filters subsystem, allowing
local unprivileged users to obtain the contents of sensitive kernel memory.
CVE-2010-4162
Dan Rosenberg discovered an overflow issue in the block I/O subsystem that
allows local users to map large numbers of pages, resulting in a denial of
service due to invocation of the out of memory killer.
CVE-2010-4163
Dan Rosenberg discovered an issue in the block I/O subsystem. Due to
improper validation of iov segments, local users can trigger a kernel panic
resulting in a denial of service.
CVE-2010-4242
Alan Cox reported an issue in the Bluetooth subsystem. Local users with
sufficient permission to access HCI UART devices can cause a denial of
service (NULL pointer dereference) due to a missing check for an existing
tty write operation.
CVE-2010-4243
Brad Spengler reported a denial-of-service issue in the kernel memory
accounting system. By passing large argv/envp values to exec, local users
can cause the out of memory killer to kill processes owned by other users.
CVE-2010-4248
Oleg Nesterov reported an issue in the POSIX CPU timers subsystem. Local
users can cause a denial of service (Oops) due to incorrect assumptions
about thread group leader behavior.
CVE-2010-4249
Vegard Nossum reported an issue with the UNIX socket garbage collector.
Local users can consume all of LOWMEM and decrease system performance by
overloading the system with inflight sockets.
CVE-2010-4258
Nelson Elhage reported an issue in Linux oops handling. Local users may be
able to obtain elevated privileges if they are able to trigger an oops with
a process' fs set to KERNEL_DS.
CVE-2010-4342
Nelson Elhage reported an issue in the econet protocol. Remote attackers can
cause a denial of service by sending an Acorn Universal Networking packet
over UDP.
CVE-2010-4346
Tavis Ormandy discovered an issue in the install_special_mapping routine
which allows local users to bypass the mmap_min_addr security restriction.
Combined with an otherwise low severity local denial of service
vulnerability (NULL pointer dereference), a local user could obtain elevated
privileges.
CVE-2010-4526
Eugene Teo reported a race condition in the Linux SCTP implementation.
Remote users can cause a denial of service (kernel memory corruption) by
transmitting an ICMP unreachable message to a locked socket.
CVE-2010-4527
Dan Rosenberg reported two issues in the OSS soundcard driver. Local users
with access to the device (members of group 'audio' on default Debian
installations) may contain access to sensitive kernel memory or cause a
buffer overflow, potentially leading to an escalation of privileges.
CVE-2010-4529
Dan Rosenberg reported an issue in the Linux kernel IrDA socket
implementation on non-x86 architectures. Local users may be able to gain
access to sensitive kernel memory via a specially crafted IRLMP_ENUMDEVICES
getsockopt call.
CVE-2010-4565
Dan Rosenberg reported an issue in the Linux CAN protocol implementation.
Local users can obtain the address of a kernel heap object which might help
facilitate system exploitation.
CVE-2010-4649
Dan Carpenter reported an issue in the uverb handling of the InfiniBand
subsystem. A potential buffer overflow may allow local users to cause a
denial of service (memory corruption) by passing in a large cmd.ne value.
CVE-2010-4656
Kees Cook reported an issue in the driver for I/O-Warrior USB devices.
Local users with access to these devices maybe able to overrun kernel
buffers, resulting in a denial of service or privilege escalation.
CVE-2010-4668
Dan Rosenberg reported an issue in the block subsystem. A local user can
cause a denial of service (kernel panic) by submitting certain 0-length I/O
requests.
CVE-2011-0521
Dan Carpenter reported an issue in the DVB driver for AV7110 cards. Local
users can pass a negative info->num value, corrupting kernel memory and
causing a denial of service.
For the stable distribution (lenny), this problem has been fixed in
version 2.6.26-26lenny2.
The following matrix lists additional source packages that were rebuilt for
compatibility with or to take advantage of this update:
Debian 5.0 (lenny)
user-mode-linux 2.6.26-1um-2+26lenny2
We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
Note that these updates will not become active until after your system is
rebooted.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
{"openvas": [{"lastseen": "2020-08-04T16:12:49", "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 2153-1.", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2153-1 (linux-2.6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2011-0521", "CVE-2010-4163", "CVE-2010-4529", "CVE-2010-4668", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4649", "CVE-2010-0435", "CVE-2010-4656", "CVE-2010-4158", "CVE-2010-4526", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-4248", "CVE-2010-4243", "CVE-2010-4249", "CVE-2010-4342", "CVE-2010-3699", "CVE-2010-4565"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231068992", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068992", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2153_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2153-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68992\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 16:04:02 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-3699\", \"CVE-2010-4158\", \"CVE-2010-4162\", \"CVE-2010-4163\", \"CVE-2010-4242\", \"CVE-2010-4243\", \"CVE-2010-4248\", \"CVE-2010-4249\", \"CVE-2010-4258\", \"CVE-2010-4342\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4527\", \"CVE-2010-4529\", \"CVE-2010-4565\", \"CVE-2010-4649\", \"CVE-2010-4656\", \"CVE-2010-4668\", \"CVE-2011-0521\");\n script_name(\"Debian Security Advisory DSA 2153-1 (linux-2.6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB5\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202153-1\");\n script_tag(name:\"insight\", value:\"CVE-2010-0435\nGleb Napatov reported an issue in the KVM subsystem that allows virtual\nmachines to cause a denial of service of the host machine.\n\nCVE-2010-3699\nKeir Fraser provided a fix for an issue in the Xen subsystem.\n\nCVE-2010-4158\nDan Rosenberg discovered an issue in the socket filters subsystem.\n\nCVE-2010-4162\nDan Rosenberg discovered an overflow issue in the block I/O subsystem.\n\nCVE-2010-4163\nDan Rosenberg discovered an issue in the block I/O subsystem.\n\nCVE-2010-4242\nAlan Cox reported an issue in the Bluetooth subsystem.\n\nCVE-2010-4243\nBrad Spengler reported a denial-of-service issue in the kernel memory\naccounting system.\n\nCVE-2010-4248\nOleg Nesterov reported an issue in the POSIX CPU timers subsystem.\n\nCVE-2010-4249\nVegard Nossum reported an issue with the UNIX socket garbage collector.\n\nCVE-2010-4258\nNelson Elhage reported an issue in Linux oops handling.\n\nCVE-2010-4342\nNelson Elhage reported an issue in the econet protocol.\n\nCVE-2010-4346\nTavis Ormandy discovered an issue in the install_special_mapping routine\nwhich allows local users to bypass the mmap_min_addr security restriction.\n\nCVE-2010-4526\nEugene Teo reported a race condition in the Linux SCTP implementation.\n\nCVE-2010-4527\nDan Rosenberg reported two issues in the OSS soundcard driver. Local users\nwith access to the device (members of group 'audio' on default Debian\ninstallations) may contain access to sensitive kernel memory or cause a\nbuffer overflow.\n\nCVE-2010-4529\nDan Rosenberg reported an issue in the Linux kernel IrDA socket\nimplementation on non-x86 architectures. Local users may be able to gain\naccess to sensitive kernel memory via a specially crafted IRLMP_ENUMDEVICES\ngetsockopt call.\n\nCVE-2010-4565\nDan Rosenberg reported an issue in the Linux CAN protocol implementation.\nLocal users can obtain the address of a kernel heap object which might help\nfacilitate system exploitation.\n\nCVE-2010-4649\nDan Carpenter reported an issue in the uverb handling of the InfiniBand\nsubsystem. A potential buffer overflow may allow local users to cause a\ndenial of service (memory corruption) by passing in a large cmd.ne value.\n\nCVE-2010-4656\nKees Cook reported an issue in the driver for I/O-Warrior USB devices.\nLocal users with access to these devices maybe able to overrun kernel\nbuffers, resulting in a denial of service or privilege escalation.\n\nCVE-2010-4668\nDan Rosenberg reported an issue in the block subsystem. A local user can\ncause a denial of service (kernel panic) by submitting certain 0-length I/O\nrequests.\n\nCVE-2011-0521\nDan Carpenter reported an issue in the DVB driver for AV7110 cards. Local\nusers can pass a negative info->num value, corrupting kernel memory and\ncausing a denial of service.\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2.6.26-26lenny2.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 2153-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"26\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-486\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-4kc-malta\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-5kc-malta\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-686\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-686-bigmem\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-all\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-all-alpha\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-all-amd64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-all-arm\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-all-armel\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-all-hppa\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-all-i386\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-all-ia64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-all-mips\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-all-mipsel\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-all-powerpc\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-all-s390\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-all-sparc\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-alpha-generic\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-alpha-legacy\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-alpha-smp\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-amd64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-common\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-common-openvz\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-common-vserver\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-common-xen\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-footbridge\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-iop32x\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-itanium\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-ixp4xx\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-mckinley\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-openvz-686\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-openvz-amd64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-orion5x\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-parisc\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-parisc-smp\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-parisc64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-parisc64-smp\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-powerpc\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-powerpc-smp\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-powerpc64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-r4k-ip22\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-r5k-cobalt\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-r5k-ip32\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-s390\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-s390x\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-sb1-bcm91250a\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-sb1a-bcm91480b\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-sparc64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-sparc64-smp\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-versatile\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-vserver-686\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-vserver-686-bigmem\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-vserver-amd64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-vserver-itanium\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-vserver-mckinley\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-vserver-powerpc\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-vserver-powerpc64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-vserver-s390x\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-vserver-sparc64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-xen-686\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-xen-amd64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2-s390-tape\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"26-2\", ver:\"2.6.26-26lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:23", "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 2153-1.", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2153-1 (linux-2.6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2011-0521", "CVE-2010-4163", "CVE-2010-4529", "CVE-2010-4668", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4649", "CVE-2010-0435", "CVE-2010-4656", "CVE-2010-4158", "CVE-2010-4526", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-4248", "CVE-2010-4243", "CVE-2010-4249", "CVE-2010-4342", "CVE-2010-3699", "CVE-2010-4565"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:68992", "href": "http://plugins.openvas.org/nasl.php?oid=68992", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2153_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2153-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"CVE-2010-0435\nGleb Napatov reported an issue in the KVM subsystem that allows virtual\nmachines to cause a denial of service of the host machine.\n\nCVE-2010-3699\nKeir Fraser provided a fix for an issue in the Xen subsystem.\n\nCVE-2010-4158\nDan Rosenberg discovered an issue in the socket filters subsystem.\n\nCVE-2010-4162\nDan Rosenberg discovered an overflow issue in the block I/O subsystem.\n\nCVE-2010-4163\nDan Rosenberg discovered an issue in the block I/O subsystem.\n\nCVE-2010-4242\nAlan Cox reported an issue in the Bluetooth subsystem.\n\nCVE-2010-4243\nBrad Spengler reported a denial-of-service issue in the kernel memory\naccounting system.\n\nCVE-2010-4248\nOleg Nesterov reported an issue in the POSIX CPU timers subsystem.\n\nCVE-2010-4249\nVegard Nossum reported an issue with the UNIX socket garbage collector.\n\nCVE-2010-4258\nNelson Elhage reported an issue in Linux oops handling.\n\nCVE-2010-4342\nNelson Elhage reported an issue in the econet protocol.\n\nCVE-2010-4346\nTavis Ormandy discovered an issue in the install_special_mapping routine\nwhich allows local users to bypass the mmap_min_addr security restriction.\n\nCVE-2010-4526\nEugene Teo reported a race condition in the Linux SCTP implementation.\n\nCVE-2010-4527\nDan Rosenberg reported two issues in the OSS soundcard driver. Local users\nwith access to the device (members of group 'audio' on default Debian\ninstallations) may contain access to sensitive kernel memory or cause a\nbuffer overflow.\n\nCVE-2010-4529\nDan Rosenberg reported an issue in the Linux kernel IrDA socket\nimplementation on non-x86 architectures. Local users may be able to gain\naccess to sensitive kernel memory via a specially crafted IRLMP_ENUMDEVICES\ngetsockopt call.\n\nCVE-2010-4565\nDan Rosenberg reported an issue in the Linux CAN protocol implementation.\nLocal users can obtain the address of a kernel heap object which might help\nfacilitate system exploitation.\n\nCVE-2010-4649\nDan Carpenter reported an issue in the uverb handling of the InfiniBand\nsubsystem. A potential buffer overflow may allow local users to cause a\ndenial of service (memory corruption) by passing in a large cmd.ne value.\n\nCVE-2010-4656\nKees Cook reported an issue in the driver for I/O-Warrior USB devices.\nLocal users with access to these devices maybe able to overrun kernel\nbuffers, resulting in a denial of service or privilege escalation.\n\nCVE-2010-4668\nDan Rosenberg reported an issue in the block subsystem. A local user can\ncause a denial of service (kernel panic) by submitting certain 0-length I/O\nrequests.\n\nCVE-2011-0521\nDan Carpenter reported an issue in the DVB driver for AV7110 cards. Local\nusers can pass a negative info->num value, corrupting kernel memory and\ncausing a denial of service.\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2.6.26-26lenny2.\";\ntag_summary = \"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 2153-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202153-1\";\n\n\nif(description)\n{\n script_id(68992);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 16:04:02 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-3699\", \"CVE-2010-4158\", \"CVE-2010-4162\", \"CVE-2010-4163\", \"CVE-2010-4242\", \"CVE-2010-4243\", \"CVE-2010-4248\", \"CVE-2010-4249\", \"CVE-2010-4258\", \"CVE-2010-4342\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4527\", \"CVE-2010-4529\", \"CVE-2010-4565\", \"CVE-2010-4649\", \"CVE-2010-4656\", \"CVE-2010-4668\", \"CVE-2011-0521\");\n script_name(\"Debian Security Advisory DSA 2153-1 (linux-2.6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"26\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-486\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-4kc-malta\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-5kc-malta\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-686\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-686-bigmem\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-all\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-all-alpha\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-all-amd64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-all-arm\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-all-armel\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-all-hppa\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-all-i386\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-all-ia64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-all-mips\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-all-mipsel\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-all-powerpc\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-all-s390\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-all-sparc\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-alpha-generic\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-alpha-legacy\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-alpha-smp\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-amd64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-common\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-common-openvz\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-common-vserver\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-common-xen\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-footbridge\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-iop32x\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-itanium\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-ixp4xx\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-mckinley\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-openvz-686\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-openvz-amd64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-orion5x\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-parisc\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-parisc-smp\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-parisc64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-parisc64-smp\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-powerpc\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-powerpc-smp\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-powerpc64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-r4k-ip22\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-r5k-cobalt\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-r5k-ip32\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-s390\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-s390x\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-sb1-bcm91250a\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-sb1a-bcm91480b\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-sparc64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-sparc64-smp\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-versatile\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-vserver-686\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-vserver-686-bigmem\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-vserver-amd64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-vserver-itanium\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-vserver-mckinley\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-vserver-powerpc\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-vserver-powerpc64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-vserver-s390x\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-vserver-sparc64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-xen-686\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-xen-amd64\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2-s390-tape\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"26-2\", ver:\"2.6.26-26lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:27:15", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1111-1", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-source-2.6.15 USN-1111-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1017", "CVE-2011-0521", "CVE-2010-4529", "CVE-2011-0695", "CVE-2010-4527", "CVE-2010-4258", "CVE-2010-4249", "CVE-2010-4342", "CVE-2010-4164"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840638", "href": "http://plugins.openvas.org/nasl.php?oid=840638", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1111_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux-source-2.6.15 USN-1111-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If\n a system was using X.25, a remote attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-4164)\n\n Vegard Nossum discovered that memory garbage collection was not handled\n correctly for active sockets. A local attacker could exploit this to\n allocate all available kernel memory, leading to a denial of service.\n (CVE-2010-4249)\n \n Nelson Elhage discovered that the kernel did not correctly handle process\n cleanup after triggering a recoverable kernel bug. If a local attacker were\n able to trigger certain kinds of kernel bugs, they could create a specially\n crafted process to gain root privileges. (CVE-2010-4258)\n \n Nelson Elhage discovered that Econet did not correctly handle AUN packets\n over UDP. A local attacker could send specially crafted traffic to crash\n the system, leading to a denial of service. (CVE-2010-4342)\n \n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit this crash the system\n or gain root privileges. (CVE-2010-4527)\n \n Dan Rosenberg discovered that IRDA did not correctly check the size of\n buffers. On non-x86 systems, a local attacker could exploit this to read\n kernel heap memory, leading to a loss of privacy. (CVE-2010-4529)\n \n Dan Carpenter discovered that the TTPCI DVB driver did not check certain\n values during an ioctl. If the dvb-ttpci module was loaded, a local\n attacker could exploit this to crash the system, leading to a denial of\n service, or possibly gain root privileges. (CVE-2011-0521)\n \n Jens Kuehnel discovered that the InfiniBand driver contained a race\n condition. On systems using InfiniBand, a local attacker could send\n specially crafted requests to crash the system, leading to a denial of\n service. (CVE-2011-0695)\n \n Timo Warns discovered that the LDM disk partition handling code did not\n correctly handle certain values. By inserting a specially crafted disk\n device, a local attacker could exploit this to gain root privileges.\n (CVE-2011-1017)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1111-1\";\ntag_affected = \"linux-source-2.6.15 on Ubuntu 6.06 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1111-1/\");\n script_id(840638);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1111-1\");\n script_cve_id(\"CVE-2010-4164\", \"CVE-2010-4249\", \"CVE-2010-4258\", \"CVE-2010-4342\", \"CVE-2010-4527\", \"CVE-2010-4529\", \"CVE-2011-0521\", \"CVE-2011-0695\", \"CVE-2011-1017\");\n script_name(\"Ubuntu Update for linux-source-2.6.15 USN-1111-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-386\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-686\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-amd64-generic\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-amd64-k8\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-amd64-server\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-amd64-xeon\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-hppa32\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-hppa32-smp\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-hppa64\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-hppa64-smp\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-itanium\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-itanium-smp\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-k7\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-mckinley\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-mckinley-smp\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-powerpc\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-powerpc-smp\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-powerpc64-smp\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-server\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-server-bigiron\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-sparc64\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-sparc64-smp\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:29", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1111-1", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-source-2.6.15 USN-1111-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1017", "CVE-2011-0521", "CVE-2010-4529", "CVE-2011-0695", "CVE-2010-4527", "CVE-2010-4258", "CVE-2010-4249", "CVE-2010-4342", "CVE-2010-4164"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840638", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840638", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1111_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-source-2.6.15 USN-1111-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1111-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840638\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1111-1\");\n script_cve_id(\"CVE-2010-4164\", \"CVE-2010-4249\", \"CVE-2010-4258\", \"CVE-2010-4342\", \"CVE-2010-4527\", \"CVE-2010-4529\", \"CVE-2011-0521\", \"CVE-2011-0695\", \"CVE-2011-1017\");\n script_name(\"Ubuntu Update for linux-source-2.6.15 USN-1111-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU6\\.06 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1111-1\");\n script_tag(name:\"affected\", value:\"linux-source-2.6.15 on Ubuntu 6.06 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If\n a system was using X.25, a remote attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-4164)\n\n Vegard Nossum discovered that memory garbage collection was not handled\n correctly for active sockets. A local attacker could exploit this to\n allocate all available kernel memory, leading to a denial of service.\n (CVE-2010-4249)\n\n Nelson Elhage discovered that the kernel did not correctly handle process\n cleanup after triggering a recoverable kernel bug. If a local attacker were\n able to trigger certain kinds of kernel bugs, they could create a specially\n crafted process to gain root privileges. (CVE-2010-4258)\n\n Nelson Elhage discovered that Econet did not correctly handle AUN packets\n over UDP. A local attacker could send specially crafted traffic to crash\n the system, leading to a denial of service. (CVE-2010-4342)\n\n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit this crash the system\n or gain root privileges. (CVE-2010-4527)\n\n Dan Rosenberg discovered that IRDA did not correctly check the size of\n buffers. On non-x86 systems, a local attacker could exploit this to read\n kernel heap memory, leading to a loss of privacy. (CVE-2010-4529)\n\n Dan Carpenter discovered that the TTPCI DVB driver did not check certain\n values during an ioctl. If the dvb-ttpci module was loaded, a local\n attacker could exploit this to crash the system, leading to a denial of\n service, or possibly gain root privileges. (CVE-2011-0521)\n\n Jens Kuehnel discovered that the InfiniBand driver contained a race\n condition. On systems using InfiniBand, a local attacker could send\n specially crafted requests to crash the system, leading to a denial of\n service. (CVE-2011-0695)\n\n Timo Warns discovered that the LDM disk partition handling code did not\n correctly handle certain values. By inserting a specially crafted disk\n device, a local attacker could exploit this to gain root privileges.\n (CVE-2011-1017)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-386\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-686\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-amd64-generic\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-amd64-k8\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-amd64-server\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-amd64-xeon\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-hppa32\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-hppa32-smp\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-hppa64\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-hppa64-smp\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-itanium\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-itanium-smp\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-k7\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-mckinley\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-mckinley-smp\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-powerpc\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-powerpc-smp\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-powerpc64-smp\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-server\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-server-bigiron\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-sparc64\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-sparc64-smp\", ver:\"2.6.15-57.97\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-08-13T20:26:54", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1133-1", "cvss3": {}, "published": "2011-06-03T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-1133-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4529", "CVE-2010-4527", "CVE-2011-0711", "CVE-2010-4342"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840663", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840663", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1133_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1133-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1133-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840663\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-03 09:20:26 +0200 (Fri, 03 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1133-1\");\n script_cve_id(\"CVE-2010-4342\", \"CVE-2010-4527\", \"CVE-2010-4529\", \"CVE-2011-0521\", \"CVE-2011-0711\");\n script_name(\"Ubuntu Update for linux USN-1133-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU8\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1133-1\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Nelson Elhage discovered that Econet did not correctly handle AUN packets\n over UDP. A local attacker could send specially crafted traffic to crash\n the system, leading to a denial of service. (CVE-2010-4342)\n\n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit this crash the system\n or gain root privileges. (CVE-2010-4527)\n\n Dan Rosenberg discovered that IRDA did not correctly check the size of\n buffers. On non-x86 systems, a local attacker could exploit this to read\n kernel heap memory, leading to a loss of privacy. (CVE-2010-4529)\n\n Dan Carpenter discovered that the TTPCI DVB driver did not check certain\n values during an ioctl. If the dvb-ttpci module was loaded, a local\n attacker could exploit this to crash the system, leading to a denial of\n service, or possibly gain root privileges. (CVE-2011-0521)\n\n Dan Rosenberg discovered that XFS did not correctly initialize memory. A\n local attacker could make crafted ioctl calls to leak portions of kernel\n stack memory, leading to a loss of privacy. (CVE-2011-0711)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-386\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-generic\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-hppa32\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-hppa64\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-itanium\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-lpia\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-lpiacompat\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-mckinley\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-openvz\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-powerpc\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-powerpc-smp\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-powerpc64-smp\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-rt\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-server\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-sparc64\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-sparc64-smp\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-virtual\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-xen\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:26:36", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1133-1", "cvss3": {}, "published": "2011-06-03T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-1133-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4529", "CVE-2010-4527", "CVE-2011-0711", "CVE-2010-4342"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840663", "href": "http://plugins.openvas.org/nasl.php?oid=840663", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1133_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux USN-1133-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Nelson Elhage discovered that Econet did not correctly handle AUN packets\n over UDP. A local attacker could send specially crafted traffic to crash\n the system, leading to a denial of service. (CVE-2010-4342)\n\n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit this crash the system\n or gain root privileges. (CVE-2010-4527)\n \n Dan Rosenberg discovered that IRDA did not correctly check the size of\n buffers. On non-x86 systems, a local attacker could exploit this to read\n kernel heap memory, leading to a loss of privacy. (CVE-2010-4529)\n \n Dan Carpenter discovered that the TTPCI DVB driver did not check certain\n values during an ioctl. If the dvb-ttpci module was loaded, a local\n attacker could exploit this to crash the system, leading to a denial of\n service, or possibly gain root privileges. (CVE-2011-0521)\n \n Dan Rosenberg discovered that XFS did not correctly initialize memory. A\n local attacker could make crafted ioctl calls to leak portions of kernel\n stack memory, leading to a loss of privacy. (CVE-2011-0711)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1133-1\";\ntag_affected = \"linux on Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1133-1/\");\n script_id(840663);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-03 09:20:26 +0200 (Fri, 03 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1133-1\");\n script_cve_id(\"CVE-2010-4342\", \"CVE-2010-4527\", \"CVE-2010-4529\", \"CVE-2011-0521\", \"CVE-2011-0711\");\n script_name(\"Ubuntu Update for linux USN-1133-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-386\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-generic\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-hppa32\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-hppa64\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-itanium\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-lpia\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-lpiacompat\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-mckinley\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-openvz\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-powerpc\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-powerpc-smp\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-powerpc64-smp\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-rt\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-server\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-sparc64\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-sparc64-smp\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-virtual\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-xen\", ver:\"2.6.24-29.89\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:40:02", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1105-1", "cvss3": {}, "published": "2011-04-11T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1105-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4346", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-4164", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-4076"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840632", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840632", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1105_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux vulnerabilities USN-1105-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1105-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840632\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-11 15:05:25 +0200 (Mon, 11 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1105-1\");\n script_cve_id(\"CVE-2010-4075\", \"CVE-2010-4076\", \"CVE-2010-4077\", \"CVE-2010-4158\", \"CVE-2010-4162\", \"CVE-2010-4163\", \"CVE-2010-4164\", \"CVE-2010-4242\", \"CVE-2010-4258\", \"CVE-2010-4346\");\n script_name(\"Ubuntu Update for linux vulnerabilities USN-1105-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU8\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1105-1\");\n script_tag(name:\"affected\", value:\"linux vulnerabilities on Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Dan Rosenberg discovered that multiple terminal ioctls did not correctly\n initialize structure memory. A local attacker could exploit this to read\n portions of kernel stack memory, leading to a loss of privacy.\n (CVE-2010-4075, CVE-2010-4076, CVE-2010-4077)\n\n Dan Rosenberg discovered that the socket filters did not correctly\n initialize structure memory. A local attacker could create malicious\n filters to read portions of kernel stack memory, leading to a loss of\n privacy. (CVE-2010-4158)\n\n Dan Rosenberg discovered that certain iovec operations did not calculate\n page counts correctly. A local attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-4162)\n\n Dan Rosenberg discovered that the SCSI subsystem did not correctly validate\n iov segments. A local attacker with access to a SCSI device could send\n specially crafted requests to crash the system, leading to a denial of\n service. (CVE-2010-4163)\n\n Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing.\n If a system was using X.25, a remote attacker could exploit this to\n crash the system, leading to a denial of service. (CVE-2010-4164)\n\n Alan Cox discovered that the HCI UART driver did not correctly check if a\n write operation was available. A local attacker could exploit this flaw to\n gain root privileges. (CVE-2010-4242)\n\n Nelson Elhage discovered that the kernel did not correctly handle process\n cleanup after triggering a recoverable kernel bug. If a local attacker\n were able to trigger certain kinds of kernel bugs, they could create a\n specially crafted process to gain root privileges. (CVE-2010-4258)\n\n Tavis Ormandy discovered that the install_special_mapping function could\n bypass the mmap_min_addr restriction. A local attacker could exploit this\n to mmap 4096 bytes below the mmap_min_addr area, possibly improving the\n chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29-386\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29-generic\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29-openvz\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29-rt\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29-server\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29-virtual\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29-xen\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-386\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-generic\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-openvz\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-rt\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-server\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-virtual\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-xen\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-29-386\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-29-generic\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-29-server\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-29-virtual\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.24\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.24\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-04T11:26:50", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1105-1", "cvss3": {}, "published": "2011-04-11T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1105-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4346", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-4164", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-4076"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840632", "href": "http://plugins.openvas.org/nasl.php?oid=840632", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1105_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux vulnerabilities USN-1105-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Dan Rosenberg discovered that multiple terminal ioctls did not correctly\n initialize structure memory. A local attacker could exploit this to read\n portions of kernel stack memory, leading to a loss of privacy.\n (CVE-2010-4075, CVE-2010-4076, CVE-2010-4077)\n\n Dan Rosenberg discovered that the socket filters did not correctly\n initialize structure memory. A local attacker could create malicious\n filters to read portions of kernel stack memory, leading to a loss of\n privacy. (CVE-2010-4158)\n \n Dan Rosenberg discovered that certain iovec operations did not calculate\n page counts correctly. A local attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-4162)\n \n Dan Rosenberg discovered that the SCSI subsystem did not correctly validate\n iov segments. A local attacker with access to a SCSI device could send\n specially crafted requests to crash the system, leading to a denial of\n service. (CVE-2010-4163)\n \n Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing.\n If a system was using X.25, a remote attacker could exploit this to\n crash the system, leading to a denial of service. (CVE-2010-4164)\n \n Alan Cox discovered that the HCI UART driver did not correctly check if a\n write operation was available. A local attacker could exploit this flaw to\n gain root privileges. (CVE-2010-4242)\n \n Nelson Elhage discovered that the kernel did not correctly handle process\n cleanup after triggering a recoverable kernel bug. If a local attacker\n were able to trigger certain kinds of kernel bugs, they could create a\n specially crafted process to gain root privileges. (CVE-2010-4258)\n \n Tavis Ormandy discovered that the install_special_mapping function could\n bypass the mmap_min_addr restriction. A local attacker could exploit this\n to mmap 4096 bytes below the mmap_min_addr area, possibly improving the\n chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1105-1\";\ntag_affected = \"linux vulnerabilities on Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1105-1/\");\n script_id(840632);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-11 15:05:25 +0200 (Mon, 11 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1105-1\");\n script_cve_id(\"CVE-2010-4075\", \"CVE-2010-4076\", \"CVE-2010-4077\", \"CVE-2010-4158\", \"CVE-2010-4162\", \"CVE-2010-4163\", \"CVE-2010-4164\", \"CVE-2010-4242\", \"CVE-2010-4258\", \"CVE-2010-4346\");\n script_name(\"Ubuntu Update for linux vulnerabilities USN-1105-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29-386\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29-generic\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29-openvz\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29-rt\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29-server\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29-virtual\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29-xen\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-386\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-generic\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-openvz\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-rt\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-server\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-virtual\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-29-xen\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-29-386\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-29-generic\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-29-server\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-29-virtual\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.24\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-29\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.24\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-29-386-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-29-generic-di\", ver:\"2.6.24-29.88\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:40:03", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1092-1", "cvss3": {}, "published": "2011-04-01T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4077", "CVE-2010-4076"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840618", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840618", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1092_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1092-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840618\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1092-1\");\n script_cve_id(\"CVE-2010-4076\", \"CVE-2010-4077\", \"CVE-2010-4158\", \"CVE-2010-4162\", \"CVE-2010-4163\", \"CVE-2010-4242\");\n script_name(\"Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU6\\.06 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1092-1\");\n script_tag(name:\"affected\", value:\"linux-source-2.6.15 vulnerabilities on Ubuntu 6.06 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Dan Rosenberg discovered that multiple terminal ioctls did not correctly\n initialize structure memory. A local attacker could exploit this to read\n portions of kernel stack memory, leading to a loss of privacy.\n (CVE-2010-4076, CVE-2010-4077)\n\n Dan Rosenberg discovered that the socket filters did not correctly\n initialize structure memory. A local attacker could create malicious\n filters to read portions of kernel stack memory, leading to a loss of\n privacy. (CVE-2010-4158)\n\n Dan Rosenberg discovered that certain iovec operations did not calculate\n page counts correctly. A local attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-4162)\n\n Dan Rosenberg discovered that the SCSI subsystem did not correctly validate\n iov segments. A local attacker with access to a SCSI device could send\n specially crafted requests to crash the system, leading to a denial of\n service. (CVE-2010-4163)\n\n Alan Cox discovered that the HCI UART driver did not correctly check if a\n write operation was available. A local attacker could exploit this\n flaw to gain root privileges. (CVE-2010-4242)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-57-386\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-57-686\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-57-k7\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-57-server-bigiron\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-57-server\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-57\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-386\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-686\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-k7\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-server-bigiron\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-server\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.15\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.15\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-core-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crc-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext2-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext3-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"jfs-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"loop-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-firmware-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ntfs-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"reiserfs-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-core-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ufs-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-storage-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xfs-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-04T11:27:32", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1092-1", "cvss3": {}, "published": "2011-04-01T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4077", "CVE-2010-4076"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840618", "href": "http://plugins.openvas.org/nasl.php?oid=840618", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1092_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Dan Rosenberg discovered that multiple terminal ioctls did not correctly\n initialize structure memory. A local attacker could exploit this to read\n portions of kernel stack memory, leading to a loss of privacy.\n (CVE-2010-4076, CVE-2010-4077)\n\n Dan Rosenberg discovered that the socket filters did not correctly\n initialize structure memory. A local attacker could create malicious\n filters to read portions of kernel stack memory, leading to a loss of\n privacy. (CVE-2010-4158)\n \n Dan Rosenberg discovered that certain iovec operations did not calculate\n page counts correctly. A local attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-4162)\n \n Dan Rosenberg discovered that the SCSI subsystem did not correctly validate\n iov segments. A local attacker with access to a SCSI device could send\n specially crafted requests to crash the system, leading to a denial of\n service. (CVE-2010-4163)\n \n Alan Cox discovered that the HCI UART driver did not correctly check if a\n write operation was available. A local attacker could exploit this\n flaw to gain root privileges. (CVE-2010-4242)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1092-1\";\ntag_affected = \"linux-source-2.6.15 vulnerabilities on Ubuntu 6.06 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1092-1/\");\n script_id(840618);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-01 15:34:04 +0200 (Fri, 01 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1092-1\");\n script_cve_id(\"CVE-2010-4076\", \"CVE-2010-4077\", \"CVE-2010-4158\", \"CVE-2010-4162\", \"CVE-2010-4163\", \"CVE-2010-4242\");\n script_name(\"Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-57-386\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-57-686\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-57-k7\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-57-server-bigiron\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-57-server\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-57\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-386\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-686\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-k7\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-server-bigiron\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-57-server\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.15\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.15\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-core-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crc-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext2-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext3-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"jfs-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"loop-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-firmware-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ntfs-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"reiserfs-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-core-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ufs-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-storage-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xfs-modules-2.6.15-57-386-di\", ver:\"2.6.15-57.94\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:33", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1089-1", "cvss3": {}, "published": "2011-03-24T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4175", "CVE-2010-4077", "CVE-2010-4076"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840614", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840614", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1089_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1089-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840614\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1089-1\");\n script_cve_id(\"CVE-2010-4076\", \"CVE-2010-4077\", \"CVE-2010-4158\", \"CVE-2010-4162\", \"CVE-2010-4163\", \"CVE-2010-4175\", \"CVE-2010-4242\");\n script_name(\"Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU9\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1089-1\");\n script_tag(name:\"affected\", value:\"linux, linux-ec2 vulnerabilities on Ubuntu 9.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Dan Rosenberg discovered that multiple terminal ioctls did not correctly\n initialize structure memory. A local attacker could exploit this to read\n portions of kernel stack memory, leading to a loss of privacy.\n (CVE-2010-4076, CVE-2010-4077)\n\n Dan Rosenberg discovered that the socket filters did not correctly\n initialize structure memory. A local attacker could create malicious\n filters to read portions of kernel stack memory, leading to a loss of\n privacy. (CVE-2010-4158)\n\n Dan Rosenberg discovered that certain iovec operations did not calculate\n page counts correctly. A local attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-4162)\n\n Dan Rosenberg discovered that the SCSI subsystem did not correctly validate\n iov segments. A local attacker with access to a SCSI device could send\n specially crafted requests to crash the system, leading to a denial of\n service. (CVE-2010-4163)\n\n Dan Rosenberg discovered that the RDS protocol did not correctly check\n ioctl arguments. A local attacker could exploit this to crash the system,\n leading to a denial of service. (CVE-2010-4175)\n\n Alan Cox discovered that the HCI UART driver did not correctly check if\n a write operation was available. If the mmap_min-addr sysctl was changed\n from the Ubuntu default to a value of 0, a local attacker could exploit\n this flaw to gain root privileges. (CVE-2010-4242)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-308-ec2\", ver:\"2.6.31-308.28\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-308-ec2\", ver:\"2.6.31-308.28\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-23-386\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-23-generic-pae\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-23-generic\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-23-386\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-23-generic-pae\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-23-generic\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-23-virtual\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.31-308.28\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.31\", ver:\"2.6.31-308.28\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-308\", ver:\"2.6.31-308.28\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-23\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.31\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-04T11:27:03", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1089-1", "cvss3": {}, "published": "2011-03-24T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4175", "CVE-2010-4077", "CVE-2010-4076"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840614", "href": "http://plugins.openvas.org/nasl.php?oid=840614", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1089_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Dan Rosenberg discovered that multiple terminal ioctls did not correctly\n initialize structure memory. A local attacker could exploit this to read\n portions of kernel stack memory, leading to a loss of privacy.\n (CVE-2010-4076, CVE-2010-4077)\n\n Dan Rosenberg discovered that the socket filters did not correctly\n initialize structure memory. A local attacker could create malicious\n filters to read portions of kernel stack memory, leading to a loss of\n privacy. (CVE-2010-4158)\n \n Dan Rosenberg discovered that certain iovec operations did not calculate\n page counts correctly. A local attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-4162)\n \n Dan Rosenberg discovered that the SCSI subsystem did not correctly validate\n iov segments. A local attacker with access to a SCSI device could send\n specially crafted requests to crash the system, leading to a denial of\n service. (CVE-2010-4163)\n \n Dan Rosenberg discovered that the RDS protocol did not correctly check\n ioctl arguments. A local attacker could exploit this to crash the system,\n leading to a denial of service. (CVE-2010-4175)\n \n Alan Cox discovered that the HCI UART driver did not correctly check if\n a write operation was available. If the mmap_min-addr sysctl was changed\n from the Ubuntu default to a value of 0, a local attacker could exploit\n this flaw to gain root privileges. (CVE-2010-4242)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1089-1\";\ntag_affected = \"linux, linux-ec2 vulnerabilities on Ubuntu 9.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1089-1/\");\n script_id(840614);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-24 14:29:52 +0100 (Thu, 24 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1089-1\");\n script_cve_id(\"CVE-2010-4076\", \"CVE-2010-4077\", \"CVE-2010-4158\", \"CVE-2010-4162\", \"CVE-2010-4163\", \"CVE-2010-4175\", \"CVE-2010-4242\");\n script_name(\"Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-308-ec2\", ver:\"2.6.31-308.28\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-308-ec2\", ver:\"2.6.31-308.28\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-23-386\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-23-generic-pae\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-23-generic\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-23-386\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-23-generic-pae\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-23-generic\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-23-virtual\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.31-308.28\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.31\", ver:\"2.6.31-308.28\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-308\", ver:\"2.6.31-308.28\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-23\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.31\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.31-23-generic-di\", ver:\"2.6.31-23.74\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:45", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1080-1", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1080-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3865", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4649", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-4526", "CVE-2011-1044", "CVE-2010-4248", "CVE-2010-3880"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840600", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840600", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1080_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux vulnerabilities USN-1080-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1080-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840600\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1080-1\");\n script_cve_id(\"CVE-2010-3865\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4248\", \"CVE-2010-4343\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4527\", \"CVE-2010-4649\", \"CVE-2011-1044\");\n script_name(\"Ubuntu Update for linux vulnerabilities USN-1080-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1080-1\");\n script_tag(name:\"affected\", value:\"linux vulnerabilities on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Thomas Pollet discovered that the RDS network protocol did not check\n certain iovec buffers. A local attacker could exploit this to crash the\n system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n\n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n\n It was discovered that multithreaded exec did not handle CPU timers\n correctly. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-4248)\n\n Krishna Gudipati discovered that the bfa adapter driver did not correctly\n initialize certain structures. A local attacker could read files in /sys to\n crash the system, leading to a denial of service. (CVE-2010-4343)\n\n Tavis Ormandy discovered that the install_special_mapping function could\n bypass the mmap_min_addr restriction. A local attacker could exploit this\n to mmap 4096 bytes below the mmap_min_addr area, possibly improving the\n chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n\n It was discovered that the ICMP stack did not correctly handle certain\n unreachable messages. If a remote attacker were able to acquire a socket\n lock, they could send specially crafted traffic that would crash the\n system, leading to a denial of service. (CVE-2010-4526)\n\n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit this crash the system\n or gain root privileges. (CVE-2010-4527)\n\n Dan Carpenter discovered that the Infiniband driver did not correctly\n handle certain requests. A local user could exploit this to crash the\n system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29-386\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29-generic-pae\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29-generic\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-386\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-generic-pae\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-generic\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-virtual\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-2.6.32-29\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.32\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-common\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:53", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1080-2", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3865", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4649", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-4526", "CVE-2011-1044", "CVE-2010-4248", "CVE-2010-3880"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840601", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840601", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1080_2.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1080-2/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840601\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1080-2\");\n script_cve_id(\"CVE-2010-3865\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4248\", \"CVE-2010-4343\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4527\", \"CVE-2010-4649\", \"CVE-2011-1044\");\n script_name(\"Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1080-2\");\n script_tag(name:\"affected\", value:\"linux-ec2 vulnerabilities on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"USN-1080-1 fixed vulnerabilities in the Linux kernel. This update provides\n the corresponding updates for the Linux kernel for use with EC2.\n\n Original advisory details:\n\n Thomas Pollet discovered that the RDS network protocol did not check\n certain iovec buffers. A local attacker could exploit this to crash the\n system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n\n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n\n It was discovered that multithreaded exec did not handle CPU timers\n correctly. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-4248)\n\n Krishna Gudipati discovered that the bfa adapter driver did not correctly\n initialize certain structures. A local attacker could read files in /sys to\n crash the system, leading to a denial of service. (CVE-2010-4343)\n\n Tavis Ormandy discovered that the install_special_mapping function could\n bypass the mmap_min_addr restriction. A local attacker could exploit this\n to mmap 4096 bytes below the mmap_min_addr area, possibly improving the\n chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n\n It was discovered that the ICMP stack did not correctly handle certain\n unreachable messages. If a remote attacker were able to acquire a socket\n lock, they could send specially crafted traffic that would crash the\n system, leading to a denial of service. (CVE-2010-4526)\n\n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit this crash the system\n or gain root privileges. (CVE-2010-4527)\n\n Dan Carpenter discovered that the Infiniband driver did not correctly\n handle certain requests. A local user could exploit this to crash the\n system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-313-ec2\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-313-ec2\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.32\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-313\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:26:52", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1080-1", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1080-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3865", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4649", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-4526", "CVE-2011-1044", "CVE-2010-4248", "CVE-2010-3880"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840600", "href": "http://plugins.openvas.org/nasl.php?oid=840600", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1080_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux vulnerabilities USN-1080-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Thomas Pollet discovered that the RDS network protocol did not check\n certain iovec buffers. A local attacker could exploit this to crash the\n system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n \n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n \n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n \n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n \n It was discovered that multithreaded exec did not handle CPU timers\n correctly. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-4248)\n \n Krishna Gudipati discovered that the bfa adapter driver did not correctly\n initialize certain structures. A local attacker could read files in /sys to\n crash the system, leading to a denial of service. (CVE-2010-4343)\n \n Tavis Ormandy discovered that the install_special_mapping function could\n bypass the mmap_min_addr restriction. A local attacker could exploit this\n to mmap 4096 bytes below the mmap_min_addr area, possibly improving the\n chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n \n It was discovered that the ICMP stack did not correctly handle certain\n unreachable messages. If a remote attacker were able to acquire a socket\n lock, they could send specially crafted traffic that would crash the\n system, leading to a denial of service. (CVE-2010-4526)\n \n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit this crash the system\n or gain root privileges. (CVE-2010-4527)\n \n Dan Carpenter discovered that the Infiniband driver did not correctly\n handle certain requests. A local user could exploit this to crash the\n system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1080-1\";\ntag_affected = \"linux vulnerabilities on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1080-1/\");\n script_id(840600);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1080-1\");\n script_cve_id(\"CVE-2010-3865\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4248\", \"CVE-2010-4343\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4527\", \"CVE-2010-4649\", \"CVE-2011-1044\");\n script_name(\"Ubuntu Update for linux vulnerabilities USN-1080-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29-386\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29-generic-pae\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29-generic\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-386\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-generic-pae\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-generic\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-virtual\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-2.6.32-29\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.32\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-common\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:27:25", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1080-2", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3865", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4649", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-4526", "CVE-2011-1044", "CVE-2010-4248", "CVE-2010-3880"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840601", "href": "http://plugins.openvas.org/nasl.php?oid=840601", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1080_2.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-1080-1 fixed vulnerabilities in the Linux kernel. This update provides\n the corresponding updates for the Linux kernel for use with EC2.\n\n Original advisory details:\n \n Thomas Pollet discovered that the RDS network protocol did not check\n certain iovec buffers. A local attacker could exploit this to crash the\n system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n \n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n \n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n \n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n \n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n \n It was discovered that multithreaded exec did not handle CPU timers\n correctly. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-4248)\n \n Krishna Gudipati discovered that the bfa adapter driver did not correctly\n initialize certain structures. A local attacker could read files in /sys to\n crash the system, leading to a denial of service. (CVE-2010-4343)\n \n Tavis Ormandy discovered that the install_special_mapping function could\n bypass the mmap_min_addr restriction. A local attacker could exploit this\n to mmap 4096 bytes below the mmap_min_addr area, possibly improving the\n chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n \n It was discovered that the ICMP stack did not correctly handle certain\n unreachable messages. If a remote attacker were able to acquire a socket\n lock, they could send specially crafted traffic that would crash the\n system, leading to a denial of service. (CVE-2010-4526)\n \n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit this crash the system\n or gain root privileges. (CVE-2010-4527)\n \n Dan Carpenter discovered that the Infiniband driver did not correctly\n handle certain requests. A local user could exploit this to crash the\n system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1080-2\";\ntag_affected = \"linux-ec2 vulnerabilities on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1080-2/\");\n script_id(840601);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1080-2\");\n script_cve_id(\"CVE-2010-3865\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4248\", \"CVE-2010-4343\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4527\", \"CVE-2010-4649\", \"CVE-2011-1044\");\n script_name(\"Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-313-ec2\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-313-ec2\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.32\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-313\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-08-13T20:25:45", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-02-18T00:00:00", "type": "openvas", "title": "RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4527", "CVE-2010-4655"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870396", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870396", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-February/msg00021.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870396\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-18 15:15:05 +0100 (Fri, 18 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0263-01\");\n script_cve_id(\"CVE-2010-4527\", \"CVE-2010-4655\", \"CVE-2011-0521\");\n script_name(\"RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Red Hat Enterprise Linux 4.9 kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_4\");\n script_tag(name:\"affected\", value:\"Red Hat Enterprise Linux 4.9 kernel on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A buffer overflow flaw was found in the load_mixer_volumes() function in\n the Linux kernel's Open Sound System (OSS) sound driver. On 64-bit PowerPC\n systems, a local, unprivileged user could use this flaw to cause a denial\n of service or escalate their privileges. (CVE-2010-4527, Important)\n\n * A missing boundary check was found in the dvb_ca_ioctl() function in the\n Linux kernel's av7110 module. On systems that use old DVB cards that\n require the av7110 module, a local, unprivileged user could use this flaw\n to cause a denial of service or escalate their privileges. (CVE-2011-0521,\n Important)\n\n * A missing initialization flaw was found in the ethtool_get_regs()\n function in the Linux kernel's ethtool IOCTL handler. A local user who has\n the CAP_NET_ADMIN capability could use this flaw to cause an information\n leak. (CVE-2010-4655, Low)\n\n Red Hat would like to thank Dan Rosenberg for reporting CVE-2010-4527, and\n Kees Cook for reporting CVE-2010-4655.\n\n These updated kernel packages also fix hundreds of bugs and add numerous\n enhancements. For details on individual bug fixes and enhancements included\n in this update, refer to the Red Hat Enterprise Linux 4.9 Release Notes,\n linked to in the References section.\n\n Users should upgrade to these updated packages, which contain backported\n patches to correct these issues and add these enhancements. The system must\n be rebooted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-27T10:55:30", "description": "Check for the Version of Red Hat Enterprise Linux 4.9 kernel", "cvss3": {}, "published": "2011-02-18T00:00:00", "type": "openvas", "title": "RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4527", "CVE-2010-4655"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870396", "href": "http://plugins.openvas.org/nasl.php?oid=870396", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n \n * A buffer overflow flaw was found in the load_mixer_volumes() function in\n the Linux kernel's Open Sound System (OSS) sound driver. On 64-bit PowerPC\n systems, a local, unprivileged user could use this flaw to cause a denial\n of service or escalate their privileges. (CVE-2010-4527, Important)\n \n * A missing boundary check was found in the dvb_ca_ioctl() function in the\n Linux kernel's av7110 module. On systems that use old DVB cards that\n require the av7110 module, a local, unprivileged user could use this flaw\n to cause a denial of service or escalate their privileges. (CVE-2011-0521,\n Important)\n \n * A missing initialization flaw was found in the ethtool_get_regs()\n function in the Linux kernel's ethtool IOCTL handler. A local user who has\n the CAP_NET_ADMIN capability could use this flaw to cause an information\n leak. (CVE-2010-4655, Low)\n \n Red Hat would like to thank Dan Rosenberg for reporting CVE-2010-4527, and\n Kees Cook for reporting CVE-2010-4655.\n \n These updated kernel packages also fix hundreds of bugs and add numerous\n enhancements. For details on individual bug fixes and enhancements included\n in this update, refer to the Red Hat Enterprise Linux 4.9 Release Notes,\n linked to in the References section.\n \n Users should upgrade to these updated packages, which contain backported\n patches to correct these issues and add these enhancements. The system must\n be rebooted for this update to take effect.\";\n\ntag_affected = \"Red Hat Enterprise Linux 4.9 kernel on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-February/msg00021.html\");\n script_id(870396);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-18 15:15:05 +0100 (Fri, 18 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0263-01\");\n script_cve_id(\"CVE-2010-4527\", \"CVE-2010-4655\", \"CVE-2011-0521\");\n script_name(\"RedHat Update for Red Hat Enterprise Linux 4.9 kernel RHSA-2011:0263-01\");\n\n script_summary(\"Check for the Version of Red Hat Enterprise Linux 4.9 kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~100.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:30", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1081-1", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1081-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3865", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4083", "CVE-2010-4649", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3698", "CVE-2011-1044", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-4342"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840599", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840599", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1081_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux vulnerabilities USN-1081-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1081-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840599\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1081-1\");\n script_cve_id(\"CVE-2010-3698\", \"CVE-2010-3865\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4079\", \"CVE-2010-4083\", \"CVE-2010-4248\", \"CVE-2010-4342\", \"CVE-2010-4346\", \"CVE-2010-4527\", \"CVE-2010-4649\", \"CVE-2011-1044\");\n script_name(\"Ubuntu Update for linux vulnerabilities USN-1081-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1081-1\");\n script_tag(name:\"affected\", value:\"linux vulnerabilities on Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that KVM did not correctly initialize certain CPU\n registers. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-3698)\n\n Thomas Pollet discovered that the RDS network protocol did not check\n certain iovec buffers. A local attacker could exploit this to crash the\n system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n\n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n\n Dan Rosenberg discovered that the ivtv V4L driver did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n\n Dan Rosenberg discovered that the semctl syscall did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4083)\n\n It was discovered that multithreaded exec did not handle CPU timers\n correctly. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-4248)\n\n Nelson Elhage discovered that Econet did not correctly handle AUN packets\n over UDP. A local attacker could send specially crafted traffic to crash\n the system, leading to a denial of service. (CVE-2010-4342)\n\n Tavis Ormandy discovered that the install_special_mapping function could\n bypass the mmap_min_addr restriction. A local attacker could exploit this\n to mmap 4096 bytes below the mmap_min_addr area, possibly improving the\n chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n\n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit t ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27-generic-pae\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27-generic\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27-virtual\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-27-generic-pae\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-27-generic\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-27-virtual\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.35-1027.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-2.6.35-27\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.35\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-common\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:27:19", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1081-1", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1081-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3865", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4083", "CVE-2010-4649", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3698", "CVE-2011-1044", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-4342"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840599", "href": "http://plugins.openvas.org/nasl.php?oid=840599", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1081_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux vulnerabilities USN-1081-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that KVM did not correctly initialize certain CPU\n registers. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-3698)\n\n Thomas Pollet discovered that the RDS network protocol did not check\n certain iovec buffers. A local attacker could exploit this to crash the\n system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n \n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n \n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n \n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n \n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n \n Dan Rosenberg discovered that the ivtv V4L driver did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n \n Dan Rosenberg discovered that the semctl syscall did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4083)\n \n It was discovered that multithreaded exec did not handle CPU timers\n correctly. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-4248)\n \n Nelson Elhage discovered that Econet did not correctly handle AUN packets\n over UDP. A local attacker could send specially crafted traffic to crash\n the system, leading to a denial of service. (CVE-2010-4342)\n \n Tavis Ormandy discovered that the install_special_mapping function could\n bypass the mmap_min_addr restriction. A local attacker could exploit this\n to mmap 4096 bytes below the mmap_min_addr area, possibly improving the\n chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n \n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit t ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1081-1\";\ntag_affected = \"linux vulnerabilities on Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1081-1/\");\n script_id(840599);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1081-1\");\n script_cve_id(\"CVE-2010-3698\", \"CVE-2010-3865\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4079\", \"CVE-2010-4083\", \"CVE-2010-4248\", \"CVE-2010-4342\", \"CVE-2010-4346\", \"CVE-2010-4527\", \"CVE-2010-4649\", \"CVE-2011-1044\");\n script_name(\"Ubuntu Update for linux vulnerabilities USN-1081-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27-generic-pae\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27-generic\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27-virtual\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-27-generic-pae\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-27-generic\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-27-virtual\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.35-1027.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-2.6.35-27\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.35\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-common\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-08-04T16:09:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-06T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2011:0421-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4346", "CVE-2011-0695", "CVE-2011-1478", "CVE-2010-4656", "CVE-2010-3296", "CVE-2010-4526", "CVE-2011-0710", "CVE-2010-4648", "CVE-2011-0716", "CVE-2010-4655"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870731", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870731", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2011:0421-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-April/msg00007.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870731\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-06 10:56:40 +0530 (Wed, 06 Jun 2012)\");\n script_cve_id(\"CVE-2010-3296\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4648\",\n \"CVE-2010-4655\", \"CVE-2010-4656\", \"CVE-2011-0521\", \"CVE-2011-0695\",\n \"CVE-2011-0710\", \"CVE-2011-0716\", \"CVE-2011-1478\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0421-01\");\n script_name(\"RedHat Update for kernel RHSA-2011:0421-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A flaw was found in the sctp_icmp_proto_unreachable() function in the\n Linux kernel's Stream Control Transmission Protocol (SCTP) implementation.\n A remote attacker could use this flaw to cause a denial of service.\n (CVE-2010-4526, Important)\n\n * A missing boundary check was found in the dvb_ca_ioctl() function in the\n Linux kernel's av7110 module. On systems that use old DVB cards that\n require the av7110 module, a local, unprivileged user could use this flaw\n to cause a denial of service or escalate their privileges. (CVE-2011-0521,\n Important)\n\n * A race condition was found in the way the Linux kernel's InfiniBand\n implementation set up new connections. This could allow a remote user to\n cause a denial of service. (CVE-2011-0695, Important)\n\n * A heap overflow flaw in the iowarrior_write() function could allow a\n user with access to an IO-Warrior USB device, that supports more than 8\n bytes per report, to cause a denial of service or escalate their\n privileges. (CVE-2010-4656, Moderate)\n\n * A flaw was found in the way the Linux Ethernet bridge implementation\n handled certain IGMP (Internet Group Management Protocol) packets. A local,\n unprivileged user on a system that has a network interface in an Ethernet\n bridge could use this flaw to crash that system. (CVE-2011-0716, Moderate)\n\n * A NULL pointer dereference flaw was found in the Generic Receive Offload\n (GRO) functionality in the Linux kernel's networking implementation. If\n both GRO and promiscuous mode were enabled on an interface in a virtual LAN\n (VLAN), it could result in a denial of service when a malformed VLAN frame\n is received on that interface. (CVE-2011-1478, Moderate)\n\n * A missing initialization flaw in the Linux kernel could lead to an\n information leak. (CVE-2010-3296, Low)\n\n * A missing security check in the Linux kernel's implementation of the\n install_special_mapping() function could allow a local, unprivileged user\n to bypass the mmap_min_addr protection mechanism. (CVE-2010-4346, Low)\n\n * A logic error in the orinoco_ioctl_set_auth() function in the Linux\n kernel's ORiNOCO wireless extensions support implementation could render\n TKIP countermeasures ineffective when it is enabled, as it enabled the card\n instead of shutting it down. (CVE-2010-4648, Low)\n\n * A missing initialization flaw was found in th ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:57:14", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2012-06-06T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2011:0421-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4346", "CVE-2011-0695", "CVE-2011-1478", "CVE-2010-4656", "CVE-2010-3296", "CVE-2010-4526", "CVE-2011-0710", "CVE-2010-4648", "CVE-2011-0716", "CVE-2010-4655"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:870731", "href": "http://plugins.openvas.org/nasl.php?oid=870731", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2011:0421-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A flaw was found in the sctp_icmp_proto_unreachable() function in the\n Linux kernel's Stream Control Transmission Protocol (SCTP) implementation.\n A remote attacker could use this flaw to cause a denial of service.\n (CVE-2010-4526, Important)\n\n * A missing boundary check was found in the dvb_ca_ioctl() function in the\n Linux kernel's av7110 module. On systems that use old DVB cards that\n require the av7110 module, a local, unprivileged user could use this flaw\n to cause a denial of service or escalate their privileges. (CVE-2011-0521,\n Important)\n\n * A race condition was found in the way the Linux kernel's InfiniBand\n implementation set up new connections. This could allow a remote user to\n cause a denial of service. (CVE-2011-0695, Important)\n\n * A heap overflow flaw in the iowarrior_write() function could allow a\n user with access to an IO-Warrior USB device, that supports more than 8\n bytes per report, to cause a denial of service or escalate their\n privileges. (CVE-2010-4656, Moderate)\n\n * A flaw was found in the way the Linux Ethernet bridge implementation\n handled certain IGMP (Internet Group Management Protocol) packets. A local,\n unprivileged user on a system that has a network interface in an Ethernet\n bridge could use this flaw to crash that system. (CVE-2011-0716, Moderate)\n\n * A NULL pointer dereference flaw was found in the Generic Receive Offload\n (GRO) functionality in the Linux kernel's networking implementation. If\n both GRO and promiscuous mode were enabled on an interface in a virtual LAN\n (VLAN), it could result in a denial of service when a malformed VLAN frame\n is received on that interface. (CVE-2011-1478, Moderate)\n\n * A missing initialization flaw in the Linux kernel could lead to an\n information leak. (CVE-2010-3296, Low)\n\n * A missing security check in the Linux kernel's implementation of the\n install_special_mapping() function could allow a local, unprivileged user\n to bypass the mmap_min_addr protection mechanism. (CVE-2010-4346, Low)\n\n * A logic error in the orinoco_ioctl_set_auth() function in the Linux\n kernel's ORiNOCO wireless extensions support implementation could render\n TKIP countermeasures ineffective when it is enabled, as it enabled the card\n instead of shutting it down. (CVE-2010-4648, Low)\n\n * A missing initialization flaw was found in th ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-April/msg00007.html\");\n script_id(870731);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-06 10:56:40 +0530 (Wed, 06 Jun 2012)\");\n script_cve_id(\"CVE-2010-3296\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4648\",\n \"CVE-2010-4655\", \"CVE-2010-4656\", \"CVE-2011-0521\", \"CVE-2011-0695\",\n \"CVE-2011-0710\", \"CVE-2011-0716\", \"CVE-2011-1478\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0421-01\");\n script_name(\"RedHat Update for kernel RHSA-2011:0421-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~71.24.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2020-08-04T16:01:30", "description": "Oracle Linux Local Security Checks ELSA-2011-0421", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0421", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4346", "CVE-2011-0695", "CVE-2011-1478", "CVE-2010-4656", "CVE-2010-3296", "CVE-2010-4526", "CVE-2011-0710", "CVE-2010-4648", "CVE-2011-0716", "CVE-2010-4655"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122198", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122198", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0421.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122198\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:14:41 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0421\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0421 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0421\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0421.html\");\n script_cve_id(\"CVE-2010-3296\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4648\", \"CVE-2010-4655\", \"CVE-2010-4656\", \"CVE-2011-0521\", \"CVE-2011-0695\", \"CVE-2011-0710\", \"CVE-2011-0716\", \"CVE-2011-1478\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~71.24.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~71.24.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~71.24.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~71.24.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~71.24.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~71.24.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~71.24.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~71.24.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:45", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-02-11T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-1138", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4163", "CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4165", "CVE-2010-4072", "CVE-2010-4346", "CVE-2010-4649", "CVE-2010-2963", "CVE-2011-0006", "CVE-2010-3698", "CVE-2010-4648", "CVE-2010-3880", "CVE-2010-2962"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862842", "href": "http://plugins.openvas.org/nasl.php?oid=862842", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-1138\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053901.html\");\n script_id(862842);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-11 13:26:17 +0100 (Fri, 11 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1138\");\n script_cve_id(\"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\", \"CVE-2010-4165\", \"CVE-2011-0521\", \"CVE-2010-4346\", \"CVE-2010-4649\", \"CVE-2011-0006\", \"CVE-2010-4648\", \"CVE-2010-4163\");\n script_name(\"Fedora Update for kernel FEDORA-2011-1138\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.11~83.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-02-11T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-1138", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4163", "CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4165", "CVE-2010-4072", "CVE-2010-4346", "CVE-2010-4649", "CVE-2010-2963", "CVE-2011-0006", "CVE-2010-3698", "CVE-2010-4648", "CVE-2010-3880", "CVE-2010-2962"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310862842", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862842", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-1138\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053901.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862842\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-11 13:26:17 +0100 (Fri, 11 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-1138\");\n script_cve_id(\"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\", \"CVE-2010-4165\", \"CVE-2011-0521\", \"CVE-2010-4346\", \"CVE-2010-4649\", \"CVE-2011-0006\", \"CVE-2010-4648\", \"CVE-2010-4163\");\n script_name(\"Fedora Update for kernel FEDORA-2011-1138\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.11~83.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-08T14:23:48", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1141-1", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-1141-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4529", "CVE-2011-0695", "CVE-2011-1083", "CVE-2011-1012", "CVE-2010-4656", "CVE-2011-0463", "CVE-2010-4263", "CVE-2011-0712", "CVE-2011-1019", "CVE-2010-4243", "CVE-2011-1013", "CVE-2010-4342", "CVE-2011-1010", "CVE-2011-1016", "CVE-2011-1082", "CVE-2011-0726", "CVE-2011-1182", "CVE-2010-4565"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840671", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840671", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1141_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1141-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1141-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840671\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1141-1\");\n script_cve_id(\"CVE-2010-4243\", \"CVE-2010-4263\", \"CVE-2010-4342\", \"CVE-2010-4529\", \"CVE-2010-4565\", \"CVE-2010-4656\", \"CVE-2011-0463\", \"CVE-2011-0521\", \"CVE-2011-0695\", \"CVE-2011-0712\", \"CVE-2011-0726\", \"CVE-2011-1010\", \"CVE-2011-1012\", \"CVE-2011-1013\", \"CVE-2011-1016\", \"CVE-2011-1019\", \"CVE-2011-1082\", \"CVE-2011-1083\", \"CVE-2011-1182\");\n script_name(\"Ubuntu Update for linux USN-1141-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1141-1\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Brad Spengler discovered that the kernel did not correctly account for\n userspace memory allocations during exec() calls. A local attacker could\n exploit this to consume all system memory, leading to a denial of service.\n (CVE-2010-4243)\n\n Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not\n correctly handle certain configurations. If such a device was configured\n without VLANs, a remote attacker could crash the system, leading to a\n denial of service. (CVE-2010-4263)\n\n Nelson Elhage discovered that Econet did not correctly handle AUN packets\n over UDP. A local attacker could send specially crafted traffic to crash\n the system, leading to a denial of service. (CVE-2010-4342)\n\n Dan Rosenberg discovered that IRDA did not correctly check the size of\n buffers. On non-x86 systems, a local attacker could exploit this to read\n kernel heap memory, leading to a loss of privacy. (CVE-2010-4529)\n\n Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses\n into the /proc filesystem. A local attacker could use this to increase\n the chances of a successful memory corruption exploit. (CVE-2010-4565)\n\n Kees Cook discovered that the IOWarrior USB device driver did not\n correctly check certain size fields. A local attacker with physical\n access could plug in a specially crafted USB device to crash the system\n or potentially gain root privileges. (CVE-2010-4656)\n\n Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly\n clear memory when writing certain file holes. A local attacker could\n exploit this to read uninitialized data from the disk, leading to a loss\n of privacy. (CVE-2011-0463)\n\n Dan Carpenter discovered that the TTPCI DVB driver did not check certain\n values during an ioctl. If the dvb-ttpci module was loaded, a local\n attacker could exploit this to crash the system, leading to a denial of\n service, or possibly gain root privileges. (CVE-2011-0521)\n\n Jens Kuehnel discovered that the InfiniBand driver contained a race\n condition. On systems using InfiniBand, a local attacker could send\n specially crafted requests to crash the system, leading to a denial of\n service. (CVE-2011-0695)\n\n Rafael Dominguez Vega discovered that the caiaq Native Instruments USB\n driver did not correctly validate string lengths. A local attacker with\n physical access could plug in a specially crafted USB device to crash\n the system or potentially gain root privileges. (CVE-2011-0712)\n\n Kees Cook reported that /proc/pid/stat did not correctly filter certain\n memory locations. A local attacker could determine the mem ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-316-ec2\", ver:\"2.6.32-316.31\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-386\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-generic\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-generic-pae\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-ia64\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-lpia\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-powerpc\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-powerpc-smp\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-powerpc64-smp\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-preempt\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-server\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-sparc64\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-sparc64-smp\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-versatile\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-virtual\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:26:35", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1141-1", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-1141-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4529", "CVE-2011-0695", "CVE-2011-1083", "CVE-2011-1012", "CVE-2010-4656", "CVE-2011-0463", "CVE-2010-4263", "CVE-2011-0712", "CVE-2011-1019", "CVE-2010-4243", "CVE-2011-1013", "CVE-2010-4342", "CVE-2011-1010", "CVE-2011-1016", "CVE-2011-1082", "CVE-2011-0726", "CVE-2011-1182", "CVE-2010-4565"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840671", "href": "http://plugins.openvas.org/nasl.php?oid=840671", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1141_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux USN-1141-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Brad Spengler discovered that the kernel did not correctly account for\n userspace memory allocations during exec() calls. A local attacker could\n exploit this to consume all system memory, leading to a denial of service.\n (CVE-2010-4243)\n\n Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not\n correctly handle certain configurations. If such a device was configured\n without VLANs, a remote attacker could crash the system, leading to a\n denial of service. (CVE-2010-4263)\n \n Nelson Elhage discovered that Econet did not correctly handle AUN packets\n over UDP. A local attacker could send specially crafted traffic to crash\n the system, leading to a denial of service. (CVE-2010-4342)\n \n Dan Rosenberg discovered that IRDA did not correctly check the size of\n buffers. On non-x86 systems, a local attacker could exploit this to read\n kernel heap memory, leading to a loss of privacy. (CVE-2010-4529)\n \n Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses\n into the /proc filesystem. A local attacker could use this to increase\n the chances of a successful memory corruption exploit. (CVE-2010-4565)\n \n Kees Cook discovered that the IOWarrior USB device driver did not\n correctly check certain size fields. A local attacker with physical\n access could plug in a specially crafted USB device to crash the system\n or potentially gain root privileges. (CVE-2010-4656)\n \n Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly\n clear memory when writing certain file holes. A local attacker could\n exploit this to read uninitialized data from the disk, leading to a loss\n of privacy. (CVE-2011-0463)\n \n Dan Carpenter discovered that the TTPCI DVB driver did not check certain\n values during an ioctl. If the dvb-ttpci module was loaded, a local\n attacker could exploit this to crash the system, leading to a denial of\n service, or possibly gain root privileges. (CVE-2011-0521)\n \n Jens Kuehnel discovered that the InfiniBand driver contained a race\n condition. On systems using InfiniBand, a local attacker could send\n specially crafted requests to crash the system, leading to a denial of\n service. (CVE-2011-0695)\n \n Rafael Dominguez Vega discovered that the caiaq Native Instruments USB\n driver did not correctly validate string lengths. A local attacker with\n physical access could plug in a specially crafted USB device to crash\n the system or potentially gain root privileges. (CVE-2011-0712)\n \n Kees Cook reported that /proc/pid/stat did not correctly filter certain\n memory locations. A local attacker could determine the mem ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1141-1\";\ntag_affected = \"linux on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1141-1/\");\n script_id(840671);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-06 16:56:27 +0200 (Mon, 06 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1141-1\");\n script_cve_id(\"CVE-2010-4243\", \"CVE-2010-4263\", \"CVE-2010-4342\", \"CVE-2010-4529\", \"CVE-2010-4565\", \"CVE-2010-4656\", \"CVE-2011-0463\", \"CVE-2011-0521\", \"CVE-2011-0695\", \"CVE-2011-0712\", \"CVE-2011-0726\", \"CVE-2011-1010\", \"CVE-2011-1012\", \"CVE-2011-1013\", \"CVE-2011-1016\", \"CVE-2011-1019\", \"CVE-2011-1082\", \"CVE-2011-1083\", \"CVE-2011-1182\");\n script_name(\"Ubuntu Update for linux USN-1141-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-316-ec2\", ver:\"2.6.32-316.31\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-386\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-generic\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-generic-pae\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-ia64\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-lpia\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-powerpc\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-powerpc-smp\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-powerpc64-smp\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-preempt\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-server\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-sparc64\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-sparc64-smp\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-versatile\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-32-virtual\", ver:\"2.6.32-32.62\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-10-09T15:25:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-05-06T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2011:020", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4163", "CVE-2010-4529", "CVE-2011-1476", "CVE-2010-4668", "CVE-2010-3881", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4649", "CVE-2011-1478", "CVE-2011-1012", "CVE-2010-4251", "CVE-2010-4525", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-4656", "CVE-2010-3876", "CVE-2011-0711", "CVE-2010-3850", "CVE-2010-4650", "CVE-2011-0712", "CVE-2010-4248", "CVE-2010-3705", "CVE-2010-4243", "CVE-2011-1163", "CVE-2010-3848", "CVE-2010-4648", "CVE-2011-0191", "CVE-2010-3880", "CVE-2010-4250", "CVE-2010-4342", "CVE-2011-1010", "CVE-2010-3858", "CVE-2010-3699", "CVE-2011-1082", "CVE-2011-1477", "CVE-2011-1493", "CVE-2011-1182", "CVE-2011-1090", "CVE-2010-3849", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-4076"], "modified": "2019-10-07T00:00:00", "id": "OPENVAS:1361412562310850165", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850165", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for kernel SUSE-SA:2011:020\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850165\");\n script_version(\"2019-10-07T14:34:48+0000\");\n script_tag(name:\"last_modification\", value:\"2019-10-07 14:34:48 +0000 (Mon, 07 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-05-06 16:22:00 +0200 (Fri, 06 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"SUSE-SA\", value:\"2011-020\");\n script_cve_id(\"CVE-2010-3699\", \"CVE-2010-3705\", \"CVE-2010-3848\", \"CVE-2010-3849\", \"CVE-2010-3850\", \"CVE-2010-3858\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-3881\", \"CVE-2010-4075\", \"CVE-2010-4076\", \"CVE-2010-4077\", \"CVE-2010-4163\", \"CVE-2010-4243\", \"CVE-2010-4248\", \"CVE-2010-4250\", \"CVE-2010-4251\", \"CVE-2010-4342\", \"CVE-2010-4343\", \"CVE-2010-4346\", \"CVE-2010-4525\", \"CVE-2010-4527\", \"CVE-2010-4529\", \"CVE-2010-4648\", \"CVE-2010-4649\", \"CVE-2010-4650\", \"CVE-2010-4656\", \"CVE-2010-4668\", \"CVE-2011-0191\", \"CVE-2011-0521\", \"CVE-2011-0711\", \"CVE-2011-0712\", \"CVE-2011-1010\", \"CVE-2011-1012\", \"CVE-2011-1082\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1182\", \"CVE-2011-1476\", \"CVE-2011-1477\", \"CVE-2011-1478\", \"CVE-2011-1493\");\n script_name(\"SuSE Update for kernel SUSE-SA:2011:020\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE11\\.3\");\n script_tag(name:\"impact\", value:\"remote denial of service\");\n script_tag(name:\"affected\", value:\"kernel on openSUSE 11.3\");\n script_tag(name:\"insight\", value:\"The openSUSE 11.3 kernel was updated to 2.6.34.8 to fix various bugs\n and security issues.\n\n The following security issues have been fixed:\n CVE-2011-1493: In the rose networking stack, when parsing the\n FAC_NATIONAL_DIGIS facilities field, it was possible for a remote\n host to provide more digipeaters than expected, resulting in heap\n corruption. Check against ROSE_MAX_DIGIS to prevent overflows,\n and abort facilities parsing on failure.\n\n CVE-2011-1182: Local attackers could send signals to their programs\n that looked like coming from the kernel, potentially gaining privileges\n in the context of setuid programs.\n\n CVE-2011-1082: The epoll subsystem in Linux did not prevent users\n from creating circular epoll file structures, potentially leading to\n a denial of service (kernel deadlock).\n\n CVE-2011-1478: An issue in the core GRO code where an skb belonging to\n an unknown VLAN is reused could result in a NULL pointer dereference.\n\n CVE-2011-1163: The code for evaluating OSF partitions (in\n fs/partitions/osf.c) contained a bug that leaks data from kernel heap\n memory to userspace for certain corrupted OSF partitions.\n\n CVE-2011-1012: The code for evaluating LDM partitions (in\n fs/partitions/ldm.c) contained a bug that could crash the kernel for\n certain corrupted LDM partitions.\n\n CVE-2011-1010: The code for evaluating Mac partitions (in\n fs/partitions/mac.c) contained a bug that could crash the kernel for\n certain corrupted Mac partitions.\n\n CVE-2011-1476: Specially crafted requests may be written to\n /dev/sequencer resulting in an underflow when calculating a size for a\n copy_from_user() operation in the driver for MIDI interfaces. On x86,\n this just returns an error, but it could have caused memory corruption\n on other architectures. Other malformed requests could have resulted\n in the use of uninitialized variables.\n\n CVE-2011-1477: Due to a failure to validate user-supplied indexes in\n the driver for Yamaha YM3812 and OPL-3 chips, a specially crafted\n ioctl request could have been sent to /dev/sequencer, resulting in\n reading and writing beyond the bounds of heap buffers, and potentially\n allowing privilege escalation.\n\n CVE-2011-0191: A information leak in the XFS geometry calls could be\n used by local attackers to gain access to kernel information.\n\n CVE-2011-1090: A page allocator issue in NFS v4 ACL handling that\n could lead to a denial of service (crash) was fixed.\n\n CVE-2010-3880: net/ipv4/inet_diag.c in the Linux kernel did not\n properly audit INET_DIAG bytecode, which allowed local users\n to cause a denial of service ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE11.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-base\", rpm:\"kernel-desktop-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-extra\", rpm:\"kernel-ec2-extra~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vmi\", rpm:\"kernel-vmi~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vmi-base\", rpm:\"kernel-vmi-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vmi-devel\", rpm:\"kernel-vmi-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"preload-kmp-default\", rpm:\"preload-kmp-default~1.1_k2.6.34.8_0.2~19.1.19\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"preload-kmp-desktop\", rpm:\"preload-kmp-desktop~1.1_k2.6.34.8_0.2~19.1.19\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-12T11:19:25", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-05-06T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2011:020", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4163", "CVE-2010-4529", "CVE-2011-1476", "CVE-2010-4668", "CVE-2010-3881", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4649", "CVE-2011-1478", "CVE-2011-1012", "CVE-2010-4251", "CVE-2010-4525", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-4656", "CVE-2010-3876", "CVE-2011-0711", "CVE-2010-3850", "CVE-2010-4650", "CVE-2011-0712", "CVE-2010-4248", "CVE-2010-3705", "CVE-2010-4243", "CVE-2011-1163", "CVE-2010-3848", "CVE-2010-4648", "CVE-2011-0191", "CVE-2010-3880", "CVE-2010-4250", "CVE-2010-4342", "CVE-2011-1010", "CVE-2010-3858", "CVE-2010-3699", "CVE-2011-1082", "CVE-2011-1477", "CVE-2011-1493", "CVE-2011-1182", "CVE-2011-1090", "CVE-2010-3849", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-4076"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850165", "href": "http://plugins.openvas.org/nasl.php?oid=850165", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for kernel SUSE-SA:2011:020\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The openSUSE 11.3 kernel was updated to 2.6.34.8 to fix various bugs\n and security issues.\n\n Following security issues have been fixed:\n CVE-2011-1493: In the rose networking stack, when parsing the\n FAC_NATIONAL_DIGIS facilities field, it was possible for a remote\n host to provide more digipeaters than expected, resulting in heap\n corruption. Check against ROSE_MAX_DIGIS to prevent overflows,\n and abort facilities parsing on failure.\n\n CVE-2011-1182: Local attackers could send signals to their programs\n that looked like coming from the kernel, potentially gaining privileges\n in the context of setuid programs.\n\n CVE-2011-1082: The epoll subsystem in Linux did not prevent users\n from creating circular epoll file structures, potentially leading to\n a denial of service (kernel deadlock).\n\n CVE-2011-1478: An issue in the core GRO code where an skb belonging to\n an unknown VLAN is reused could result in a NULL pointer dereference.\n\n CVE-2011-1163: The code for evaluating OSF partitions (in\n fs/partitions/osf.c) contained a bug that leaks data from kernel heap\n memory to userspace for certain corrupted OSF partitions.\n\n CVE-2011-1012: The code for evaluating LDM partitions (in\n fs/partitions/ldm.c) contained a bug that could crash the kernel for\n certain corrupted LDM partitions.\n\n CVE-2011-1010: The code for evaluating Mac partitions (in\n fs/partitions/mac.c) contained a bug that could crash the kernel for\n certain corrupted Mac partitions.\n\n CVE-2011-1476: Specially crafted requests may be written to\n /dev/sequencer resulting in an underflow when calculating a size for a\n copy_from_user() operation in the driver for MIDI interfaces. On x86,\n this just returns an error, but it could have caused memory corruption\n on other architectures. Other malformed requests could have resulted\n in the use of uninitialized variables.\n\n CVE-2011-1477: Due to a failure to validate user-supplied indexes in\n the driver for Yamaha YM3812 and OPL-3 chips, a specially crafted\n ioctl request could have been sent to /dev/sequencer, resulting in\n reading and writing beyond the bounds of heap buffers, and potentially\n allowing privilege escalation.\n\n CVE-2011-0191: A information leak in the XFS geometry calls could be\n used by local attackers to gain access to kernel information.\n\n CVE-2011-1090: A page allocator issue in NFS v4 ACL handling that\n could lead to a denial of service (crash) was fixed.\n\n CVE-2010-3880: net/ipv4/inet_diag.c in the Linux kernel did not\n properly audit INET_DIAG bytecode, which allowed local users\n to cause a denial of service ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_impact = \"remote denial of service\";\ntag_affected = \"kernel on openSUSE 11.3\";\n\n\nif(description)\n{\n script_id(850165);\n script_version(\"$Revision: 8041 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 08:28:21 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-06 16:22:00 +0200 (Fri, 06 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2011-020\");\n script_cve_id(\"CVE-2010-3699\", \"CVE-2010-3705\", \"CVE-2010-3848\", \"CVE-2010-3849\", \"CVE-2010-3850\", \"CVE-2010-3858\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-3881\", \"CVE-2010-4075\", \"CVE-2010-4076\", \"CVE-2010-4077\", \"CVE-2010-4163\", \"CVE-2010-4243\", \"CVE-2010-4248\", \"CVE-2010-4250\", \"CVE-2010-4251\", \"CVE-2010-4342\", \"CVE-2010-4343\", \"CVE-2010-4346\", \"CVE-2010-4525\", \"CVE-2010-4527\", \"CVE-2010-4529\", \"CVE-2010-4648\", \"CVE-2010-4649\", \"CVE-2010-4650\", \"CVE-2010-4656\", \"CVE-2010-4668\", \"CVE-2011-0191\", \"CVE-2011-0521\", \"CVE-2011-0711\", \"CVE-2011-0712\", \"CVE-2011-1010\", \"CVE-2011-1012\", \"CVE-2011-1082\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1182\", \"CVE-2011-1476\", \"CVE-2011-1477\", \"CVE-2011-1478\", \"CVE-2011-1493\");\n script_name(\"SuSE Update for kernel SUSE-SA:2011:020\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-base\", rpm:\"kernel-desktop-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-extra\", rpm:\"kernel-ec2-extra~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.34.8~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~2.6.34.8~0.2.1\", rls:\"openSUSE11.3
[SECURITY] [DSA 2153-1] linux-2.6 security update
