Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-2766.NASL
HistorySep 30, 2013 - 12:00 a.m.

Debian DSA-2766-1 : linux-2.6 - privilege escalation/denial of service/information leak

2013-09-3000:00:00
This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16
JSON

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :

  • CVE-2013-2141 Emese Revfy provided a fix for an information leak in the tkill and tgkill system calls. A local user on a 64-bit system may be able to gain access to sensitive memory contents.

  • CVE-2013-2164 Jonathan Salwan reported an information leak in the CD-ROM driver. A local user on a system with a malfunctioning CD-ROM drive could gain access to sensitive memory.

  • CVE-2013-2206 Karl Heiss reported an issue in the Linux SCTP implementation. A remote user could cause a denial of service (system crash).

  • CVE-2013-2232 Dave Jones and Hannes Frederic Sowa resolved an issue in the IPv6 subsystem. Local users could cause a denial of service by using an AF_INET6 socket to connect to an IPv4 destination.

  • CVE-2013-2234 Mathias Krause reported a memory leak in the implementation of PF_KEYv2 sockets. Local users could gain access to sensitive kernel memory.

  • CVE-2013-2237 Nicolas Dichtel reported a memory leak in the implementation of PF_KEYv2 sockets. Local users could gain access to sensitive kernel memory.

  • CVE-2013-2239 Jonathan Salwan discovered multiple memory leaks in the openvz kernel flavor. Local users could gain access to sensitive kernel memory.

  • CVE-2013-2851 Kees Cook reported an issue in the block subsystem.
    Local users with uid 0 could gain elevated ring 0 privileges. This is only a security issue for certain specially configured systems.

  • CVE-2013-2852 Kees Cook reported an issue in the b43 network driver for certain Broadcom wireless devices. Local users with uid 0 could gain elevated ring 0 privileges. This is only a security issue for certain specially configured systems.

  • CVE-2013-2888 Kees Cook reported an issue in the HID driver subsystem.
    A local user, with the ability to attach a device, could cause a denial of service (system crash).

  • CVE-2013-2892 Kees Cook reported an issue in the pantherlord HID device driver. Local users with the ability to attach a device could cause a denial of service or possibly gain elevated privileges.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-2766. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(70200);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2013-2141", "CVE-2013-2164", "CVE-2013-2206", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2237", "CVE-2013-2239", "CVE-2013-2851", "CVE-2013-2852", "CVE-2013-2888", "CVE-2013-2892");
  script_bugtraq_id(60254, 60375, 60409, 60410, 60715, 60874, 60893, 60953, 60977, 62043, 62049);
  script_xref(name:"DSA", value:"2766");

  script_name(english:"Debian DSA-2766-1 : linux-2.6 - privilege escalation/denial of service/information leak");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, information leak or privilege
escalation. The Common Vulnerabilities and Exposures project
identifies the following problems :

  - CVE-2013-2141
    Emese Revfy provided a fix for an information leak in
    the tkill and tgkill system calls. A local user on a
    64-bit system may be able to gain access to sensitive
    memory contents.

  - CVE-2013-2164
    Jonathan Salwan reported an information leak in the
    CD-ROM driver. A local user on a system with a
    malfunctioning CD-ROM drive could gain access to
    sensitive memory.

  - CVE-2013-2206
    Karl Heiss reported an issue in the Linux SCTP
    implementation. A remote user could cause a denial of
    service (system crash).

  - CVE-2013-2232
    Dave Jones and Hannes Frederic Sowa resolved an issue in
    the IPv6 subsystem. Local users could cause a denial of
    service by using an AF_INET6 socket to connect to an
    IPv4 destination.

  - CVE-2013-2234
    Mathias Krause reported a memory leak in the
    implementation of PF_KEYv2 sockets. Local users could
    gain access to sensitive kernel memory.

  - CVE-2013-2237
    Nicolas Dichtel reported a memory leak in the
    implementation of PF_KEYv2 sockets. Local users could
    gain access to sensitive kernel memory.

  - CVE-2013-2239
    Jonathan Salwan discovered multiple memory leaks in the
    openvz kernel flavor. Local users could gain access to
    sensitive kernel memory.

  - CVE-2013-2851
    Kees Cook reported an issue in the block subsystem.
    Local users with uid 0 could gain elevated ring 0
    privileges. This is only a security issue for certain
    specially configured systems.

  - CVE-2013-2852
    Kees Cook reported an issue in the b43 network driver
    for certain Broadcom wireless devices. Local users with
    uid 0 could gain elevated ring 0 privileges. This is
    only a security issue for certain specially configured
    systems.

  - CVE-2013-2888
    Kees Cook reported an issue in the HID driver subsystem.
    A local user, with the ability to attach a device, could
    cause a denial of service (system crash).

  - CVE-2013-2892
    Kees Cook reported an issue in the pantherlord HID
    device driver. Local users with the ability to attach a
    device could cause a denial of service or possibly gain
    elevated privileges."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2141"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2164"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2206"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2232"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2234"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2237"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2239"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2851"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2852"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2888"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2013-2892"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/squeeze/linux-2.6"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2013/dsa-2766"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the linux-2.6 and user-mode-linux packages.

For the oldstable distribution (squeeze), this problem has been fixed
in version 2.6.32-48squeeze4.

The following matrix lists additional source packages that were
rebuilt for compatibility with or to take advantage of this update :

                          Debian 6.0 (squeeze)     
  user-mode-linux          2.6.32-1um-4+48squeeze4  
Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or 'leap-frog' fashion."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-2.6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/06/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/09/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/30");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"6.0", prefix:"firmware-linux-free", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-base", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-doc-2.6.32", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-486", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-4kc-malta", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-5kc-malta", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-686", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-686-bigmem", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-amd64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-armel", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-i386", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-ia64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-mips", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-mipsel", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-powerpc", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-s390", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-all-sparc", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-amd64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-common", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-common-openvz", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-common-vserver", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-common-xen", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-iop32x", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-itanium", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-ixp4xx", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-kirkwood", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-mckinley", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-openvz-686", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-openvz-amd64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-orion5x", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-powerpc", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-powerpc-smp", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-powerpc64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-r4k-ip22", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-r5k-cobalt", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-r5k-ip32", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-s390x", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-sb1-bcm91250a", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-sb1a-bcm91480b", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-sparc64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-sparc64-smp", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-versatile", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-686", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-686-bigmem", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-amd64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-itanium", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-mckinley", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-powerpc", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-powerpc64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-s390x", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-vserver-sparc64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-xen-686", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-headers-2.6.32-5-xen-amd64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-486", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-4kc-malta", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-5kc-malta", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-686", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-686-bigmem", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-686-bigmem-dbg", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-amd64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-amd64-dbg", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-iop32x", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-itanium", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-ixp4xx", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-kirkwood", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-mckinley", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-openvz-686", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-openvz-686-dbg", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-openvz-amd64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-openvz-amd64-dbg", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-orion5x", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-powerpc", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-powerpc-smp", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-powerpc64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-r4k-ip22", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-r5k-cobalt", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-r5k-ip32", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-s390x", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-s390x-tape", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-sb1-bcm91250a", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-sb1a-bcm91480b", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-sparc64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-sparc64-smp", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-versatile", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-686", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-686-bigmem", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-686-bigmem-dbg", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-amd64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-amd64-dbg", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-itanium", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-mckinley", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-powerpc", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-powerpc64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-s390x", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-vserver-sparc64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-xen-686", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-xen-686-dbg", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-xen-amd64", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-image-2.6.32-5-xen-amd64-dbg", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-libc-dev", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-manual-2.6.32", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-patch-debian-2.6.32", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-source-2.6.32", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-support-2.6.32-5", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"linux-tools-2.6.32", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"xen-linux-system-2.6.32-5-xen-686", reference:"2.6.32-48squeeze4")) flag++;
if (deb_check(release:"6.0", prefix:"xen-linux-system-2.6.32-5-xen-amd64", reference:"2.6.32-48squeeze4")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxlinux-2.6p-cpe:/a:debian:debian_linux:linux-2.6
debiandebian_linux6.0cpe:/o:debian:debian_linux:6.0

References

Related

osv 2
openvas 67
debian 2
nessus 46
ubuntu 17
oraclelinux 8
threatpost 1
centos 3
mageia 7
redhat 5
veracode 15
suse 5
vmware 1
securityvulns 4
fedora 3
cve 4
redhatcve 1
prion 3
debiancve 3
altlinux 1
ubuntucve 1
osv
osv
linux-2.6 - several
2013-09-27 00:00:00
linux - several
2013-08-28 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2766-1)
2013-09-26 00:00:00
Debian Security Advisory DSA 2766-1 (linux-2.6 - privilege escalation/denial of service/information leak)
2013-09-27 00:00:00
Ubuntu Update for linux USN-1912-1
2013-08-08 00:00:00
debian
debian
[SECURITY] [DSA 2766-1] linux-2.6 security update
2013-09-27 23:24:29
[SECURITY] [DSA 2745-1] linux security update
2013-08-29 05:16:38
nessus
nessus
Ubuntu 10.04 LTS : linux vulnerabilities (USN-1912-1)
2013-07-30 00:00:00
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1913-1)
2013-07-30 00:00:00
Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2013-2542)
2013-08-30 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2013-07-29 00:00:00
Linux kernel (EC2) vulnerabilities
2013-07-29 00:00:00
Linux kernel vulnerabilities
2013-09-06 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2013-08-21 00:00:00
kernel security and bug fix update
2013-08-21 00:00:00
unbreakable enterprise kernel security update
2013-08-28 00:00:00
threatpost
threatpost
Linux Kernel Update Fixes DoS, Leakage Bugs
2013-09-30 16:35:10
centos
centos
kernel security update
2013-08-21 14:07:08
kernel, perf, python security update
2013-08-28 19:03:34
kernel, perf, python security update
2013-11-26 13:32:01
mageia
mageia
Updated kernel-tmb packages fix multiple security vulnerabilities
2013-07-16 12:01:28
Updated kernel packages fix multiple security vulnerabilities
2013-07-09 21:56:42
Updated kernel packages fix multiple security vulnerabilities
2013-07-06 18:25:03
redhat
redhat
(RHSA-2013:1166) Important: kernel security and bug fix update
2013-08-20 00:00:00
(RHSA-2013:1264) Important: kernel-rt security and bug fix update
2013-09-16 00:00:00
(RHSA-2013:1195) Important: kernel security and bug fix update
2013-09-03 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:52:18
Denial Of Service (DoS)
2019-05-02 04:52:19
Information Disclosure
2019-05-02 04:52:18
suse
suse
Security update for Linux kernel (important)
2013-09-21 00:04:17
Security update for Linux kernel (important)
2013-09-21 01:04:16
Security update for Real Time Linux Kernel (important)
2013-11-22 05:04:54
vmware
vmware
VMware ESX updates to third party libraries
2013-12-05 00:00:00
securityvulns
securityvulns
[ MDVSA-2013:194 ] kernel
2013-07-15 00:00:00
USN-1976-1] Linux kernel vulnerabilities
2013-10-01 00:00:00
[USN-1998-1] Linux kernel vulnerabilities
2013-10-28 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: kernel-3.9.5-301.fc19
2013-06-14 04:52:17
[SECURITY] Fedora 19 Update: kernel-3.9.9-302.fc19
2013-07-14 03:30:56
[SECURITY] Fedora 19 Update: kernel-3.10.3-300.fc19
2013-07-26 22:59:37
cve
cve
CVE-2013-2239
2013-11-12 14:35:00
CVE-2013-2206
2013-07-04 21:55:00
CVE-2013-2141
2013-06-07 14:03:00
redhatcve
redhatcve
CVE-2013-2239
2015-10-30 09:42:30
prion
prion
Design/Logic Flaw
2013-11-12 14:35:00
Null pointer dereference
2013-07-04 21:55:00
Design/Logic Flaw
2013-06-07 14:03:00
debiancve
debiancve
CVE-2013-2239
2013-11-12 14:35:00
CVE-2013-2234
2013-07-04 21:55:00
CVE-2013-2141
2013-06-07 14:03:00
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt11
2013-08-30 00:00:00
ubuntucve
ubuntucve
CVE-2013-2141
2013-06-04 00:00:00
JSON
Related for DEBIAN_DSA-2766.NASL
osv2openvas67debian2nessus46ubuntu17oraclelinux8threatpost1centos3mageia7redhat5veracode15suse5vmware1securityvulns4fedora3cve4redhatcve1prion3debiancve3altlinux1ubuntucve1