Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2009-0923.NASL
HistoryApr 23, 2009 - 12:00 a.m.

Fedora 10 : kernel-2.6.27.12-170.2.5.fc10 (2009-0923)

2009-04-2300:00:00
This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
92
JSON

Update to kernel 2.6.27.12:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12 Includes security fixes: CVE-2009-0029 Linux Kernel insecure 64 bit system call argument passing CVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID Reverts ALSA driver to the version that is upstream in kernel 2.6.27. This should be the last 2.6.27 kernel update for Fedora 10. A 2.6.28 update kernel is being tested.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2009-0923.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(38129);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2009-0029", "CVE-2009-0065");
  script_xref(name:"FEDORA", value:"2009-0923");

  script_name(english:"Fedora 10 : kernel-2.6.27.12-170.2.5.fc10 (2009-0923)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Update to kernel 2.6.27.12:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12
Includes security fixes: CVE-2009-0029 Linux Kernel insecure 64 bit
system call argument passing CVE-2009-0065 kernel: sctp: memory
overflow when FWD-TSN chunk is received with bad stream ID Reverts
ALSA driver to the version that is upstream in kernel 2.6.27. This
should be the last 2.6.27 kernel update for Fedora 10. A 2.6.28 update
kernel is being tested.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?9af5a301"
  );
  # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?bbb536f1"
  );
  # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?ddbb60cd"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=477954"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=478299"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=480862"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=480866"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2009-January/019442.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?6a393669"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected kernel package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_cwe_id(20, 119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:10");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/01/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^10([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 10.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC10", reference:"kernel-2.6.27.12-170.2.5.fc10")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
VendorProductVersionCPE
fedoraprojectfedorakernelp-cpe:/a:fedoraproject:fedora:kernel
fedoraprojectfedora10cpe:/o:fedoraproject:fedora:10

Related

nessus 21
openvas 55
fedora 12
prion 2
cve 2
ubuntucve 2
seebug 2
exploitpack 1
checkpoint_advisories 1
veracode 1
redhat 4
exploitdb 1
suse 5
ubuntu 2
osv 3
oraclelinux 3
debian 3
centos 1
securityvulns 1
nessus
nessus
Fedora 9 : kernel-2.6.27.12-78.2.8.fc9 (2009-0816)
2009-01-27 00:00:00
RHEL 5 : kernel (RHSA-2009:1055)
2013-01-24 00:00:00
openSUSE Security Update : kernel (kernel-559)
2009-07-21 00:00:00
openvas
openvas
Fedora Core 10 FEDORA-2009-0923 (kernel)
2009-02-02 00:00:00
Fedora Core 10 FEDORA-2009-0923 (kernel)
2009-02-02 00:00:00
RedHat Security Advisory RHSA-2009:1055
2009-05-25 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: kernel-2.6.27.12-170.2.5.fc10
2009-01-27 01:48:27
[SECURITY] Fedora 9 Update: kernel-2.6.27.12-78.2.8.fc9
2009-01-27 01:54:28
[SECURITY] Fedora 10 Update: kernel-2.6.27.25-170.2.72.fc10
2009-06-24 19:18:18
prion
prion
Design/Logic Flaw
2009-01-15 17:30:00
Buffer overflow
2009-01-07 19:30:00
cve
cve
CVE-2009-0029
2009-01-15 17:30:00
CVE-2009-0065
2009-01-07 19:30:00
ubuntucve
ubuntucve
CVE-2009-0029
2009-01-15 00:00:00
CVE-2009-0065
2009-01-07 00:00:00
seebug
seebug
Linux Kernel 64 Bit ABI系统调用参数特权提升漏洞
2009-01-15 00:00:00
Linux Kernel 2.6.x SCTP FWD Memory Corruption Remote Exploit
2009-04-28 00:00:00
exploitpack
exploitpack
Linux Kernel 2.6.202.6.242.6.27_7-10 (Ubuntu 7.048.048.10 Fedora Core 10 OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Overflow
2009-04-28 00:00:00
checkpoint_advisories
checkpoint_advisories
Linux Kernel SCTP FWD-TSN Handling Buffer Overflow (CVE-2009-0065)
2010-03-02 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:29:31
redhat
redhat
(RHSA-2009:1055) Important: kernel security and bug fix update
2009-05-19 00:00:00
(RHSA-2009:0331) Important: kernel security and bug fix update
2009-03-12 00:00:00
(RHSA-2009:0053) Important: kernel-rt security and bug fix update
2009-02-04 00:00:00
exploitdb
exploitdb
Linux Kernel 2.6.20/2.6.24/2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Overflow
2009-04-28 00:00:00
suse
suse
local privilege escalation in kernel
2009-02-26 17:06:24
remote denial of service in kernel
2009-04-03 13:04:01
remote denial of service in kernel
2009-04-03 14:20:16
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-04-07 00:00:00
Linux kernel vulnerabilities
2009-04-06 00:00:00
osv
osv
linux-2.6 - several vulnerabilities
2009-03-20 00:00:00
linux-2.6 - multiple vulnerabilities
2009-05-06 00:00:00
linux-2.6.24 - several vulnerabilities
2009-05-02 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2009-03-12 00:00:00
kernel security update
2009-02-11 00:00:00
Oracle Enterprise Linux 5.4 kernel security and bug fix update
2009-09-08 00:00:00
debian
debian
[SECURITY] [DSA 1749-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-03-20 20:55:47
[SECURITY] [DSA 1794-1] New Linux 2.6.18 packages fix several vulnerabilities
2009-05-06 23:23:13
[SECURITY] [DSA 1787-1] New Linux 2.6.24 packages fix several vulnerabilities
2009-05-02 18:33:03
centos
centos
kernel security update
2009-04-20 18:25:50
securityvulns
securityvulns
[SECURITY] [DSA 1787-1] New Linux 2.6.24 packages fix several vulnerabilities
2009-05-04 00:00:00
JSON
Related for FEDORA_2009-0923.NASL
nessus21openvas55fedora12prion2cve2ubuntucve2seebug2exploitpack1checkpoint_advisories1veracode1redhat4exploitdb1suse5ubuntu2osv3oraclelinux3debian3centos1securityvulns1