Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 Tenable Network Security, Inc.FEDORA_2009-9044.NASL
HistoryAug 27, 2009 - 12:00 a.m.

Fedora 11 : kernel-2.6.29.6-217.2.16.fc11 (2009-9044)

2009-08-2700:00:00
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.
www.tenable.com
20
JSON

Security fixes: - CVE-2009-2691: Information disclosure in proc filesystem - CVE-2009-2848: execve: must clear current->child_tid - CVE-2009-2849: md: NULL pointer dereference - CVE-2009-2847:
Information leak in do_sigaltstack Restore missing LIRC drivers, dropped in previous release. Backport upstream fixes that further improve the security of mmap of low addresses. (CVE-2009-2695)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2009-9044.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(40780);
  script_version("1.21");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2009-2691", "CVE-2009-2695", "CVE-2009-2847", "CVE-2009-2848", "CVE-2009-2849");
  script_bugtraq_id(35930);
  script_xref(name:"FEDORA", value:"2009-9044");

  script_name(english:"Fedora 11 : kernel-2.6.29.6-217.2.16.fc11 (2009-9044)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Security fixes: - CVE-2009-2691: Information disclosure in proc
filesystem - CVE-2009-2848: execve: must clear current->child_tid -
CVE-2009-2849: md: NULL pointer dereference - CVE-2009-2847:
Information leak in do_sigaltstack Restore missing LIRC drivers,
dropped in previous release. Backport upstream fixes that further
improve the security of mmap of low addresses. (CVE-2009-2695)

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=515392"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=515423"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=516171"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=517830"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=518132"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2009-August/028526.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?9633f9a4"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected kernel package."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_cwe_id(119, 200);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:11");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/08/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/08/27");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^11([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 11.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC11", reference:"kernel-2.6.29.6-217.2.16.fc11")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
VendorProductVersionCPE
fedoraprojectfedorakernelp-cpe:/a:fedoraproject:fedora:kernel
fedoraprojectfedora11cpe:/o:fedoraproject:fedora:11

Related

nessus 41
redhat 12
openvas 77
osv 4
securityvulns 3
debian 4
fedora 12
oraclelinux 6
centos 5
prion 5
veracode 5
cve 5
seebug 4
ubuntucve 5
ubuntu 1
suse 3
vmware 7
nessus
nessus
RHEL 5 : kernel (RHSA-2009:1466)
2013-01-24 00:00:00
Debian DSA-1872-1 : linux-2.6 - denial of service/privilege escalation/information leak
2010-02-24 00:00:00
RHEL 4 : kernel (RHSA-2009:1438)
2009-09-16 00:00:00
redhat
redhat
(RHSA-2009:1466) Important: kernel security and bug fix update
2009-09-29 00:00:00
(RHSA-2009:1239) Important: kernel-rt security and bug fix update
2009-09-01 00:00:00
(RHSA-2009:1455) Moderate: kernel security and bug fix update
2009-09-29 00:00:00
openvas
openvas
Debian Security Advisory DSA 1872-1 (linux-2.6)
2009-09-02 00:00:00
Debian: Security Advisory (DSA-1872-1)
2009-09-02 00:00:00
Fedora Core 11 FEDORA-2009-9044 (kernel)
2009-09-02 00:00:00
osv
osv
fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
2009-08-24 00:00:00
linux-2.6.24 - several vulnerabilities
2009-11-05 00:00:00
linux-2.6.24 - several vulnerabilities
2010-02-27 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1872-1] New Linux 2.6.18 packages fix several vulnerabilities
2009-08-25 00:00:00
Linux kernel multiple security vulnerabilities
2009-08-25 00:00:00
[SECURITY] [DSA 1915-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-10-23 00:00:00
debian
debian
[SECURITY] [DSA 1872-1] New Linux 2.6.18 packages fix several vulnerabilities
2009-08-24 18:59:41
[SECURITY] [DSA 1928-1] New Linux 2.6.24 packages fix several vulnerabilities
2009-11-05 22:03:48
[SECURITY] [DSA 2004-1] New Linux 2.6.24 packages fix several vulnerabilities
2010-03-01 03:53:30
fedora
fedora
[SECURITY] Fedora 11 Update: kernel-2.6.29.6-217.2.16.fc11
2009-08-27 02:19:22
[SECURITY] Fedora 11 Update: kernel-2.6.30.9-90.fc11
2009-10-27 06:48:07
[SECURITY] Fedora 11 Update: kernel-2.6.30.9-96.fc11
2009-11-06 00:03:20
oraclelinux
oraclelinux
kernel security and bug fix update
2009-09-15 00:00:00
kernel security and bug fix update
2009-09-30 00:00:00
kernel security and bug fix update
2009-11-03 00:00:00
centos
centos
kernel security update
2009-09-16 03:38:30
kernel security update
2009-10-30 14:43:51
kernel security update
2009-09-15 18:17:47
prion
prion
Null pointer dereference
2009-08-18 21:00:00
Race condition
2009-08-14 15:16:00
Memory corruption
2009-08-18 21:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:35:41
Denial Of Service (DoS)
2020-04-10 00:36:58
Information Disclosure
2020-04-10 00:40:00
cve
cve
CVE-2009-2848
2009-08-18 21:00:00
CVE-2009-2849
2009-08-18 21:00:00
CVE-2009-2691
2009-08-14 15:16:00
seebug
seebug
Linux kernel md驱动本地拒绝服务漏洞
2009-08-21 00:00:00
Linux Kernel 'fs/proc/base.c'本地信息泄漏漏洞
2009-08-12 00:00:00
Linux kernel execve函数本地拒绝服务漏洞
2009-08-21 00:00:00
ubuntucve
ubuntucve
CVE-2009-2849
2009-08-18 00:00:00
CVE-2009-2691
2009-08-10 00:00:00
CVE-2009-2848
2009-08-18 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-10-22 00:00:00
suse
suse
local privilege escalation in kernel
2009-11-11 17:52:30
local privilege escalation in kernel
2009-11-16 13:03:36
local privilege escalation, remote denial of in kernel
2010-02-15 16:54:24
vmware
vmware
ESX 3.5 third party update for Service Console kernel
2010-06-24 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
JSON
Related for FEDORA_2009-9044.NASL
nessus41redhat12openvas77osv4securityvulns3debian4fedora12oraclelinux6centos5prion5veracode5cve5seebug4ubuntucve5ubuntu1suse3vmware7