Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2010-14890.NASL
HistorySep 21, 2010 - 12:00 a.m.

Fedora 13 : kernel-2.6.34.7-56.fc13 (2010-14890)

2010-09-2100:00:00
This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
66
JSON

  • Fix possible local privilege escalation on x86_64 systems (CVE-2010-3081, CVE-2010-3301).

    • Mitigate denial of service attack with large argument lists.

    • Fix possible hang on suspend introduced in 2.6.34.6-54

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2010-14890.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(49297);
  script_version("1.26");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2010-2954", "CVE-2010-2960", "CVE-2010-3067", "CVE-2010-3079", "CVE-2010-3080", "CVE-2010-3081", "CVE-2010-3301");
  script_bugtraq_id(42900, 42932, 43062, 43239);
  script_xref(name:"FEDORA", value:"2010-14890");

  script_name(english:"Fedora 13 : kernel-2.6.34.7-56.fc13 (2010-14890)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"  - Fix possible local privilege escalation on x86_64
    systems (CVE-2010-3081, CVE-2010-3301).

    - Mitigate denial of service attack with large argument
      lists.

    - Fix possible hang on suspend introduced in 2.6.34.6-54

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=627440"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=628770"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=629441"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=630551"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=631623"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=634449"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=634457"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2010-September/047943.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?836d9283"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected kernel package."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:13");

  script_set_attribute(attribute:"patch_publication_date", value:"2010/09/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/09/21");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^13([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 13.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC13", reference:"kernel-2.6.34.7-56.fc13")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
VendorProductVersionCPE
fedoraprojectfedorakernelp-cpe:/a:fedoraproject:fedora:kernel
fedoraprojectfedora13cpe:/o:fedoraproject:fedora:13

Related

nessus 50
openvas 64
fedora 9
slackware 1
ubuntu 6
debian 1
osv 1
securityvulns 2
suse 10
redhat 10
oraclelinux 6
seebug 3
prion 8
cve 8
ubuntucve 8
veracode 5
vmware 1
centos 4
checkpoint_advisories 1
kitploit 1
nessus
nessus
Fedora 12 : kernel-2.6.32.21-168.fc12 (2010-14878)
2010-09-21 00:00:00
Fedora 14 : kernel-2.6.35.4-28.fc14 (2010-14832)
2010-09-22 00:00:00
RHEL 5 : kernel (RHSA-2010:0705)
2013-01-24 00:00:00
openvas
openvas
Fedora Update for kernel FEDORA-2010-14832
2010-12-02 00:00:00
Fedora Update for kernel FEDORA-2010-14832
2010-12-02 00:00:00
Fedora Update for kernel FEDORA-2010-14890
2010-09-22 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: kernel-2.6.35.4-28.fc14
2010-09-22 04:10:26
[SECURITY] Fedora 13 Update: kernel-2.6.34.7-56.fc13
2010-09-21 01:30:38
[SECURITY] Fedora 12 Update: kernel-2.6.32.21-168.fc12
2010-09-21 01:38:22
slackware
slackware
[slackware-security] 64-bit kernel
2010-09-22 20:27:24
ubuntu
ubuntu
Linux kernel vulnerabilities
2010-09-17 00:00:00
Linux kernel (OMAP4) vulnerabilities
2011-04-20 00:00:00
Linux kernel vulnerabilities
2010-10-19 00:00:00
debian
debian
[SECURITY] [DSA 2110-1] New Linux 2.6.26 packages fix several issues
2010-09-17 15:45:07
osv
osv
linux-2.6 - several issues
2010-09-17 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2110-1] New Linux 2.6.26 packages fix several issues
2010-09-20 00:00:00
Linux kernel multiple security vulnerabilities
2010-09-20 00:00:00
suse
suse
local privilege escalation in kernel
2010-10-13 18:00:32
local privilege escalation in kernel
2010-09-23 16:37:53
local privilege escalation in kernel
2010-09-23 16:30:19
redhat
redhat
(RHSA-2010:0758) Important: kernel-rt security and bug fix update
2010-10-07 00:00:00
(RHSA-2010:0718) Important: kernel security update
2010-09-28 00:00:00
(RHSA-2010:0705) Important: kernel security update
2010-09-21 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2010-10-20 00:00:00
kernel security update
2010-09-21 00:00:00
kernel security update
2010-09-28 00:00:00
seebug
seebug
Linux kernel 2.6.x irda_bind()ε―Ήθ±‘ζΈ…ι™€η©ΊζŒ‡ι’ˆεΌ•η”¨ζΌζ΄ž
2010-09-06 00:00:00
Linux kernel 2.6.x keyctl_session_to_parent()ε‡½ζ•°η©ΊζŒ‡ι’ˆεΌ•η”¨ζΌζ΄ž
2010-09-06 00:00:00
Linux kernel 2.6.x do_io_submit()ε‡½ζ•°ζ•΄ζ•°ζΊ’ε‡ΊζΌζ΄ž
2010-09-30 00:00:00
prion
prion
Null pointer dereference
2010-09-03 20:00:00
Null pointer dereference
2010-09-08 20:00:00
Integer overflow
2010-09-21 18:00:00
cve
cve
CVE-2010-2954
2010-09-03 20:00:00
CVE-2010-2960
2010-09-08 20:00:00
CVE-2010-3067
2010-09-21 18:00:00
ubuntucve
ubuntucve
CVE-2010-2954
2010-09-03 00:00:00
CVE-2010-3067
2010-09-21 00:00:00
CVE-2010-2960
2010-09-08 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:48:23
Denial Of Service (DoS)
2020-04-10 00:56:44
Denial Of Service (DoS)
2020-04-10 00:50:03
vmware
vmware
VMware ESX third party update for Service Console kernel
2010-11-29 00:00:00
centos
centos
kernel security update
2010-09-21 16:08:22
kernel security update
2010-09-29 09:53:01
kernel security update
2010-10-25 12:15:54
checkpoint_advisories
checkpoint_advisories
Linux Kernel x86-64 IA32SysCall Privilege Escalation (CVE-2010-3301)
2016-09-05 00:00:00
kitploit
kitploit
[Linux Exploit Suggester] Grab the Linux Operating Systems release version, and return a suggestive list of possible exploits
2013-08-29 00:48:00
JSON
Related for FEDORA_2010-14890.NASL
nessus50openvas64fedora9slackware1ubuntu6debian1osv1securityvulns2suse10redhat10oraclelinux6seebug3prion8cve8ubuntucve8veracode5vmware1centos4checkpoint_advisories1kitploit1