Lucene search
This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.FEDORA_2012-0861.NASLHistoryJan 25, 2012 - 12:00 a.m.
Fedora 15 : kernel-2.6.41.10-3.fc15 (2012-0861)
2012-01-2500:00:00
This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.
www.tenable.com
95
Update to the 3.1.10 stable release (Fedora 2.6.41.10). Also fixes CVEs :
-
CVE-2012-0056
- CVE-2011-4127
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2012-0861.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(57673);
script_version("1.20");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2011-4127", "CVE-2012-0056");
script_bugtraq_id(51176, 51625);
script_xref(name:"FEDORA", value:"2012-0861");
script_name(english:"Fedora 15 : kernel-2.6.41.10-3.fc15 (2012-0861)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Update to the 3.1.10 stable release (Fedora 2.6.41.10). Also fixes
CVEs :
- CVE-2012-0056
- CVE-2011-4127
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=728740"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=767351"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=769911"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=781625"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=782681"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=782686"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=782687"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=782961"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072399.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?08da26da"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected kernel package."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:'CANVAS');
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:15");
script_set_attribute(attribute:"patch_publication_date", value:"2012/01/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/25");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^15([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 15.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC15", reference:"kernel-2.6.41.10-3.fc15")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fedoraproject | fedora | kernel | p-cpe:/a:fedoraproject:fedora:kernel |
| fedoraproject | fedora | 15 | cpe:/o:fedoraproject:fedora:15 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4127
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0056
www.nessus.org/u?08da26da
bugzilla.redhat.com/show_bug.cgi?id=728740
bugzilla.redhat.com/show_bug.cgi?id=767351
bugzilla.redhat.com/show_bug.cgi?id=769911
bugzilla.redhat.com/show_bug.cgi?id=781625
bugzilla.redhat.com/show_bug.cgi?id=782681
bugzilla.redhat.com/show_bug.cgi?id=782686
bugzilla.redhat.com/show_bug.cgi?id=782687
bugzilla.redhat.com/show_bug.cgi?id=782961
Related
nessus
nessus
Fedora 16 : kernel-3.2.1-3.fc16 (2012-0876)
2012-01-25 00:00:00
Fedora 16 : libguestfs-1.14.8-1.fc16 (2011-17372)
2012-01-06 00:00:00
Amazon Linux AMI : kernel (ALAS-2012-34)
2013-09-04 00:00:00
openvas
openvas
CentOS Update for kernel CESA-2011:1849 centos6
2012-07-30 00:00:00
Amazon Linux: Security Advisory (ALAS-2012-34)
2015-09-08 00:00:00
CentOS Update for kernel CESA-2011:1849 centos6
2012-07-30 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: libguestfs-1.10.12-1.fc15
2012-01-05 21:00:57
[SECURITY] Fedora 16 Update: libguestfs-1.14.8-1.fc16
2012-01-05 20:56:45
[SECURITY] Fedora 16 Update: kernel-3.2.1-3.fc16
2012-01-24 07:57:29
debiancve
debiancve
CVE-2011-4127
2012-07-03 16:40:00
veracode
veracode
Authorization Bypass
2020-04-10 01:03:58
Privilege Escalation
2020-04-10 01:06:51
cve
cve
CVE-2011-4127
2012-07-03 16:40:00
CVE-2012-0056
2012-01-27 15:55:00
prion
prion
Design/Logic Flaw
2012-07-03 16:40:00
Input validation
2012-01-27 15:55:00
seebug
seebug
Linux kernel 2.6.x 'SG_IO IOCTL' SCSIθ―·ζ±ζ¬ε°ηΉζζεζΌζ΄
2011-12-24 00:00:00
Linux Local Root => 2.6.39 (32-bit & 64-bit) - Mempodipper
2014-07-01 00:00:00
Linux Local Root => 2.6.39 (32-bit & 64-bit) - Mempodipper #2
2014-11-13 00:00:00
amazon
amazon
Medium: kernel
2012-01-06 10:19:00
oraclelinux
oraclelinux
kernel security and bug fix update
2011-12-22 00:00:00
kernel security and bug fix update
2012-01-23 00:00:00
qemu-kvm security, bug fix, and enhancement update
2012-01-23 00:00:00
ubuntucve
ubuntucve
CVE-2011-4127
2011-12-23 00:00:00
CVE-2012-0056
2012-01-19 00:00:00
myhack58
myhack58
redhat
redhat
(RHSA-2012:0061) Important: kernel-rt security update
2012-01-24 00:00:00
(RHSA-2012:0052) Important: kernel security and bug fix update
2012-01-23 00:00:00
chrome
chrome
Stable Channel Update for Chromebooks
2012-02-16 00:00:00
exploitpack
exploitpack
securityvulns
securityvulns
Linux privilege escalation
2012-02-08 00:00:00
[USN-1364-1] Linux kernel (OMAP4) vulnerabilities
2012-02-15 00:00:00
Linux kernel multiple security vulnerabilities
2012-02-15 00:00:00
ubuntu
ubuntu
Linux kernel (Oneiric backport) vulnerability
2012-01-26 00:00:00
Linux kernel vulnerabilities
2012-03-27 00:00:00
Linux kernel (EC2) vulnerabilities
2012-03-06 00:00:00
android
android
mempodroid - mempodripper - mem exploit
2012-01-24 00:00:00
canvas
canvas
Immunity Canvas: CVE_2012_0056
2012-01-27 15:55:00
thn
thn
CVE-2012-0056 Linux privilege escalation [Video Demonstration]
2012-01-28 19:55:00
cert
cert
Linux Kernel local privilege escalation via SUID /proc/pid/mem write
2012-01-27 00:00:00
centos
centos
kernel, perf, python security update
2012-01-24 20:01:50
kernel, perf, python security update
2011-12-23 09:04:53
qemu security update
2012-01-24 03:15:05
exploitdb
exploitdb
debian
debian
[SECURITY] [DSA 2389-1] linux-2.6 security update
2012-01-16 04:04:27
osv
osv
linux-2.6 - several
2012-01-15 00:00:00
suse
suse
Security update for Linux kernel (important)
2012-02-06 23:08:27
kernel update for SLE11 SP2 (important)
2012-04-26 20:08:43
Security update for the Linux Kernel (important)
2012-02-06 15:08:23
Related for FEDORA_2012-0861.NASL