Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.GENTOO_GLSA-200407-16.NASL
HistoryAug 30, 2004 - 12:00 a.m.

GLSA-200407-16 : Linux Kernel: Multiple DoS and permission vulnerabilities

2004-08-3000:00:00
This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
26
JSON

The remote host is affected by the vulnerability described in GLSA-200407-16 (Linux Kernel: Multiple DoS and permission vulnerabilities)

The Linux kernel allows a local attacker to mount a remote file system     on a vulnerable Linux host and modify files' group IDs. On 2.4 series     kernels this vulnerability only affects shared NFS file systems. This     vulnerability has been assigned CAN-2004-0497 by the Common     Vulnerabilities and Exposures project.
Also, a flaw in the handling of /proc attributes has been found in 2.6     series kernels; allowing the unauthorized modification of /proc     entries, especially those which rely solely on file permissions for     security to vital kernel parameters.
An issue specific to the VServer Linux sources has been found, by which     /proc related changes in one virtual context are applied to other     contexts as well, including the host system.
CAN-2004-0447 resolves a local DoS vulnerability on IA64 platforms     which can cause unknown behaviour and CAN-2004-0565 resolves a floating     point information leak on IA64 platforms by which registers of other     processes can be read by a local user.
Finally, CAN-2004-0496 addresses some more unknown vulnerabilities in     2.6 series Linux kernels older than 2.6.7 which were found by the     Sparse source code checking tool.

Impact :

Bad Group IDs can possibly cause a Denial of Service on parts of a host     if the changed files normally require a special GID to properly     operate. By exploiting this vulnerability, users in the original file     group would also be blocked from accessing the changed files.
The /proc attribute vulnerability allows local users with previously no     permissions to certain /proc entries to exploit the vulnerability and     then gain read, write and execute access to entries.
These new privileges can be used to cause unknown behaviour ranging     from reduced system performance to a Denial of Service by manipulating     various kernel options which are usually reserved for the superuser.
This flaw might also be used for opening restrictions set through /proc     entries, allowing further attacks to take place through another     possibly unexpected attack vector.
The VServer issue can also be used to induce similar unexpected     behaviour to other VServer contexts, including the host. By successful     exploitation, a Denial of Service for other contexts can be caused     allowing only root to read certain /proc entries. Such a change would     also be replicated to other contexts, forbidding normal users on those     contexts to read /proc entries which could contain details needed by     daemons running as a non-root user, for example.
Additionally, this vulnerability allows an attacker to read information     from another context, possibly hosting a different server, gaining     critical information such as what processes are running. This may be     used for furthering the exploitation of either context.
CAN-2004-0447 and CAN-2004-0496 permit various local unknown Denial of     Service vulnerabilities with unknown impacts - these vulnerabilities     can be used to possibly elevate privileges or access reserved kernel     memory which can be used for further exploitation of the system.
CAN-2004-0565 allows FPU register values of other processes to be read     by a local user setting the MFH bit during a floating point operation -     since no check was in place to ensure that the FPH bit was owned by the     requesting process, but only an MFH bit check, an attacker can simply     set the MFH bit and access FPU registers of processes running as other     users, possibly those running as root.

Workaround :

2.4 users may not be affected by CAN-2004-0497 if they do not use     remote network filesystems and do not have support for any such     filesystems in their kernel configuration. All 2.6 users are affected     by the /proc attribute issue and the only known workaround is to     disable /proc support. The VServer flaw applies only to     vserver-sources, and no workaround is currently known for the issue.
There is no known fix to CAN-2004-0447, CAN-2004-0496 or CAN-2004-0565     other than to upgrade the kernel to a patched version.
As a result, all users affected by any of these vulnerabilities should     upgrade their kernels to ensure the integrity of their systems.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200407-16.
#
# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(14549);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2004-0447", "CVE-2004-0496", "CVE-2004-0497", "CVE-2004-0565");
  script_xref(name:"GLSA", value:"200407-16");

  script_name(english:"GLSA-200407-16 : Linux Kernel: Multiple DoS and permission vulnerabilities");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200407-16
(Linux Kernel: Multiple DoS and permission vulnerabilities)

    The Linux kernel allows a local attacker to mount a remote file system
    on a vulnerable Linux host and modify files' group IDs. On 2.4 series
    kernels this vulnerability only affects shared NFS file systems. This
    vulnerability has been assigned CAN-2004-0497 by the Common
    Vulnerabilities and Exposures project.
    Also, a flaw in the handling of /proc attributes has been found in 2.6
    series kernels; allowing the unauthorized modification of /proc
    entries, especially those which rely solely on file permissions for
    security to vital kernel parameters.
    An issue specific to the VServer Linux sources has been found, by which
    /proc related changes in one virtual context are applied to other
    contexts as well, including the host system.
    CAN-2004-0447 resolves a local DoS vulnerability on IA64 platforms
    which can cause unknown behaviour and CAN-2004-0565 resolves a floating
    point information leak on IA64 platforms by which registers of other
    processes can be read by a local user.
    Finally, CAN-2004-0496 addresses some more unknown vulnerabilities in
    2.6 series Linux kernels older than 2.6.7 which were found by the
    Sparse source code checking tool.
  
Impact :

    Bad Group IDs can possibly cause a Denial of Service on parts of a host
    if the changed files normally require a special GID to properly
    operate. By exploiting this vulnerability, users in the original file
    group would also be blocked from accessing the changed files.
    The /proc attribute vulnerability allows local users with previously no
    permissions to certain /proc entries to exploit the vulnerability and
    then gain read, write and execute access to entries.
    These new privileges can be used to cause unknown behaviour ranging
    from reduced system performance to a Denial of Service by manipulating
    various kernel options which are usually reserved for the superuser.
    This flaw might also be used for opening restrictions set through /proc
    entries, allowing further attacks to take place through another
    possibly unexpected attack vector.
    The VServer issue can also be used to induce similar unexpected
    behaviour to other VServer contexts, including the host. By successful
    exploitation, a Denial of Service for other contexts can be caused
    allowing only root to read certain /proc entries. Such a change would
    also be replicated to other contexts, forbidding normal users on those
    contexts to read /proc entries which could contain details needed by
    daemons running as a non-root user, for example.
    Additionally, this vulnerability allows an attacker to read information
    from another context, possibly hosting a different server, gaining
    critical information such as what processes are running. This may be
    used for furthering the exploitation of either context.
    CAN-2004-0447 and CAN-2004-0496 permit various local unknown Denial of
    Service vulnerabilities with unknown impacts - these vulnerabilities
    can be used to possibly elevate privileges or access reserved kernel
    memory which can be used for further exploitation of the system.
    CAN-2004-0565 allows FPU register values of other processes to be read
    by a local user setting the MFH bit during a floating point operation -
    since no check was in place to ensure that the FPH bit was owned by the
    requesting process, but only an MFH bit check, an attacker can simply
    set the MFH bit and access FPU registers of processes running as other
    users, possibly those running as root.
  
Workaround :

    2.4 users may not be affected by CAN-2004-0497 if they do not use
    remote network filesystems and do not have support for any such
    filesystems in their kernel configuration. All 2.6 users are affected
    by the /proc attribute issue and the only known workaround is to
    disable /proc support. The VServer flaw applies only to
    vserver-sources, and no workaround is currently known for the issue.
    There is no known fix to CAN-2004-0447, CAN-2004-0496 or CAN-2004-0565
    other than to upgrade the kernel to a patched version.
    As a result, all users affected by any of these vulnerabilities should
    upgrade their kernels to ensure the integrity of their systems."
  );
  # http://www.securityfocus.com/archive/1/367977
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.securityfocus.com/archive/1/367977"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200407-16"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Users are encouraged to upgrade to the latest available sources for
    their system:
    # emerge sync
    # emerge -pv your-favorite-sources
    # emerge your-favorite-sources
    # # Follow usual procedure for compiling and installing a kernel.
    # # If you use genkernel, run genkernel as you would do normally."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:aa-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:alpha-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:ck-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:compaq-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:development-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:gentoo-dev-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:gentoo-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:grsec-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:gs-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:hardened-dev-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:hardened-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:hppa-dev-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:hppa-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:ia64-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mips-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mm-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:openmosix-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:pac-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:pegasos-dev-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:pegasos-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:planet-ccrma-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:ppc-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:rsbac-dev-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:rsbac-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:selinux-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:sparc-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:uclinux-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:usermode-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:vanilla-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:vserver-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:win4lin-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:wolk-sources");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:xbox-sources");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2004/08/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2004/07/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/08/30");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"sys-kernel/rsbac-sources", unaffected:make_list("ge 2.4.26-r3"), vulnerable:make_list("lt 2.4.26-r3"))) flag++;
if (qpkg_check(package:"sys-kernel/hppa-dev-sources", unaffected:make_list("ge 2.6.7_p1-r2"), vulnerable:make_list("lt 2.6.7_p1-r2"))) flag++;
if (qpkg_check(package:"sys-kernel/hppa-sources", unaffected:make_list("ge 2.4.26_p6-r1"), vulnerable:make_list("lt 2.4.26_p6-r1"))) flag++;
if (qpkg_check(package:"sys-kernel/planet-ccrma-sources", unaffected:make_list("ge 2.4.21-r11"), vulnerable:make_list("lt 2.4.21-r11"))) flag++;
if (qpkg_check(package:"sys-kernel/openmosix-sources", unaffected:make_list("ge 2.4.22-r11"), vulnerable:make_list("lt 2.4.22-r11"))) flag++;
if (qpkg_check(package:"sys-kernel/vserver-sources", unaffected:make_list("ge 2.0"), vulnerable:make_list("lt 2.4.26.1.28-r1", "ge 2.4", "lt 2.0"))) flag++;
if (qpkg_check(package:"sys-kernel/development-sources", unaffected:make_list("ge 2.6.8_rc1"), vulnerable:make_list("lt 2.6.8_rc1"))) flag++;
if (qpkg_check(package:"sys-kernel/xbox-sources", unaffected:make_list("rge 2.4.26-r3", "ge 2.6.7-r2"), vulnerable:make_list("lt 2.6.7-r2"))) flag++;
if (qpkg_check(package:"sys-kernel/hardened-dev-sources", unaffected:make_list("ge 2.6.7-r2"), vulnerable:make_list("lt 2.6.7-r2"))) flag++;
if (qpkg_check(package:"sys-kernel/gentoo-dev-sources", unaffected:make_list("ge 2.6.7-r8"), vulnerable:make_list("lt 2.6.7-r8"))) flag++;
if (qpkg_check(package:"sys-kernel/mips-sources", unaffected:make_list("ge 2.4.27"), vulnerable:make_list("lt 2.4.27"))) flag++;
if (qpkg_check(package:"sys-kernel/compaq-sources", unaffected:make_list("ge 2.4.9.32.7-r8"), vulnerable:make_list("lt 2.4.9.32.7-r8"))) flag++;
if (qpkg_check(package:"sys-kernel/pegasos-sources", unaffected:make_list("ge 2.4.26-r3"), vulnerable:make_list("lt 2.4.26-r3"))) flag++;
if (qpkg_check(package:"sys-kernel/grsec-sources", unaffected:make_list("ge 2.4.26.2.0-r6"), vulnerable:make_list("lt 2.4.26.2.0-r6"))) flag++;
if (qpkg_check(package:"sys-kernel/uclinux-sources", unaffected:make_list("rge 2.4.26_p0-r3", "ge 2.6.7_p0-r2"), vulnerable:make_list("lt 2.6.7_p0-r2"))) flag++;
if (qpkg_check(package:"sys-kernel/wolk-sources", unaffected:make_list("rge 4.9-r10", "rge 4.11-r7", "ge 4.14-r4"), vulnerable:make_list("lt 4.14-r4"))) flag++;
if (qpkg_check(package:"sys-kernel/vanilla-sources", unaffected:make_list("ge 2.4.27"), vulnerable:make_list("le 2.4.26"))) flag++;
if (qpkg_check(package:"sys-kernel/gentoo-sources", unaffected:make_list("rge 2.4.19-r18", "rge 2.4.20-r21", "rge 2.4.22-r13", "rge 2.4.25-r6", "ge 2.4.26-r5"), vulnerable:make_list("lt 2.4.26-r5"))) flag++;
if (qpkg_check(package:"sys-kernel/hardened-sources", unaffected:make_list("ge 2.4.26-r3"), vulnerable:make_list("lt 2.4.26-r3"))) flag++;
if (qpkg_check(package:"sys-kernel/aa-sources", unaffected:make_list("rge 2.4.23-r2", "ge 2.6.5-r5"), vulnerable:make_list("lt 2.6.5-r5"))) flag++;
if (qpkg_check(package:"sys-kernel/gs-sources", unaffected:make_list("ge 2.4.25_pre7-r8"), vulnerable:make_list("lt 2.4.25_pre7-r8"))) flag++;
if (qpkg_check(package:"sys-kernel/ia64-sources", unaffected:make_list("ge 2.4.24-r7"), vulnerable:make_list("lt 2.4.24-r7"))) flag++;
if (qpkg_check(package:"sys-kernel/pegasos-dev-sources", unaffected:make_list("ge 2.6.7-r2"), vulnerable:make_list("lt 2.6.7-r2"))) flag++;
if (qpkg_check(package:"sys-kernel/pac-sources", unaffected:make_list("ge 2.4.23-r9"), vulnerable:make_list("lt 2.4.23-r9"))) flag++;
if (qpkg_check(package:"sys-kernel/sparc-sources", unaffected:make_list("ge 2.4.26-r3"), vulnerable:make_list("lt 2.4.26-r3"))) flag++;
if (qpkg_check(package:"sys-kernel/alpha-sources", unaffected:make_list("ge 2.4.21-r9"), vulnerable:make_list("lt 2.4.21-r9"))) flag++;
if (qpkg_check(package:"sys-kernel/ppc-sources", unaffected:make_list("ge 2.4.26-r3"), vulnerable:make_list("lt 2.4.26-r3"))) flag++;
if (qpkg_check(package:"sys-kernel/rsbac-dev-sources", unaffected:make_list("ge 2.6.7-r2"), vulnerable:make_list("lt 2.6.7-r2"))) flag++;
if (qpkg_check(package:"sys-kernel/selinux-sources", unaffected:make_list("ge 2.4.26-r2"), vulnerable:make_list("lt 2.4.26-r2"))) flag++;
if (qpkg_check(package:"sys-kernel/usermode-sources", unaffected:make_list("rge 2.4.24-r6", "rge 2.4.26-r3", "ge 2.6.6-r4"), vulnerable:make_list("lt 2.6.6-r4"))) flag++;
if (qpkg_check(package:"sys-kernel/ck-sources", unaffected:make_list("rge 2.4.26-r1", "ge 2.6.7-r5"), vulnerable:make_list("lt 2.6.7-r5"))) flag++;
if (qpkg_check(package:"sys-kernel/win4lin-sources", unaffected:make_list("rge 2.4.26-r3", "ge 2.6.7-r2"), vulnerable:make_list("lt 2.6.7-r2"))) flag++;
if (qpkg_check(package:"sys-kernel/mm-sources", unaffected:make_list("ge 2.6.7-r6"), vulnerable:make_list("lt 2.6.7-r6"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Linux Kernel");
}
VendorProductVersionCPE
gentoolinuxaa-sourcesp-cpe:/a:gentoo:linux:aa-sources
gentoolinuxalpha-sourcesp-cpe:/a:gentoo:linux:alpha-sources
gentoolinuxck-sourcesp-cpe:/a:gentoo:linux:ck-sources
gentoolinuxcompaq-sourcesp-cpe:/a:gentoo:linux:compaq-sources
gentoolinuxdevelopment-sourcesp-cpe:/a:gentoo:linux:development-sources
gentoolinuxgentoo-dev-sourcesp-cpe:/a:gentoo:linux:gentoo-dev-sources
gentoolinuxgentoo-sourcesp-cpe:/a:gentoo:linux:gentoo-sources
gentoolinuxgrsec-sourcesp-cpe:/a:gentoo:linux:grsec-sources
gentoolinuxgs-sourcesp-cpe:/a:gentoo:linux:gs-sources
gentoolinuxhardened-dev-sourcesp-cpe:/a:gentoo:linux:hardened-dev-sources
Rows per page:
1-10 of 341

Related

gentoo 1
openvas 9
nessus 12
cve 5
seebug 1
zdt 1
ubuntucve 2
exploitdb 2
redhat 6
exploitpack 1
securityvulns 1
suse 1
debian 5
osv 4
gentoo
gentoo
Linux Kernel: Multiple DoS and permission vulnerabilities
2004-07-22 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200407-16 (Kernel)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200407-16 (Kernel)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-1069-1)
2023-03-08 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : kernel (MDKSA-2004:066)
2004-07-31 00:00:00
SUSE-SA:2004:020: kernel
2004-07-25 00:00:00
RHEL 2.1 : kernel (RHSA-2004:354)
2004-07-06 00:00:00
cve
cve
CVE-2004-0497
2004-12-06 05:00:00
CVE-2004-0565
2004-12-06 05:00:00
CVE-2004-0496
2004-12-06 05:00:00
seebug
seebug
Linux Kernel 2.6.x chown() Group Ownership Alteration Exploit
2008-07-16 00:00:00
zdt
zdt
Linux Kernel 2.6.x < 2.6.7-rc3 - sys_chown() Privilege Escalation Exploit
2016-11-08 00:00:00
ubuntucve
ubuntucve
CVE-2004-0497
2004-12-06 00:00:00
CVE-2004-0565
2004-12-06 00:00:00
exploitdb
exploitdb
Linux Kernel 2.6.x < 2.6.7-rc3 - 'sys_chown()' Privilege Escalation
2004-12-04 00:00:00
Linux Kernel &lt; 2.6.7-rc3 (Slackware 9.1 / Debian 3.0) - &#039;sys_chown()&#039; Group Ownership Alteration Privilege Escalation
2004-12-24 00:00:00
redhat
redhat
(RHSA-2004:354) kernel security update
2004-07-02 00:00:00
(RHSA-2004:360) kernel security update
2004-07-02 00:00:00
(RHSA-2004:413) kernel security update
2004-08-03 00:00:00
exploitpack
exploitpack
Linux Kernel 2.6.7-rc3 (Slackware 9.1 Debian 3.0) - sys_chown() Group Ownership Alteration Privilege Escalation
2004-12-24 00:00:00
securityvulns
securityvulns
SUSE Security Announcement: kernel &#40;SUSE-SA:2004:020&#41;
2004-07-03 00:00:00
suse
suse
local privilege escalation in kernel
2004-07-02 16:38:51
debian
debian
[SECURITY] [DSA 1082-1] New Linux kernel 2.4.17 packages fix several vulnerabilities
2006-05-29 19:29:19
[SECURITY] [DSA 1069-1] New Linux kernel 2.4.18 packages fix several vulnerabilities
2006-05-21 17:30:06
[SECURITY] [DSA 1069-1] New Linux kernel 2.4.18 packages fix several vulnerabilities
2006-05-21 02:53:34
osv
osv
kernel-source-2.4.16 - several
2006-05-20 00:00:00
kernel-source-2.4.18 - several
2006-05-20 00:00:00
kernel-source-2.4.19 - several vulnerabilities
2006-05-21 00:00:00
JSON
Related for GENTOO_GLSA-200407-16.NASL
gentoo1openvas9nessus12cve5seebug1zdt1ubuntucve2exploitdb2redhat6exploitpack1securityvulns1suse1debian5osv4