Lucene search
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.MANDRAKE_MDKSA-2004-029.NASLHistoryJul 31, 2004 - 12:00 a.m.
Mandrake Linux Security Advisory : kernel (MDKSA-2004:029)
2004-07-3100:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
9
A vulnerability was found in the R128 DRI driver by Alan Cox. This could allow local privilege escalation. The previous fix, in MDKSA-2004:015 only partially corrected the problem; the full fix is included (CVE-2004-0003).
A local root vulnerability was discovered in the isofs component of the Linux kernel by iDefense. This vulnerability can be triggered by performing a directory listing on a maliciously constructed ISO filesystem, or attempting to access a file via a malformed symlink on such a filesystem (CVE-2004-0109).
An information leak was discovered in the ext3 filesystem code by Solar Designer. It was discovered that when creating or writing to an ext3 filesystem, some amount of other in-memory data gets written to the device. The data is not the file’s contents, not something on the same filesystem, or even anything that was previously in a file at all. To obtain this data, a user needs to read the raw device (CVE-2004-0177).
The same vulnerability was also found in the XFS filesystem code (CVE-2004-0133) and the JFS filesystem code (CVE-2004-0181).
Finally, a vulnerability in the OSS code for SoundBlaster 16 devices was discovered by Andreas Kies. It is possible for local users with access to the sound system to crash the machine (CVE-2004-0178).
The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels.
To update your kernel, please follow the directions located at :
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandrake Linux Security Advisory MDKSA-2004:029.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(14128);
script_version("1.20");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2004-0003", "CVE-2004-0109", "CVE-2004-0133", "CVE-2004-0177", "CVE-2004-0178", "CVE-2004-0181");
script_xref(name:"MDKSA", value:"2004:029");
script_name(english:"Mandrake Linux Security Advisory : kernel (MDKSA-2004:029)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandrake Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"A vulnerability was found in the R128 DRI driver by Alan Cox. This
could allow local privilege escalation. The previous fix, in
MDKSA-2004:015 only partially corrected the problem; the full fix is
included (CVE-2004-0003).
A local root vulnerability was discovered in the isofs component of
the Linux kernel by iDefense. This vulnerability can be triggered by
performing a directory listing on a maliciously constructed ISO
filesystem, or attempting to access a file via a malformed symlink on
such a filesystem (CVE-2004-0109).
An information leak was discovered in the ext3 filesystem code by
Solar Designer. It was discovered that when creating or writing to an
ext3 filesystem, some amount of other in-memory data gets written to
the device. The data is not the file's contents, not something on the
same filesystem, or even anything that was previously in a file at
all. To obtain this data, a user needs to read the raw device
(CVE-2004-0177).
The same vulnerability was also found in the XFS filesystem code
(CVE-2004-0133) and the JFS filesystem code (CVE-2004-0181).
Finally, a vulnerability in the OSS code for SoundBlaster 16 devices
was discovered by Andreas Kies. It is possible for local users with
access to the sound system to crash the machine (CVE-2004-0178).
The provided packages are patched to fix these vulnerabilities. All
users are encouraged to upgrade to these updated kernels.
To update your kernel, please follow the directions located at :
http://www.mandrakesecure.net/en/kernelupdate.php"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-2.4.21.0.29mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-2.4.22.29mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-2.4.25.3mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-2.6.3.8mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.21.0.29mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.22.29mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.25.3mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-enterprise-2.6.3.8mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-i686-up-4GB-2.4.22.29mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-i686-up-4GB-2.4.25.3mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-i686-up-4GB-2.6.3.8mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-p3-smp-64GB-2.4.22.29mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-p3-smp-64GB-2.4.25.3mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-p3-smp-64GB-2.6.3.8mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-secure-2.4.21.0.29mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-secure-2.4.22.29mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-secure-2.6.3.8mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-smp-2.4.21.0.29mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-smp-2.4.22.29mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-smp-2.4.25.3mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-smp-2.6.3.8mdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source-stripped");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.2");
script_set_attribute(attribute:"patch_publication_date", value:"2004/04/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-2.4.25.3mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-2.6.3.8mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-enterprise-2.4.25.3mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-enterprise-2.6.3.8mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-i686-up-4GB-2.4.25.3mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-i686-up-4GB-2.6.3.8mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-p3-smp-64GB-2.4.25.3mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-p3-smp-64GB-2.6.3.8mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-secure-2.6.3.8mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-smp-2.4.25.3mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-smp-2.6.3.8mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-source-2.4.25-3mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-source-stripped-2.6.3-8mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"kernel-2.4.21.0.29mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"kernel-enterprise-2.4.21.0.29mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"kernel-secure-2.4.21.0.29mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"kernel-smp-2.4.21.0.29mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"kernel-source-2.4.21-0.29mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"kernel-2.4.22.29mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"kernel-enterprise-2.4.22.29mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"kernel-i686-up-4GB-2.4.22.29mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"kernel-p3-smp-64GB-2.4.22.29mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"kernel-secure-2.4.22.29mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"kernel-smp-2.4.22.29mdk-1-1mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"kernel-source-2.4.22-29mdk", yank:"mdk")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mandriva | linux | kernel-2.4.21.0.29mdk | p-cpe:/a:mandriva:linux:kernel-2.4.21.0.29mdk |
| mandriva | linux | kernel-2.4.22.29mdk | p-cpe:/a:mandriva:linux:kernel-2.4.22.29mdk |
| mandriva | linux | kernel-2.4.25.3mdk | p-cpe:/a:mandriva:linux:kernel-2.4.25.3mdk |
| mandriva | linux | kernel-2.6.3.8mdk | p-cpe:/a:mandriva:linux:kernel-2.6.3.8mdk |
| mandriva | linux | kernel-enterprise-2.4.21.0.29mdk | p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.21.0.29mdk |
| mandriva | linux | kernel-enterprise-2.4.22.29mdk | p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.22.29mdk |
| mandriva | linux | kernel-enterprise-2.4.25.3mdk | p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.25.3mdk |
| mandriva | linux | kernel-enterprise-2.6.3.8mdk | p-cpe:/a:mandriva:linux:kernel-enterprise-2.6.3.8mdk |
| mandriva | linux | kernel-i686-up-4gb-2.4.22.29mdk | p-cpe:/a:mandriva:linux:kernel-i686-up-4gb-2.4.22.29mdk |
| mandriva | linux | kernel-i686-up-4gb-2.4.25.3mdk | p-cpe:/a:mandriva:linux:kernel-i686-up-4gb-2.4.25.3mdk |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0003
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0109
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0133
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0177
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0178
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0181
Related
nessus
nessus
Fedora Core 1 : kernel-2.4.22-1.2179.nptl (2004-101)
2004-07-23 00:00:00
Debian DSA-481-1 : linux-kernel-2.4.17-ia64 - several vulnerabilities
2004-09-29 00:00:00
Debian DSA-491-1 : linux-kernel-2.4.19-mips - several vulnerabilities
2004-09-29 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-479)
2008-01-17 00:00:00
Debian Security Advisory DSA 482-1 (kernel)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-479-1)
2008-01-17 00:00:00
debian
debian
osv
osv
linux-kernel-2.4.17-apus+s390 - several vulnerabilities
2004-04-14 00:00:00
linux-kernel-2.4.18-alpha+i386+powerpc - several vulnerabilities
2004-04-14 00:00:00
linux-kernel-2.4.19-mips - several vulnerabilities
2004-04-17 00:00:00
securityvulns
securityvulns
gentoo
gentoo
Linux Kernel: Multiple vulnerabilities
2004-07-03 00:00:00
ubuntucve
ubuntucve
redhat
redhat
(RHSA-2004:105) kernel security update
2004-04-21 00:00:00
(RHSA-2004:437) Updated kernel packages fix security vulnerability
2004-08-18 00:00:00
(RHSA-2004:106) kernel security update
2004-04-21 00:00:00
cve
cve
suse
suse
local privilege escalation in Linux Kernel
2004-04-14 15:46:44
local privilege escalation in Linux Kernel
2004-02-18 22:19:53
centos
centos
kernel security update
2005-04-22 21:54:37
kernel security update
2005-09-28 16:08:41
Related for MANDRAKE_MDKSA-2004-029.NASL