OracleVM 2.1 : kernel (OVMSA-2009-0009)

2014-11-26T00:00:00

Description

The remote OracleVM system is missing necessary patches to address critical security updates : CVE-2008-4307 Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improper handling of a race between fcntl and close in the EINTR case. CVE-2009-1337 The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application. CVE-2009-0834 The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343. CVE-2009-1336 fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service (OOPS) via a long filename, related to the encode_lookup function. - CVE-2008-4307 -[nfs] remove bogus lock-if-signalled case (Bryn M. Reeves) [456287 456288] - CVE-2009-1337 - [misc] exit_notify: kill the wrong capable check - CVE-2009-0834 - [ptrace] audit_syscall_entry to use right syscall number (Jiri Pirko) [488001 488002] - CVE-2009-1336 - [nfs] v4: client crash on file lookup with long names (Sachin S. Prabhu) [494078 493942]

{"id": "ORACLEVM_OVMSA-2009-0009.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "OracleVM 2.1 : kernel (OVMSA-2009-0009)", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\nCVE-2008-4307 Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improper handling of a race between fcntl and close in the EINTR case.\n\nCVE-2009-1337 The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\nCVE-2009-0834 The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.\n\nCVE-2009-1336 fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service (OOPS) via a long filename, related to the encode_lookup function.\n\n - CVE-2008-4307 -[nfs] remove bogus lock-if-signalled case (Bryn M. Reeves) [456287 456288]\n\n - CVE-2009-1337 - [misc] exit_notify: kill the wrong capable check \n\n - CVE-2009-0834 - [ptrace] audit_syscall_entry to use right syscall number (Jiri Pirko) [488001 488002]\n\n - CVE-2009-1336 - [nfs] v4: client crash on file lookup with long names (Sachin S. Prabhu) [494078 493942]", "published": "2014-11-26T00:00:00", "modified": "2021-01-14T00:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 7.2}, "severity": "HIGH", "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/79456", "reporter": "This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0342", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1336", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1337", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0343", "https://oss.oracle.com/pipermail/oraclevm-errata/2009-May/000023.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0834", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4307"], "cvelist": ["CVE-2008-4307", "CVE-2009-0342", "CVE-2009-0343", "CVE-2009-0834", "CVE-2009-1336", "CVE-2009-1337"], "immutableFields": [], "lastseen": "2023-01-18T14:40:43", "viewCount": 23, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2009:0459", "CESA-2009:0473", "CESA-2009:1550"]}, {"type": "cve", "idList": ["CVE-2008-4307", "CVE-2009-0342", "CVE-2009-0343", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-1336", "CVE-2009-1337"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1787-1:1654D", "DEBIAN:DSA-1794-1:CF19C", "DEBIAN:DSA-1800-1:C8938"]}, {"type": "f5", "idList": ["SOL16351"]}, {"type": "fedora", "idList": ["FEDORA:2BC4510F896"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2009-0459.NASL", "CENTOS_RHSA-2009-0473.NASL", "CENTOS_RHSA-2009-1550.NASL", "DEBIAN_DSA-1787.NASL", "DEBIAN_DSA-1794.NASL", "DEBIAN_DSA-1800.NASL", "FEDORA_2009-5356.NASL", "MANDRIVA_MDVSA-2009-118.NASL", "MANDRIVA_MDVSA-2009-119.NASL", "MANDRIVA_MDVSA-2009-135.NASL", "ORACLELINUX_ELSA-2009-0459.NASL", "ORACLELINUX_ELSA-2009-0473.NASL", "ORACLELINUX_ELSA-2009-1550.NASL", "REDHAT-RHSA-2009-0459.NASL", "REDHAT-RHSA-2009-0473.NASL", "REDHAT-RHSA-2009-1024.NASL", "REDHAT-RHSA-2009-1077.NASL", "REDHAT-RHSA-2009-1550.NASL", "REDHAT-RHSA-2010-0079.NASL", "SL_20090430_KERNEL_ON_SL4_X.NASL", "SL_20090507_KERNEL_ON_SL5_X.NASL", "SL_20090630_KERNEL_ON_SL4_X.NASL", "SL_20091103_KERNEL_ON_SL3_X.NASL", "SUSE_11_0_KERNEL-090602.NASL", "SUSE_11_1_KERNEL-090527.NASL", "SUSE_11_KERNEL-090527.NASL", "SUSE_KERNEL-6236.NASL", "SUSE_KERNEL-6237.NASL", "SUSE_KERNEL-6274.NASL", "UBUNTU_USN-751-1.NASL", "UBUNTU_USN-752-1.NASL", "UBUNTU_USN-793-1.NASL", "VMWARE_VMSA-2009-0016.NASL", "VMWARE_VMSA-2009-0016_REMOTE.NASL", "VMWARE_VMSA-2010-0010.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122489", "OPENVAS:136141256231063908", "OPENVAS:136141256231063911", "OPENVAS:136141256231063939", "OPENVAS:136141256231063946", "OPENVAS:136141256231063947", "OPENVAS:136141256231063959", "OPENVAS:136141256231063970", "OPENVAS:136141256231063978", "OPENVAS:136141256231064023", "OPENVAS:136141256231064034", "OPENVAS:136141256231064067", "OPENVAS:136141256231064074", "OPENVAS:136141256231064131", "OPENVAS:136141256231064187", "OPENVAS:136141256231064188", "OPENVAS:136141256231064189", "OPENVAS:136141256231064220", "OPENVAS:136141256231065365", "OPENVAS:136141256231065670", "OPENVAS:136141256231065924", "OPENVAS:136141256231066178", "OPENVAS:136141256231066217", "OPENVAS:1361412562310880838", "OPENVAS:1361412562310880841", "OPENVAS:1361412562310880941", "OPENVAS:63811", "OPENVAS:63812", "OPENVAS:63908", "OPENVAS:63911", "OPENVAS:63939", "OPENVAS:63946", "OPENVAS:63947", "OPENVAS:63959", "OPENVAS:63970", "OPENVAS:63978", "OPENVAS:64023", "OPENVAS:64034", "OPENVAS:64067", "OPENVAS:64074", "OPENVAS:64131", "OPENVAS:64175", "OPENVAS:64187", "OPENVAS:64188", "OPENVAS:64189", "OPENVAS:64220", "OPENVAS:65365", "OPENVAS:65670", "OPENVAS:65924", "OPENVAS:66178", "OPENVAS:66217", "OPENVAS:880838", "OPENVAS:880841", "OPENVAS:880941"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-0459", "ELSA-2009-0473", "ELSA-2009-1024", "ELSA-2009-1243", "ELSA-2009-1550"]}, {"type": "osv", "idList": ["OSV:DSA-1787-1", "OSV:DSA-1794-1", "OSV:DSA-1800-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:76444"]}, {"type": "redhat", "idList": ["RHSA-2009:0451", "RHSA-2009:0459", "RHSA-2009:0473", "RHSA-2009:1024", "RHSA-2009:1077", "RHSA-2009:1550", "RHSA-2010:0079"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21767", "SECURITYVULNS:DOC:28783", "SECURITYVULNS:VULN:9889"]}, {"type": "seebug", "idList": ["SSV:4661"]}, {"type": "suse", "idList": ["SUSE-SA:2009:028", "SUSE-SA:2009:030", "SUSE-SA:2009:031", "SUSE-SA:2009:032", "SUSE-SA:2009:033"]}, {"type": "ubuntu", "idList": ["USN-751-1", "USN-752-1", "USN-793-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-4307", "UB:CVE-2009-0834", "UB:CVE-2009-0835", "UB:CVE-2009-1336", "UB:CVE-2009-1337"]}, {"type": "veracode", "idList": ["VERACODE:23610", "VERACODE:23612", "VERACODE:23613", "VERACODE:23614"]}, {"type": "vmware", "idList": ["VMSA-2009-0016", "VMSA-2009-0016.6", "VMSA-2010-0010"]}]}, "score": {"value": -0.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2009:0459", "CESA-2009:0473", "CESA-2009:1550"]}, {"type": "cve", "idList": ["CVE-2008-4307"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1787-1:1654D"]}, {"type": "f5", "idList": ["SOL16351"]}, {"type": "fedora", "idList": ["FEDORA:2BC4510F896"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/LINUXRPM-RHSA-2009-0451/"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-1794.NASL", "UBUNTU_USN-752-1.NASL", "UBUNTU_USN-793-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310107443", "OPENVAS:136141256231065365"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1550"]}, {"type": "redhat", "idList": ["RHSA-2009:1024", "RHSA-2009:1077", "RHSA-2009:1550"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9889"]}, {"type": "seebug", "idList": ["SSV:4661"]}, {"type": "suse", "idList": ["SUSE-SA:2009:030"]}, {"type": "ubuntu", "idList": ["USN-751-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-4307"]}, {"type": "vmware", "idList": ["VMSA-2010-0010"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2008-4307", "epss": "0.000440000", "percentile": "0.082320000", "modified": "2023-03-13"}, {"cve": "CVE-2009-0342", "epss": "0.000420000", "percentile": "0.056400000", "modified": "2023-03-13"}, {"cve": "CVE-2009-0343", "epss": "0.000420000", "percentile": "0.004990000", "modified": "2023-03-13"}, {"cve": "CVE-2009-0834", "epss": "0.000460000", "percentile": "0.127290000", "modified": "2023-03-13"}, {"cve": "CVE-2009-1336", "epss": "0.000440000", "percentile": "0.082320000", "modified": "2023-03-13"}, {"cve": "CVE-2009-1337", "epss": "0.000420000", "percentile": "0.004990000", "modified": "2023-03-13"}], "vulnersScore": -0.0}, "_state": {"dependencies": 1674053786, "score": 1674052844, "epss": 1678784790}, "_internal": {"score_hash": "4ba4fe01289e8a10d616ec24845f304e"}, "pluginID": "79456", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2009-0009.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79456);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0342\", \"CVE-2009-0343\", \"CVE-2009-0834\", \"CVE-2009-1336\", \"CVE-2009-1337\");\n script_bugtraq_id(33417, 33951, 34405);\n\n script_name(english:\"OracleVM 2.1 : kernel (OVMSA-2009-0009)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\nCVE-2008-4307 Race condition in the do_setlk function in fs/nfs/file.c\nin the Linux kernel before 2.6.26 allows local users to cause a denial\nof service (crash) via vectors resulting in an interrupted RPC call\nthat leads to a stray FL_POSIX lock, related to improper handling of a\nrace between fcntl and close in the EINTR case.\n\nCVE-2009-1337 The exit_notify function in kernel/exit.c in the Linux\nkernel before 2.6.30-rc1 does not restrict exit signals when the\nCAP_KILL capability is held, which allows local users to send an\narbitrary signal to a process by running a program that modifies the\nexit_signal field and then uses an exec system call to launch a setuid\napplication.\n\nCVE-2009-0834 The audit_syscall_entry function in the Linux kernel\n2.6.28.7 and earlier on the x86_64 platform does not properly handle\n(1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process\nmaking a 32-bit syscall, which allows local users to bypass certain\nsyscall audit configurations via crafted syscalls, a related issue to\nCVE-2009-0342 and CVE-2009-0343.\n\nCVE-2009-1336 fs/nfs/client.c in the Linux kernel before 2.6.23 does\nnot properly initialize a certain structure member that stores the\nmaximum NFS filename length, which allows local users to cause a\ndenial of service (OOPS) via a long filename, related to the\nencode_lookup function.\n\n - CVE-2008-4307 -[nfs] remove bogus lock-if-signalled case\n (Bryn M. Reeves) [456287 456288]\n\n - CVE-2009-1337 - [misc] exit_notify: kill the wrong\n capable check \n\n - CVE-2009-0834 - [ptrace] audit_syscall_entry to use\n right syscall number (Jiri Pirko) [488001 488002]\n\n - CVE-2009-1336 - [nfs] v4: client crash on file lookup\n with long names (Sachin S. Prabhu) [494078 493942]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2009-May/000023.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-BOOT-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-ovs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-ovs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"2\\.1\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 2.1\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-BOOT-2.6.18-8.1.15.1.32.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-BOOT-devel-2.6.18-8.1.15.1.32.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-kdump-2.6.18-8.1.15.1.32.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-kdump-devel-2.6.18-8.1.15.1.32.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-ovs-2.6.18-8.1.15.1.32.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-ovs-devel-2.6.18-8.1.15.1.32.el5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-BOOT / kernel-BOOT-devel / kernel-kdump / kernel-kdump-devel / etc\");\n}\n", "naslFamily": "OracleVM Local Security Checks", "cpe": ["p-cpe:/a:oracle:vm:kernel-BOOT", "p-cpe:/a:oracle:vm:kernel-BOOT-devel", "p-cpe:/a:oracle:vm:kernel-kdump", "p-cpe:/a:oracle:vm:kernel-kdump-devel", "p-cpe:/a:oracle:vm:kernel-ovs", "p-cpe:/a:oracle:vm:kernel-ovs-devel", "cpe:/o:oracle:vm_server:2.1"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "", "vendor_cvss2": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2009-05-18T00:00:00", "vulnerabilityPublicationDate": "2009-01-13T00:00:00", "exploitableWith": []}

{"centos": [{"lastseen": "2023-01-01T04:51:00", "description": "**CentOS Errata and Security Advisory** CESA-2009:0473\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* a logic error was found in the do_setlk() function of the Linux kernel\nNetwork File System (NFS) implementation. If a signal interrupted a lock\nrequest, the local POSIX lock was incorrectly created. This could cause a\ndenial of service on the NFS server if a file descriptor was closed before\nits corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local, unprivileged\nuser to circumvent a system call audit configuration, if that configuration\nfiltered based on the \"syscall\" number or arguments.\n(CVE-2009-0834, Important)\n\n* the exit_notify() function in the Linux kernel did not properly reset the\nexit signal if a process executed a set user ID (setuid) application before\nexiting. This could allow a local, unprivileged user to elevate their\nprivileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the ecryptfs_write_metadata_to_contents() function of\nthe Linux kernel eCryptfs implementation. On systems with a 4096 byte\npage-size, this flaw may have caused 4096 bytes of uninitialized kernel\nmemory to be written into the eCryptfs file headers, leading to an\ninformation leak. Note: Encrypted files created on systems running the\nvulnerable version of eCryptfs may contain leaked data in the eCryptfs file\nheaders. This update does not remove any leaked data. Refer to the\nKnowledgebase article in the References section for further information.\n(CVE-2009-0787, Moderate)\n\n* the Linux kernel implementation of the Network File System (NFS) did not\nproperly initialize the file name limit in the nfs_server data structure.\nThis flaw could possibly lead to a denial of service on a client mounting\nan NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs:\n\n* the enic driver (Cisco 10G Ethernet) did not operate under\nvirtualization. (BZ#472474)\n\n* network interfaces using the IBM eHEA Ethernet device driver could not be\nsuccessfully configured under low-memory conditions. (BZ#487035)\n\n* bonding with the \"arp_validate=3\" option may have prevented fail overs.\n(BZ#488064)\n\n* when running under virtualization, the acpi-cpufreq module wrote \"Domain\nattempted WRMSR\" errors to the dmesg log. (BZ#488928)\n\n* NFS clients may have experienced deadlocks during unmount. (BZ#488929)\n\n* the ixgbe driver double counted the number of received bytes and packets.\n(BZ#489459)\n\n* the Wacom Intuos3 Lens Cursor device did not work correctly with the\nWacom Intuos3 12x12 tablet. (BZ#489460)\n\n* on the Itanium(r) architecture, nanosleep() caused commands which used it,\nsuch as sleep and usleep, to sleep for one second more than expected.\n(BZ#490434)\n\n* a panic and corruption of slab cache data structures occurred on 64-bit\nPowerPC systems when clvmd was running. (BZ#491677)\n\n* the NONSTOP_TSC feature did not perform correctly on the Intel(r)\nmicroarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n* keyboards may not have functioned on IBM eServer System p machines after\na certain point during installation or afterward. (BZ#494293)\n\n* using Device Mapper Multipathing with the qla2xxx driver resulted in\nfrequent path failures. (BZ#495635)\n\n* if the hypervisor was booted with the dom0_max_vcpus parameter set to\nless than the actual number of CPUs in the system, and the cpuspeed service\nwas started, the hypervisor could crash. (BZ#495931)\n\n* using Openswan to provide an IPsec virtual private network eventually\nresulted in a CPU soft lockup and a system crash. (BZ#496044)\n\n* it was possible for posix_locks_deadlock() to enter an infinite loop\n(under the BKL), causing a system hang. (BZ#496842)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2009-May/065319.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-May/065320.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2009:0473", "cvss3": {}, "published": "2009-05-07T18:35:31", "type": "centos", "title": "kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0787", "CVE-2009-0834", "CVE-2009-1336", "CVE-2009-1337"], "modified": "2009-05-07T18:35:31", "id": "CESA-2009:0473", "href": "https://lists.centos.org/pipermail/centos-announce/2009-May/065319.html", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-01-01T04:50:58", "description": "**CentOS Errata and Security Advisory** CESA-2009:0459\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes:\n\n* a logic error was found in the do_setlk() function of the Linux kernel\nNetwork File System (NFS) implementation. If a signal interrupted a lock\nrequest, the local POSIX lock was incorrectly created. This could cause a\ndenial of service on the NFS server if a file descriptor was closed before\nits corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local, unprivileged\nuser to circumvent a system call audit configuration, if that configuration\nfiltered based on the \"syscall\" number or arguments.\n(CVE-2009-0834, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel signals\nimplementation. The clone() system call permits the caller to indicate the\nsignal it wants to receive when its child exits. When clone() is called\nwith the CLONE_PARENT flag, it permits the caller to clone a new child that\nshares the same parent as itself, enabling the indicated signal to be sent\nto the caller's parent (instead of the caller), even if the caller's parent\nhas different real and effective user IDs. This could lead to a denial of\nservice of the parent. (CVE-2009-0028, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly\ninitialize a data structure that can be directly returned to user-space\nwhen the getsockopt() function is called with SO_BSDCOMPAT optname set.\nThis flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\nBug fixes:\n\n* a kernel crash may have occurred for Red Hat Enterprise Linux 4.7 guests\nif their guest configuration file specified \"vif = [ \"type=ioemu\" ]\". This\ncrash only occurred when starting guests via the \"xm create\" command.\n(BZ#477146)\n\n* a bug in IO-APIC NMI watchdog may have prevented Red Hat Enterprise Linux\n4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs during\ninstallation and \"NMI received for unknown reason [xx]\" errors may have\noccurred. (BZ#479184)\n\n* a kernel deadlock on some systems when using netdump through a network\ninterface that uses the igb driver. (BZ#480579)\n\n* a possible kernel hang in sys_ptrace() on the Itanium\u00ae architecture,\npossibly triggered by tracing a threaded process with strace. (BZ#484904)\n\n* the RHSA-2008:0665 errata only fixed the known problem with the LSI Logic\nLSI53C1030 Ultra320 SCSI controller, for tape devices. Read commands sent\nto tape devices may have received incorrect data. This issue may have led\nto data corruption. This update includes a fix for all types of devices.\n(BZ#487399)\n\n* a missing memory barrier caused a race condition in the AIO subsystem\nbetween the read_events() and aio_complete() functions. This may have\ncaused a thread in read_events() to sleep indefinitely, possibly causing an\napplication hang. (BZ#489935)\n\n* due to a lack of synchronization in the NFS client code, modifications\nto some pages (for files on an NFS mounted file system) made through a\nregion of memory mapped by mmap() may be lost if the NFS client invalidates\nits page cache for particular files. (BZ#490119)\n\n* a NULL pointer dereference in the megaraid_mbox driver caused a system\ncrash on some systems. (BZ#493420)\n\n* the ext3_symlink() function in the ext3 file system code used an\nillegal __GFP_FS allocation inside some transactions. This may have\nresulted in a kernel panic and \"Assertion failure\" errors. (BZ#493422)\n\n* do_machine_check() cleared all Machine Check Exception (MCE) status\nregisters, preventing the BIOS from using them to determine the cause of\ncertain panics and errors. (BZ#494915)\n\n* a bug prevented NMI watchdog from initializing on HP ProLiant DL580 G5\nsystems. (BZ#497330)\n\nThis update contains backported patches to fix these issues. The system\nmust be rebooted for this update to take effect.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2009-May/065313.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-May/065314.html\n\n**Affected packages:**\nkernel\nkernel-devel\nkernel-doc\nkernel-hugemem\nkernel-hugemem-devel\nkernel-largesmp\nkernel-largesmp-devel\nkernel-smp\nkernel-smp-devel\nkernel-xenU\nkernel-xenU-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2009:0459", "cvss3": {}, "published": "2009-05-01T10:39:17", "type": "centos", "title": "kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0028", "CVE-2009-0676", "CVE-2009-0834"], "modified": "2009-05-01T10:39:18", "id": "CESA-2009:0459", "href": "https://lists.centos.org/pipermail/centos-announce/2009-May/065314.html", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-13T06:56:26", "description": "**CentOS Errata and Security Advisory** CESA-2009:1550\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes:\n\n* when fput() was called to close a socket, the __scm_destroy() function in\nthe Linux kernel could make indirect recursive calls to itself. This could,\npotentially, lead to a denial of service issue. (CVE-2008-5029, Important)\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local denial\nof service. (CVE-2008-5300, Important)\n\n* the exit_notify() function in the Linux kernel did not properly reset the\nexit signal if a process executed a set user ID (setuid) application before\nexiting. This could allow a local, unprivileged user to elevate their\nprivileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the Intel PRO/1000 network driver in the Linux\nkernel. Frames with sizes near the MTU of an interface may be split across\nmultiple hardware receive descriptors. Receipt of such a frame could leak\nthrough a validation check, leading to a corruption of the length check. A\nremote attacker could use this flaw to send a specially-crafted packet that\nwould cause a denial of service or code execution. (CVE-2009-1385,\nImportant)\n\n* the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a\nsetuid or setgid program was executed. A local, unprivileged user could use\nthis flaw to bypass the mmap_min_addr protection mechanism and perform a\nNULL pointer dereference attack, or bypass the Address Space Layout\nRandomization (ASLR) security feature. (CVE-2009-1895, Important)\n\n* it was discovered that, when executing a new process, the clear_child_tid\npointer in the Linux kernel is not cleared. If this pointer points to a\nwritable portion of the memory of the new program, the kernel could corrupt\nfour bytes of memory, possibly leading to a local denial of service or\nprivilege escalation. (CVE-2009-2848, Important)\n\n* missing initialization flaws were found in getname() implementations in\nthe IrDA sockets, AppleTalk DDP protocol, NET/ROM protocol, and ROSE\nprotocol implementations in the Linux kernel. Certain data structures in\nthese getname() implementations were not initialized properly before being\ncopied to user-space. These flaws could lead to an information leak.\n(CVE-2009-3002, Important)\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(), and\npipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could\nbe released by other processes before it is used to update the pipe's\nreader and writer counters. This could lead to a local denial of service or\nprivilege escalation. (CVE-2009-3547, Important)\n\nBug fixes:\n\n* this update adds the mmap_min_addr tunable and restriction checks to help\nprevent unprivileged users from creating new memory mappings below the\nminimum address. This can help prevent the exploitation of NULL pointer\ndereference bugs. Note that mmap_min_addr is set to zero (disabled) by\ndefault for backwards compatibility. (BZ#512642)\n\n* a bridge reference count problem in IPv6 has been fixed. (BZ#457010)\n\n* enforce null-termination of user-supplied arguments to setsockopt().\n(BZ#505514)\n\n* the gcc flag \"-fno-delete-null-pointer-checks\" was added to the kernel\nbuild options. This prevents gcc from optimizing out NULL pointer checks\nafter the first use of a pointer. NULL pointer bugs are often exploited by\nattackers. Keeping these checks is a safety measure. (BZ#511185)\n\n* a check has been added to the IPv4 code to make sure that rt is not NULL,\nto help prevent future bugs in functions that call ip_append_data() from\nbeing exploitable. (BZ#520300)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2009-November/065775.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-November/065776.html\n\n**Affected packages:**\nkernel\nkernel-BOOT\nkernel-doc\nkernel-hugemem\nkernel-hugemem-unsupported\nkernel-smp\nkernel-smp-unsupported\nkernel-source\nkernel-unsupported\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2009:1550", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2009-11-04T00:55:32", "type": "centos", "title": "kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5029", "CVE-2008-5300", "CVE-2009-1337", "CVE-2009-1385", "CVE-2009-1895", "CVE-2009-2848", "CVE-2009-3002", "CVE-2009-3547"], "modified": "2009-11-04T00:56:16", "id": "CESA-2009:1550", "href": "https://lists.centos.org/pipermail/centos-announce/2009-November/065775.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2023-01-11T15:01:34", "description": "Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments. (CVE-2009-0834, Important)\n\n* the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the ecryptfs_write_metadata_to_contents() function of the Linux kernel eCryptfs implementation. On systems with a 4096 byte page-size, this flaw may have caused 4096 bytes of uninitialized kernel memory to be written into the eCryptfs file headers, leading to an information leak. Note: Encrypted files created on systems running the vulnerable version of eCryptfs may contain leaked data in the eCryptfs file headers. This update does not remove any leaked data. Refer to the Knowledgebase article in the References section for further information. (CVE-2009-0787, Moderate)\n\n* the Linux kernel implementation of the Network File System (NFS) did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n* the enic driver (Cisco 10G Ethernet) did not operate under virtualization. (BZ#472474)\n\n* network interfaces using the IBM eHEA Ethernet device driver could not be successfully configured under low-memory conditions.\n(BZ#487035)\n\n* bonding with the 'arp_validate=3' option may have prevented fail overs. (BZ#488064)\n\n* when running under virtualization, the acpi-cpufreq module wrote 'Domain attempted WRMSR' errors to the dmesg log. (BZ#488928)\n\n* NFS clients may have experienced deadlocks during unmount.\n(BZ#488929)\n\n* the ixgbe driver double counted the number of received bytes and packets. (BZ#489459)\n\n* the Wacom Intuos3 Lens Cursor device did not work correctly with the Wacom Intuos3 12x12 tablet. (BZ#489460)\n\n* on the Itanium(r) architecture, nanosleep() caused commands which used it, such as sleep and usleep, to sleep for one second more than expected. (BZ#490434)\n\n* a panic and corruption of slab cache data structures occurred on 64-bit PowerPC systems when clvmd was running. (BZ#491677)\n\n* the NONSTOP_TSC feature did not perform correctly on the Intel(r) microarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n* keyboards may not have functioned on IBM eServer System p machines after a certain point during installation or afterward. (BZ#494293)\n\n* using Device Mapper Multipathing with the qla2xxx driver resulted in frequent path failures. (BZ#495635)\n\n* if the hypervisor was booted with the dom0_max_vcpus parameter set to less than the actual number of CPUs in the system, and the cpuspeed service was started, the hypervisor could crash. (BZ#495931)\n\n* using Openswan to provide an IPsec virtual private network eventually resulted in a CPU soft lockup and a system crash.\n(BZ#496044)\n\n* it was possible for posix_locks_deadlock() to enter an infinite loop (under the BKL), causing a system hang. (BZ#496842)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-05-08T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2009:0473)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0787", "CVE-2009-0834", "CVE-2009-1336", "CVE-2009-1337"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3"], "id": "REDHAT-RHSA-2009-0473.NASL", "href": "https://www.tenable.com/plugins/nessus/38709", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0473. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38709);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0787\", \"CVE-2009-0834\", \"CVE-2009-1336\", \"CVE-2009-1337\");\n script_bugtraq_id(33951, 34405);\n script_xref(name:\"RHSA\", value:\"2009:0473\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2009:0473)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* a logic error was found in the do_setlk() function of the Linux\nkernel Network File System (NFS) implementation. If a signal\ninterrupted a lock request, the local POSIX lock was incorrectly\ncreated. This could cause a denial of service on the NFS server if a\nfile descriptor was closed before its corresponding lock request\nreturned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local,\nunprivileged user to circumvent a system call audit configuration, if\nthat configuration filtered based on the 'syscall' number or\narguments. (CVE-2009-0834, Important)\n\n* the exit_notify() function in the Linux kernel did not properly\nreset the exit signal if a process executed a set user ID (setuid)\napplication before exiting. This could allow a local, unprivileged\nuser to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the ecryptfs_write_metadata_to_contents()\nfunction of the Linux kernel eCryptfs implementation. On systems with\na 4096 byte page-size, this flaw may have caused 4096 bytes of\nuninitialized kernel memory to be written into the eCryptfs file\nheaders, leading to an information leak. Note: Encrypted files created\non systems running the vulnerable version of eCryptfs may contain\nleaked data in the eCryptfs file headers. This update does not remove\nany leaked data. Refer to the Knowledgebase article in the References\nsection for further information. (CVE-2009-0787, Moderate)\n\n* the Linux kernel implementation of the Network File System (NFS) did\nnot properly initialize the file name limit in the nfs_server data\nstructure. This flaw could possibly lead to a denial of service on a\nclient mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n* the enic driver (Cisco 10G Ethernet) did not operate under\nvirtualization. (BZ#472474)\n\n* network interfaces using the IBM eHEA Ethernet device driver could\nnot be successfully configured under low-memory conditions.\n(BZ#487035)\n\n* bonding with the 'arp_validate=3' option may have prevented fail\novers. (BZ#488064)\n\n* when running under virtualization, the acpi-cpufreq module wrote\n'Domain attempted WRMSR' errors to the dmesg log. (BZ#488928)\n\n* NFS clients may have experienced deadlocks during unmount.\n(BZ#488929)\n\n* the ixgbe driver double counted the number of received bytes and\npackets. (BZ#489459)\n\n* the Wacom Intuos3 Lens Cursor device did not work correctly with the\nWacom Intuos3 12x12 tablet. (BZ#489460)\n\n* on the Itanium(r) architecture, nanosleep() caused commands which\nused it, such as sleep and usleep, to sleep for one second more than\nexpected. (BZ#490434)\n\n* a panic and corruption of slab cache data structures occurred on\n64-bit PowerPC systems when clvmd was running. (BZ#491677)\n\n* the NONSTOP_TSC feature did not perform correctly on the Intel(r)\nmicroarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n* keyboards may not have functioned on IBM eServer System p machines\nafter a certain point during installation or afterward. (BZ#494293)\n\n* using Device Mapper Multipathing with the qla2xxx driver resulted in\nfrequent path failures. (BZ#495635)\n\n* if the hypervisor was booted with the dom0_max_vcpus parameter set\nto less than the actual number of CPUs in the system, and the cpuspeed\nservice was started, the hypervisor could crash. (BZ#495931)\n\n* using Openswan to provide an IPsec virtual private network\neventually resulted in a CPU soft lockup and a system crash.\n(BZ#496044)\n\n* it was possible for posix_locks_deadlock() to enter an infinite loop\n(under the BKL), causing a system hang. (BZ#496842)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0787\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1337\"\n );\n # http://kbase.redhat.com/faq/docs/DOC-16748\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/16734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0473\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 189, 264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-4307\", \"CVE-2009-0787\", \"CVE-2009-0834\", \"CVE-2009-1336\", \"CVE-2009-1337\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:0473\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0473\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-128.1.10.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-01-11T14:59:32", "description": "Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments. (CVE-2009-0834, Important)\n\n* the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the ecryptfs_write_metadata_to_contents() function of the Linux kernel eCryptfs implementation. On systems with a 4096 byte page-size, this flaw may have caused 4096 bytes of uninitialized kernel memory to be written into the eCryptfs file headers, leading to an information leak. Note: Encrypted files created on systems running the vulnerable version of eCryptfs may contain leaked data in the eCryptfs file headers. This update does not remove any leaked data. Refer to the Knowledgebase article in the References section for further information. (CVE-2009-0787, Moderate)\n\n* the Linux kernel implementation of the Network File System (NFS) did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n* the enic driver (Cisco 10G Ethernet) did not operate under virtualization. (BZ#472474)\n\n* network interfaces using the IBM eHEA Ethernet device driver could not be successfully configured under low-memory conditions.\n(BZ#487035)\n\n* bonding with the 'arp_validate=3' option may have prevented fail overs. (BZ#488064)\n\n* when running under virtualization, the acpi-cpufreq module wrote 'Domain attempted WRMSR' errors to the dmesg log. (BZ#488928)\n\n* NFS clients may have experienced deadlocks during unmount.\n(BZ#488929)\n\n* the ixgbe driver double counted the number of received bytes and packets. (BZ#489459)\n\n* the Wacom Intuos3 Lens Cursor device did not work correctly with the Wacom Intuos3 12x12 tablet. (BZ#489460)\n\n* on the Itanium(r) architecture, nanosleep() caused commands which used it, such as sleep and usleep, to sleep for one second more than expected. (BZ#490434)\n\n* a panic and corruption of slab cache data structures occurred on 64-bit PowerPC systems when clvmd was running. (BZ#491677)\n\n* the NONSTOP_TSC feature did not perform correctly on the Intel(r) microarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n* keyboards may not have functioned on IBM eServer System p machines after a certain point during installation or afterward. (BZ#494293)\n\n* using Device Mapper Multipathing with the qla2xxx driver resulted in frequent path failures. (BZ#495635)\n\n* if the hypervisor was booted with the dom0_max_vcpus parameter set to less than the actual number of CPUs in the system, and the cpuspeed service was started, the hypervisor could crash. (BZ#495931)\n\n* using Openswan to provide an IPsec virtual private network eventually resulted in a CPU soft lockup and a system crash.\n(BZ#496044)\n\n* it was possible for posix_locks_deadlock() to enter an infinite loop (under the BKL), causing a system hang. (BZ#496842)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2009:0473)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0787", "CVE-2009-0834", "CVE-2009-1336", "CVE-2009-1337"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-PAE", "p-cpe:/a:centos:centos:kernel-PAE-devel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-xen-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2009-0473.NASL", "href": "https://www.tenable.com/plugins/nessus/43746", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0473 and \n# CentOS Errata and Security Advisory 2009:0473 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43746);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0787\", \"CVE-2009-0834\", \"CVE-2009-1336\", \"CVE-2009-1337\");\n script_bugtraq_id(33951, 34405);\n script_xref(name:\"RHSA\", value:\"2009:0473\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2009:0473)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* a logic error was found in the do_setlk() function of the Linux\nkernel Network File System (NFS) implementation. If a signal\ninterrupted a lock request, the local POSIX lock was incorrectly\ncreated. This could cause a denial of service on the NFS server if a\nfile descriptor was closed before its corresponding lock request\nreturned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local,\nunprivileged user to circumvent a system call audit configuration, if\nthat configuration filtered based on the 'syscall' number or\narguments. (CVE-2009-0834, Important)\n\n* the exit_notify() function in the Linux kernel did not properly\nreset the exit signal if a process executed a set user ID (setuid)\napplication before exiting. This could allow a local, unprivileged\nuser to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the ecryptfs_write_metadata_to_contents()\nfunction of the Linux kernel eCryptfs implementation. On systems with\na 4096 byte page-size, this flaw may have caused 4096 bytes of\nuninitialized kernel memory to be written into the eCryptfs file\nheaders, leading to an information leak. Note: Encrypted files created\non systems running the vulnerable version of eCryptfs may contain\nleaked data in the eCryptfs file headers. This update does not remove\nany leaked data. Refer to the Knowledgebase article in the References\nsection for further information. (CVE-2009-0787, Moderate)\n\n* the Linux kernel implementation of the Network File System (NFS) did\nnot properly initialize the file name limit in the nfs_server data\nstructure. This flaw could possibly lead to a denial of service on a\nclient mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n* the enic driver (Cisco 10G Ethernet) did not operate under\nvirtualization. (BZ#472474)\n\n* network interfaces using the IBM eHEA Ethernet device driver could\nnot be successfully configured under low-memory conditions.\n(BZ#487035)\n\n* bonding with the 'arp_validate=3' option may have prevented fail\novers. (BZ#488064)\n\n* when running under virtualization, the acpi-cpufreq module wrote\n'Domain attempted WRMSR' errors to the dmesg log. (BZ#488928)\n\n* NFS clients may have experienced deadlocks during unmount.\n(BZ#488929)\n\n* the ixgbe driver double counted the number of received bytes and\npackets. (BZ#489459)\n\n* the Wacom Intuos3 Lens Cursor device did not work correctly with the\nWacom Intuos3 12x12 tablet. (BZ#489460)\n\n* on the Itanium(r) architecture, nanosleep() caused commands which\nused it, such as sleep and usleep, to sleep for one second more than\nexpected. (BZ#490434)\n\n* a panic and corruption of slab cache data structures occurred on\n64-bit PowerPC systems when clvmd was running. (BZ#491677)\n\n* the NONSTOP_TSC feature did not perform correctly on the Intel(r)\nmicroarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n* keyboards may not have functioned on IBM eServer System p machines\nafter a certain point during installation or afterward. (BZ#494293)\n\n* using Device Mapper Multipathing with the qla2xxx driver resulted in\nfrequent path failures. (BZ#495635)\n\n* if the hypervisor was booted with the dom0_max_vcpus parameter set\nto less than the actual number of CPUs in the system, and the cpuspeed\nservice was started, the hypervisor could crash. (BZ#495931)\n\n* using Openswan to provide an IPsec virtual private network\neventually resulted in a CPU soft lockup and a system crash.\n(BZ#496044)\n\n* it was possible for posix_locks_deadlock() to enter an infinite loop\n(under the BKL), causing a system hang. (BZ#496842)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015844.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6e5071f8\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015845.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3b13f808\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 189, 264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-128.1.10.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-01-11T14:49:59", "description": "From Red Hat Security Advisory 2009:0473 :\n\nUpdated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments. (CVE-2009-0834, Important)\n\n* the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the ecryptfs_write_metadata_to_contents() function of the Linux kernel eCryptfs implementation. On systems with a 4096 byte page-size, this flaw may have caused 4096 bytes of uninitialized kernel memory to be written into the eCryptfs file headers, leading to an information leak. Note: Encrypted files created on systems running the vulnerable version of eCryptfs may contain leaked data in the eCryptfs file headers. This update does not remove any leaked data. Refer to the Knowledgebase article in the References section for further information. (CVE-2009-0787, Moderate)\n\n* the Linux kernel implementation of the Network File System (NFS) did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n* the enic driver (Cisco 10G Ethernet) did not operate under virtualization. (BZ#472474)\n\n* network interfaces using the IBM eHEA Ethernet device driver could not be successfully configured under low-memory conditions.\n(BZ#487035)\n\n* bonding with the 'arp_validate=3' option may have prevented fail overs. (BZ#488064)\n\n* when running under virtualization, the acpi-cpufreq module wrote 'Domain attempted WRMSR' errors to the dmesg log. (BZ#488928)\n\n* NFS clients may have experienced deadlocks during unmount.\n(BZ#488929)\n\n* the ixgbe driver double counted the number of received bytes and packets. (BZ#489459)\n\n* the Wacom Intuos3 Lens Cursor device did not work correctly with the Wacom Intuos3 12x12 tablet. (BZ#489460)\n\n* on the Itanium(r) architecture, nanosleep() caused commands which used it, such as sleep and usleep, to sleep for one second more than expected. (BZ#490434)\n\n* a panic and corruption of slab cache data structures occurred on 64-bit PowerPC systems when clvmd was running. (BZ#491677)\n\n* the NONSTOP_TSC feature did not perform correctly on the Intel(r) microarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n* keyboards may not have functioned on IBM eServer System p machines after a certain point during installation or afterward. (BZ#494293)\n\n* using Device Mapper Multipathing with the qla2xxx driver resulted in frequent path failures. (BZ#495635)\n\n* if the hypervisor was booted with the dom0_max_vcpus parameter set to less than the actual number of CPUs in the system, and the cpuspeed service was started, the hypervisor could crash. (BZ#495931)\n\n* using Openswan to provide an IPsec virtual private network eventually resulted in a CPU soft lockup and a system crash.\n(BZ#496044)\n\n* it was possible for posix_locks_deadlock() to enter an infinite loop (under the BKL), causing a system hang. (BZ#496842)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2009-0473)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0787", "CVE-2009-0834", "CVE-2009-1336", "CVE-2009-1337"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-PAE", "p-cpe:/a:oracle:linux:kernel-PAE-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-0473.NASL", "href": "https://www.tenable.com/plugins/nessus/67854", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0473 and \n# Oracle Linux Security Advisory ELSA-2009-0473 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67854);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0787\", \"CVE-2009-0834\", \"CVE-2009-1336\", \"CVE-2009-1337\");\n script_bugtraq_id(33951, 34405);\n script_xref(name:\"RHSA\", value:\"2009:0473\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2009-0473)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0473 :\n\nUpdated kernel packages that fix several security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* a logic error was found in the do_setlk() function of the Linux\nkernel Network File System (NFS) implementation. If a signal\ninterrupted a lock request, the local POSIX lock was incorrectly\ncreated. This could cause a denial of service on the NFS server if a\nfile descriptor was closed before its corresponding lock request\nreturned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local,\nunprivileged user to circumvent a system call audit configuration, if\nthat configuration filtered based on the 'syscall' number or\narguments. (CVE-2009-0834, Important)\n\n* the exit_notify() function in the Linux kernel did not properly\nreset the exit signal if a process executed a set user ID (setuid)\napplication before exiting. This could allow a local, unprivileged\nuser to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the ecryptfs_write_metadata_to_contents()\nfunction of the Linux kernel eCryptfs implementation. On systems with\na 4096 byte page-size, this flaw may have caused 4096 bytes of\nuninitialized kernel memory to be written into the eCryptfs file\nheaders, leading to an information leak. Note: Encrypted files created\non systems running the vulnerable version of eCryptfs may contain\nleaked data in the eCryptfs file headers. This update does not remove\nany leaked data. Refer to the Knowledgebase article in the References\nsection for further information. (CVE-2009-0787, Moderate)\n\n* the Linux kernel implementation of the Network File System (NFS) did\nnot properly initialize the file name limit in the nfs_server data\nstructure. This flaw could possibly lead to a denial of service on a\nclient mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n* the enic driver (Cisco 10G Ethernet) did not operate under\nvirtualization. (BZ#472474)\n\n* network interfaces using the IBM eHEA Ethernet device driver could\nnot be successfully configured under low-memory conditions.\n(BZ#487035)\n\n* bonding with the 'arp_validate=3' option may have prevented fail\novers. (BZ#488064)\n\n* when running under virtualization, the acpi-cpufreq module wrote\n'Domain attempted WRMSR' errors to the dmesg log. (BZ#488928)\n\n* NFS clients may have experienced deadlocks during unmount.\n(BZ#488929)\n\n* the ixgbe driver double counted the number of received bytes and\npackets. (BZ#489459)\n\n* the Wacom Intuos3 Lens Cursor device did not work correctly with the\nWacom Intuos3 12x12 tablet. (BZ#489460)\n\n* on the Itanium(r) architecture, nanosleep() caused commands which\nused it, such as sleep and usleep, to sleep for one second more than\nexpected. (BZ#490434)\n\n* a panic and corruption of slab cache data structures occurred on\n64-bit PowerPC systems when clvmd was running. (BZ#491677)\n\n* the NONSTOP_TSC feature did not perform correctly on the Intel(r)\nmicroarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n* keyboards may not have functioned on IBM eServer System p machines\nafter a certain point during installation or afterward. (BZ#494293)\n\n* using Device Mapper Multipathing with the qla2xxx driver resulted in\nfrequent path failures. (BZ#495635)\n\n* if the hypervisor was booted with the dom0_max_vcpus parameter set\nto less than the actual number of CPUs in the system, and the cpuspeed\nservice was started, the hypervisor could crash. (BZ#495931)\n\n* using Openswan to provide an IPsec virtual private network\neventually resulted in a CPU soft lockup and a system crash.\n(BZ#496044)\n\n* it was possible for posix_locks_deadlock() to enter an infinite loop\n(under the BKL), causing a system hang. (BZ#496842)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-May/001000.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 189, 264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2008-4307\", \"CVE-2009-0787\", \"CVE-2009-0834\", \"CVE-2009-1336\", \"CVE-2009-1337\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-0473\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-128.1.10.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-01-11T14:26:59", "description": "This update fixes the following security issues :\n\n - a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n - a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments.\n (CVE-2009-0834, Important)\n\n - the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n - a flaw was found in the ecryptfs_write_metadata_to_contents() function of the Linux kernel eCryptfs implementation. On systems with a 4096 byte page-size, this flaw may have caused 4096 bytes of uninitialized kernel memory to be written into the eCryptfs file headers, leading to an information leak. Note: Encrypted files created on systems running the vulnerable version of eCryptfs may contain leaked data in the eCryptfs file headers. This update does not remove any leaked data. Refer to the Knowledgebase article in the References section for further information. (CVE-2009-0787, Moderate)\n\n - the Linux kernel implementation of the Network File System (NFS) did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n - the enic driver (Cisco 10G Ethernet) did not operate under virtualization. (BZ#472474)\n\n - network interfaces using the IBM eHEA Ethernet device driver could not be successfully configured under low-memory conditions. (BZ#487035)\n\n - bonding with the 'arp_validate=3' option may have prevented fail overs. (BZ#488064)\n\n - when running under virtualization, the acpi-cpufreq module wrote 'Domain attempted WRMSR' errors to the dmesg log. (BZ#488928)\n\n - NFS clients may have experienced deadlocks during unmount. (BZ#488929)\n\n - the ixgbe driver double counted the number of received bytes and packets. (BZ#489459)\n\n - the Wacom Intuos3 Lens Cursor device did not work correctly with the Wacom Intuos3 12x12 tablet.\n (BZ#489460)\n\n - on the Itanium® architecture, nanosleep() caused commands which used it, such as sleep and usleep, to sleep for one second more than expected. (BZ#490434)\n\n - a panic and corruption of slab cache data structures occurred on 64-bit PowerPC systems when clvmd was running. (BZ#491677)\n\n - the NONSTOP_TSC feature did not perform correctly on the Intel® microarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n - keyboards may not have functioned on IBM eServer System p machines after a certain point during installation or afterward. (BZ#494293)\n\n - using Device Mapper Multipathing with the qla2xxx driver resulted in frequent path failures. (BZ#495635)\n\n - if the hypervisor was booted with the dom0_max_vcpus parameter set to less than the actual number of CPUs in the system, and the cpuspeed service was started, the hypervisor could crash. (BZ#495931)\n\n - using Openswan to provide an IPsec virtual private network eventually resulted in a CPU soft lockup and a system crash. (BZ#496044)\n\n - it was possible for posix_locks_deadlock() to enter an infinite loop (under the BKL), causing a system hang.\n (BZ#496842)\n\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0787", "CVE-2009-0834", "CVE-2009-1336", "CVE-2009-1337"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090507_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60581", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60581);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0787\", \"CVE-2009-0834\", \"CVE-2009-1336\", \"CVE-2009-1337\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - a logic error was found in the do_setlk() function of\n the Linux kernel Network File System (NFS)\n implementation. If a signal interrupted a lock request,\n the local POSIX lock was incorrectly created. This could\n cause a denial of service on the NFS server if a file\n descriptor was closed before its corresponding lock\n request returned. (CVE-2008-4307, Important)\n\n - a deficiency was found in the Linux kernel system call\n auditing implementation on 64-bit systems. This could\n allow a local, unprivileged user to circumvent a system\n call audit configuration, if that configuration filtered\n based on the 'syscall' number or arguments.\n (CVE-2009-0834, Important)\n\n - the exit_notify() function in the Linux kernel did not\n properly reset the exit signal if a process executed a\n set user ID (setuid) application before exiting. This\n could allow a local, unprivileged user to elevate their\n privileges. (CVE-2009-1337, Important)\n\n - a flaw was found in the\n ecryptfs_write_metadata_to_contents() function of the\n Linux kernel eCryptfs implementation. On systems with a\n 4096 byte page-size, this flaw may have caused 4096\n bytes of uninitialized kernel memory to be written into\n the eCryptfs file headers, leading to an information\n leak. Note: Encrypted files created on systems running\n the vulnerable version of eCryptfs may contain leaked\n data in the eCryptfs file headers. This update does not\n remove any leaked data. Refer to the Knowledgebase\n article in the References section for further\n information. (CVE-2009-0787, Moderate)\n\n - the Linux kernel implementation of the Network File\n System (NFS) did not properly initialize the file name\n limit in the nfs_server data structure. This flaw could\n possibly lead to a denial of service on a client\n mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n - the enic driver (Cisco 10G Ethernet) did not operate\n under virtualization. (BZ#472474)\n\n - network interfaces using the IBM eHEA Ethernet device\n driver could not be successfully configured under\n low-memory conditions. (BZ#487035)\n\n - bonding with the 'arp_validate=3' option may have\n prevented fail overs. (BZ#488064)\n\n - when running under virtualization, the acpi-cpufreq\n module wrote 'Domain attempted WRMSR' errors to the\n dmesg log. (BZ#488928)\n\n - NFS clients may have experienced deadlocks during\n unmount. (BZ#488929)\n\n - the ixgbe driver double counted the number of received\n bytes and packets. (BZ#489459)\n\n - the Wacom Intuos3 Lens Cursor device did not work\n correctly with the Wacom Intuos3 12x12 tablet.\n (BZ#489460)\n\n - on the Itanium® architecture, nanosleep() caused\n commands which used it, such as sleep and usleep, to\n sleep for one second more than expected. (BZ#490434)\n\n - a panic and corruption of slab cache data structures\n occurred on 64-bit PowerPC systems when clvmd was\n running. (BZ#491677)\n\n - the NONSTOP_TSC feature did not perform correctly on the\n Intel® microarchitecture (Nehalem) when running in\n 32-bit mode. (BZ#493356)\n\n - keyboards may not have functioned on IBM eServer System\n p machines after a certain point during installation or\n afterward. (BZ#494293)\n\n - using Device Mapper Multipathing with the qla2xxx driver\n resulted in frequent path failures. (BZ#495635)\n\n - if the hypervisor was booted with the dom0_max_vcpus\n parameter set to less than the actual number of CPUs in\n the system, and the cpuspeed service was started, the\n hypervisor could crash. (BZ#495931)\n\n - using Openswan to provide an IPsec virtual private\n network eventually resulted in a CPU soft lockup and a\n system crash. (BZ#496044)\n\n - it was possible for posix_locks_deadlock() to enter an\n infinite loop (under the BKL), causing a system hang.\n (BZ#496842)\n\nThe system must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=472474\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=487035\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=488064\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=488928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=488929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=489459\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=489460\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=490434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=491677\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=493356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=494293\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=495635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=495931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=496044\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=496842\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0905&L=scientific-linux-errata&T=0&P=541\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0640b726\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_cwe_id(20, 189, 264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-headers-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-128.1.10.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-01-11T15:01:16", "description": "Updated kernel packages are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 4. This is the eighth regular update.\n\nThese updated packages fix two security issues, hundreds of bugs, and add numerous enhancements. Space precludes a detailed description of each of these in this advisory. Refer to the Red Hat Enterprise Linux 4.8 Release Notes for information on 22 of the most significant of these changes. For more detailed information on specific bug fixes or enhancements, refer to the Bugzilla numbers associated with this advisory.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fixes :\n\n* the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n* the Linux kernel implementation of the Network File System (NFS) did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFS share. (CVE-2009-1336, Moderate)\n\nBug Fixes and Enhancements :\n\nKernel Feature Support :\n\n* added a new allowable value to '/proc/sys/kernel/wake_balance' to allow the scheduler to run the thread on any available CPU rather than scheduling it on the optimal CPU. * added 'max_writeback_pages' tunable parameter to /proc/sys/vm/ to allow the maximum number of modified pages kupdate writes to disk, per iteration per run. * added 'swap_token_timeout' tunable parameter to /proc/sys/vm/ to provide a valid hold time for the swap out protection token. * added diskdump support to sata_svw driver. * limited physical memory to 64GB for 32-bit kernels running on systems with more than 64GB of physical memory to prevent boot failures. * improved reliability of autofs. * added support for 'rdattr_error' in NFSv4 readdir requests. * fixed various short packet handling issues for NFSv4 readdir and sunrpc. * fixed several CIFS bugs.\n\nNetworking and IPv6 Enablement :\n\n* added router solicitation support. * enforced sg requires tx csum in ethtool.\n\nPlatform Support :\n\nx86, AMD64, Intel 64, IBM System z\n\n* added support for a new Intel chipset. * added initialization vendor info in boot_cpu_data. * added support for N_Port ID Virtualization (NPIV) for IBM System z guests using zFCP. * added HDMI support for some AMD and ATI chipsets. * updated HDA driver in ALSA to latest upstream as of 2008-07-22. * added support for affected_cpus for cpufreq. * removed polling timer from i8042. * fixed PM-Timer when using the ASUS A8V Deluxe motherboard. * backported usbfs_mutex in usbfs.\n\n64-bit PowerPC :\n\n* updated eHEA driver from version 0078-04 to 0078-08. * updated logging of checksum errors in the eHEA driver.\n\nNetwork Driver Updates :\n\n* updated forcedeth driver to latest upstream version 0.61. * fixed various e1000 issues when using Intel ESB2 hardware. * updated e1000e driver to upstream version 0.3.3.3-k6. * updated igb to upstream version 1.2.45-k2. * updated tg3 to upstream version 3.96. * updated ixgbe to upstream version 1.3.18-k4. * updated bnx2 to upstream version 1.7.9. * updated bnx2x to upstream version 1.45.23. * fixed bugs and added enhancements for the NetXen NX2031 and NX3031 products.\n* updated Realtek r8169 driver to support newer network chipsets. All variants of RTL810x/RTL8168(9) are now supported.\n\nStorage Driver Updates :\n\n* fixed various SCSI issues. Also, the SCSI sd driver now calls the revalidate_disk wrapper. * fixed a dmraid reduced I/O delay bug in certain configurations. * removed quirk aac_quirk_scsi_32 for some aacraid controllers. * updated FCP driver on IBM System z systems with support for point-to-point connections. * updated lpfc to version 8.0.16.46. * updated megaraid_sas to version 4.01-RH1. * updated MPT Fusion driver to version 3.12.29.00rh. * updated qla2xxx firmware to 4.06.01 for 4GB/s and 8GB/s adapters. * updated qla2xxx driver to version 8.02.09.00.04.08-d. * fixed sata_nv in libsata to disable ADMA mode by default.\n\nMiscellaneous Updates :\n\n* upgraded OpenFabrics Alliance Enterprise Distribution (OFED) to version 1.4. * added driver support and fixes for various Wacom tablets.\n\nUsers should install this update, which resolves these issues and adds these enhancements.", "cvss3": {}, "published": "2009-05-19T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2009:1024)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1336", "CVE-2009-1337"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2009-1024.NASL", "href": "https://www.tenable.com/plugins/nessus/38818", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1024. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38818);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1336\", \"CVE-2009-1337\");\n script_bugtraq_id(34405);\n script_xref(name:\"RHSA\", value:\"2009:1024\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2009:1024)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages are now available as part of the ongoing\nsupport and maintenance of Red Hat Enterprise Linux version 4. This is\nthe eighth regular update.\n\nThese updated packages fix two security issues, hundreds of bugs, and\nadd numerous enhancements. Space precludes a detailed description of\neach of these in this advisory. Refer to the Red Hat Enterprise Linux\n4.8 Release Notes for information on 22 of the most significant of\nthese changes. For more detailed information on specific bug fixes or\nenhancements, refer to the Bugzilla numbers associated with this\nadvisory.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fixes :\n\n* the exit_notify() function in the Linux kernel did not properly\nreset the exit signal if a process executed a set user ID (setuid)\napplication before exiting. This could allow a local, unprivileged\nuser to elevate their privileges. (CVE-2009-1337, Important)\n\n* the Linux kernel implementation of the Network File System (NFS) did\nnot properly initialize the file name limit in the nfs_server data\nstructure. This flaw could possibly lead to a denial of service on a\nclient mounting an NFS share. (CVE-2009-1336, Moderate)\n\nBug Fixes and Enhancements :\n\nKernel Feature Support :\n\n* added a new allowable value to '/proc/sys/kernel/wake_balance' to\nallow the scheduler to run the thread on any available CPU rather than\nscheduling it on the optimal CPU. * added 'max_writeback_pages'\ntunable parameter to /proc/sys/vm/ to allow the maximum number of\nmodified pages kupdate writes to disk, per iteration per run. * added\n'swap_token_timeout' tunable parameter to /proc/sys/vm/ to provide a\nvalid hold time for the swap out protection token. * added diskdump\nsupport to sata_svw driver. * limited physical memory to 64GB for\n32-bit kernels running on systems with more than 64GB of physical\nmemory to prevent boot failures. * improved reliability of autofs. *\nadded support for 'rdattr_error' in NFSv4 readdir requests. * fixed\nvarious short packet handling issues for NFSv4 readdir and sunrpc. *\nfixed several CIFS bugs.\n\nNetworking and IPv6 Enablement :\n\n* added router solicitation support. * enforced sg requires tx csum in\nethtool.\n\nPlatform Support :\n\nx86, AMD64, Intel 64, IBM System z\n\n* added support for a new Intel chipset. * added initialization vendor\ninfo in boot_cpu_data. * added support for N_Port ID Virtualization\n(NPIV) for IBM System z guests using zFCP. * added HDMI support for\nsome AMD and ATI chipsets. * updated HDA driver in ALSA to latest\nupstream as of 2008-07-22. * added support for affected_cpus for\ncpufreq. * removed polling timer from i8042. * fixed PM-Timer when\nusing the ASUS A8V Deluxe motherboard. * backported usbfs_mutex in\nusbfs.\n\n64-bit PowerPC :\n\n* updated eHEA driver from version 0078-04 to 0078-08. * updated\nlogging of checksum errors in the eHEA driver.\n\nNetwork Driver Updates :\n\n* updated forcedeth driver to latest upstream version 0.61. * fixed\nvarious e1000 issues when using Intel ESB2 hardware. * updated e1000e\ndriver to upstream version 0.3.3.3-k6. * updated igb to upstream\nversion 1.2.45-k2. * updated tg3 to upstream version 3.96. * updated\nixgbe to upstream version 1.3.18-k4. * updated bnx2 to upstream\nversion 1.7.9. * updated bnx2x to upstream version 1.45.23. * fixed\nbugs and added enhancements for the NetXen NX2031 and NX3031 products.\n* updated Realtek r8169 driver to support newer network chipsets. All\nvariants of RTL810x/RTL8168(9) are now supported.\n\nStorage Driver Updates :\n\n* fixed various SCSI issues. Also, the SCSI sd driver now calls the\nrevalidate_disk wrapper. * fixed a dmraid reduced I/O delay bug in\ncertain configurations. * removed quirk aac_quirk_scsi_32 for some\naacraid controllers. * updated FCP driver on IBM System z systems with\nsupport for point-to-point connections. * updated lpfc to version\n8.0.16.46. * updated megaraid_sas to version 4.01-RH1. * updated MPT\nFusion driver to version 3.12.29.00rh. * updated qla2xxx firmware to\n4.06.01 for 4GB/s and 8GB/s adapters. * updated qla2xxx driver to\nversion 8.02.09.00.04.08-d. * fixed sata_nv in libsata to disable ADMA\nmode by default.\n\nMiscellaneous Updates :\n\n* upgraded OpenFabrics Alliance Enterprise Distribution (OFED) to\nversion 1.4. * added driver support and fixes for various Wacom\ntablets.\n\nUsers should install this update, which resolves these issues and adds\nthese enhancements.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1337\"\n );\n # http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/4.8/html/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1024\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/04/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2009-1336\", \"CVE-2009-1337\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:1024\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1024\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-89.EL\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:39:18", "description": "Updated kernel packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 4.7 Extended Update Support.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update includes backported fixes for two approved security issues. These issues only affected users of Red Hat Enterprise Linux 4.7 Extended Update Support, as they have already been addressed for users of Red Hat Enterprise Linux 4 in the 4.8 update, RHSA-2009:1024.\n\n* the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n* the Linux kernel implementation of the Network File System (NFS) version 4 did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFSv4 share. (CVE-2009-1336, Moderate)\n\nThis update fixes the following bugs :\n\n* on IBM System z systems, if the cio driver was used for DASD devices, and the last path to a DASD device was varied off, it was still possible to attempt read and write operations to that device, resulting in errors. In this update, path verification is used in this situation, which resolves this issue. Also, a bug may have caused errors when subchannels were unregistered. (BZ#437486)\n\n* a bug prevented the Broadcom NetXtreme II 57710 network device from working correctly on some Dell PowerEdge R805 systems. This device was correctly shown in 'lspci' output, but 'ifup' failed and an IP address was not assigned. In this update, the device works correctly on Dell PowerEdge R805 systems. (BZ#491752)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. For this update to take effect, the system must be rebooted.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2009:1077)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1336", "CVE-2009-1337"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2009-1077.NASL", "href": "https://www.tenable.com/plugins/nessus/63880", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1077. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63880);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1336\", \"CVE-2009-1337\");\n script_xref(name:\"RHSA\", value:\"2009:1077\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2009:1077)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues and two bugs are\nnow available for Red Hat Enterprise Linux 4.7 Extended Update\nSupport.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update includes backported fixes for two approved security\nissues. These issues only affected users of Red Hat Enterprise Linux\n4.7 Extended Update Support, as they have already been addressed for\nusers of Red Hat Enterprise Linux 4 in the 4.8 update, RHSA-2009:1024.\n\n* the exit_notify() function in the Linux kernel did not properly\nreset the exit signal if a process executed a set user ID (setuid)\napplication before exiting. This could allow a local, unprivileged\nuser to elevate their privileges. (CVE-2009-1337, Important)\n\n* the Linux kernel implementation of the Network File System (NFS)\nversion 4 did not properly initialize the file name limit in the\nnfs_server data structure. This flaw could possibly lead to a denial\nof service on a client mounting an NFSv4 share. (CVE-2009-1336,\nModerate)\n\nThis update fixes the following bugs :\n\n* on IBM System z systems, if the cio driver was used for DASD\ndevices, and the last path to a DASD device was varied off, it was\nstill possible to attempt read and write operations to that device,\nresulting in errors. In this update, path verification is used in this\nsituation, which resolves this issue. Also, a bug may have caused\nerrors when subchannels were unregistered. (BZ#437486)\n\n* a bug prevented the Broadcom NetXtreme II 57710 network device from\nworking correctly on some Dell PowerEdge R805 systems. This device was\ncorrectly shown in 'lspci' output, but 'ifup' failed and an IP address\nwas not assigned. In this update, the device works correctly on Dell\nPowerEdge R805 systems. (BZ#491752)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. For this update to take\neffect, the system must be rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-1336.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-1337.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2009-1077.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"kernel-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"kernel-devel-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"kernel-doc-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.24.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:01:51", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nThe clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit.\n(CVE-2009-0028)\n\nfs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index. (CVE-2009-0269)\n\nThe audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343. (CVE-2009-0834)\n\nThe __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod, a related issue to CVE-2009-0342 and CVE-2009-0343. (CVE-2009-0835)\n\nThe selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue fixed in 2.6.27.21. (CVE-2009-1184)\n\nAdditionally, along with other things, this kernel update adds support for D-Link DWM 652 3.5G, some Intel gigabit network chipsets, Avermedia PCI pure analog (M135A), fixes a bug causing SQLite performance regression, and has some updated ALSA drivers. Check the package changelog for details.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2009-05-20T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2009:118)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0028", "CVE-2009-0269", "CVE-2009-0342", "CVE-2009-0343", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-1184"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hso-kernel-server-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-2.6.27.21-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.21-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.21-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.21-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.21-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-server-2.6.27.21-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.21-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.27.21-1mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.21-desktop-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.21-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.21-server-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "cpe:/o:mandriva:linux:2009.0"], "id": "MANDRIVA_MDVSA-2009-118.NASL", "href": "https://www.tenable.com/plugins/nessus/38845", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:118. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38845);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-0028\", \"CVE-2009-0269\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-1184\");\n script_bugtraq_id(33948, 33951);\n script_xref(name:\"MDVSA\", value:\"2009:118\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2009:118)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nThe clone system call in the Linux kernel 2.6.28 and earlier allows\nlocal users to send arbitrary signals to a parent process from an\nunprivileged child process by launching an additional child process\nwith the CLONE_PARENT flag, and then letting this new process exit.\n(CVE-2009-0028)\n\nfs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel\nbefore 2.6.28.1 allows local users to cause a denial of service (fault\nor memory corruption), or possibly have unspecified other impact, via\na readlink call that results in an error, leading to use of a -1\nreturn value as an array index. (CVE-2009-0269)\n\nThe audit_syscall_entry function in the Linux kernel 2.6.28.7 and\nearlier on the x86_64 platform does not properly handle (1) a 32-bit\nprocess making a 64-bit syscall or (2) a 64-bit process making a\n32-bit syscall, which allows local users to bypass certain syscall\naudit configurations via crafted syscalls, a related issue to\nCVE-2009-0342 and CVE-2009-0343. (CVE-2009-0834)\n\nThe __secure_computing function in kernel/seccomp.c in the seccomp\nsubsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64\nplatform, when CONFIG_SECCOMP is enabled, does not properly handle (1)\na 32-bit process making a 64-bit syscall or (2) a 64-bit process\nmaking a 32-bit syscall, which allows local users to bypass intended\naccess restrictions via crafted syscalls that are misinterpreted as\n(a) stat or (b) chmod, a related issue to CVE-2009-0342 and\nCVE-2009-0343. (CVE-2009-0835)\n\nThe selinux_ip_postroute_iptables_compat function in\nsecurity/selinux/hooks.c in the SELinux subsystem in the Linux kernel\nbefore 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is\nenabled, omits calls to avc_has_perm for the (1) node and (2) port,\nwhich allows local users to bypass intended restrictions on network\ntraffic. NOTE: this was incorrectly reported as an issue fixed in\n2.6.27.21. (CVE-2009-1184)\n\nAdditionally, along with other things, this kernel update adds support\nfor D-Link DWM 652 3.5G, some Intel gigabit network chipsets,\nAvermedia PCI pure analog (M135A), fixes a bug causing SQLite\nperformance regression, and has some updated ALSA drivers. Check the\npackage changelog for details.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/43441\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.27.21-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.21-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.21-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.21-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.21-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.27.21-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.21-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.27.21-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.21-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.21-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.21-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.21-desktop-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-2.6.27.21-desktop586-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.21-server-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20090515.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20090515.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-server-latest-0.5.1-1.20090515.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.21-desktop-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-2.6.27.21-desktop586-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.21-server-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-desktop-latest-2.3.0-1.20090515.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-desktop586-latest-2.3.0-1.20090515.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-server-latest-2.3.0-1.20090515.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.21-desktop-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-2.6.27.21-desktop586-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.21-server-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-desktop-latest-1.2.3-1.20090515.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-desktop586-latest-1.2.3-1.20090515.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-server-latest-1.2.3-1.20090515.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.21-desktop-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.21-desktop586-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.21-server-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20090515.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20090515.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20090515.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.21-desktop-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.27.21-desktop586-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.21-server-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-desktop-latest-8.522-1.20090515.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.522-1.20090515.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-server-latest-8.522-1.20090515.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.21-desktop-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-2.6.27.21-desktop586-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.21-server-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-desktop-latest-2.03.07-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-desktop586-latest-2.03.07-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-server-latest-2.03.07-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.21-desktop-1mnb-1.17-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.21-desktop586-1mnb-1.17-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.21-server-1mnb-1.17-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop-latest-1.17-1.20090515.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop586-latest-1.17-1.20090515.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-server-latest-1.17-1.20090515.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.21-desktop-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.27.21-desktop586-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.21-server-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-desktop-latest-7.68.00.13-1.20090515.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.68.00.13-1.20090515.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-server-latest-7.68.00.13-1.20090515.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.21-desktop-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-2.6.27.21-desktop586-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.21-server-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-desktop-latest-1.2-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-desktop586-latest-1.2-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-server-latest-1.2-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.21-desktop-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-2.6.27.21-desktop586-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.21-server-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-desktop-latest-0.4.16-1.20090515.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-desktop586-latest-0.4.16-1.20090515.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-server-latest-0.4.16-1.20090515.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-2.6.27.21-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-2.6.27.21-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-2.6.27.21-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-latest-2.6.27.21-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-latest-2.6.27.21-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.27.21-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.27.21-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.27.21-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.27.21-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-doc-2.6.27.21-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-2.6.27.21-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-2.6.27.21-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-latest-2.6.27.21-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-latest-2.6.27.21-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-2.6.27.21-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-latest-2.6.27.21-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.21-desktop-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-2.6.27.21-desktop586-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.21-server-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-desktop-latest-1.4.0pre1-1.20090515.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-desktop586-latest-1.4.0pre1-1.20090515.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-server-latest-1.4.0pre1-1.20090515.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.21-desktop-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-2.6.27.21-desktop586-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.21-server-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-desktop-latest-0.8.3-1.20090515.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.3-1.20090515.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-server-latest-0.8.3-1.20090515.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.21-desktop-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-2.6.27.21-desktop586-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.21-server-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-desktop-latest-4.43-1.20090515.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20090515.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-server-latest-4.43-1.20090515.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.21-desktop-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.27.21-desktop586-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.21-server-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-desktop-latest-0.9.4-1.20090515.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.4-1.20090515.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-server-latest-0.9.4-1.20090515.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.21-desktop-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.27.21-desktop586-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.21-server-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-desktop-latest-177.70-1.20090515.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-177.70-1.20090515.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-server-latest-177.70-1.20090515.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-2.6.27.21-desktop-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-2.6.27.21-desktop586-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-2.6.27.21-server-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-desktop-latest-173.14.12-1.20090515.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-desktop586-latest-173.14.12-1.20090515.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-server-latest-173.14.12-1.20090515.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.21-desktop-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-2.6.27.21-desktop586-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.21-server-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-desktop-latest-71.86.06-1.20090515.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-desktop586-latest-71.86.06-1.20090515.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-server-latest-71.86.06-1.20090515.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.21-desktop-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.27.21-desktop586-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.21-server-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.07-1.20090515.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.07-1.20090515.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-server-latest-96.43.07-1.20090515.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.21-desktop-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-2.6.27.21-desktop586-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.21-server-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-desktop-latest-0.8.0-1.20090515.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-desktop586-latest-0.8.0-1.20090515.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-server-latest-0.8.0-1.20090515.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.21-desktop-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-2.6.27.21-desktop586-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.21-server-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-desktop-latest-20080513-1.20090515.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-desktop586-latest-20080513-1.20090515.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-server-latest-20080513-1.20090515.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.21-desktop-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-2.6.27.21-desktop586-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.21-server-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-desktop-latest-0.4.2a-1.20090515.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-desktop586-latest-0.4.2a-1.20090515.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-server-latest-0.4.2a-1.20090515.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.21-desktop-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-2.6.27.21-desktop586-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.21-server-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-desktop-latest-1.5.9-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-desktop586-latest-1.5.9-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-server-latest-1.5.9-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.21-desktop-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-2.6.27.21-desktop586-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.21-server-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-desktop-latest-0.6.6-1.20090515.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-desktop586-latest-0.6.6-1.20090515.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-server-latest-0.6.6-1.20090515.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.21-desktop-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-2.6.27.21-desktop586-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.21-server-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-desktop-latest-1.7.0.0-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-desktop586-latest-1.7.0.0-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-server-latest-1.7.0.0-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.21-desktop-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-2.6.27.21-desktop586-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.21-server-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-desktop-latest-1.3.1.0-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-desktop586-latest-1.3.1.0-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-server-latest-1.3.1.0-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.21-desktop-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-2.6.27.21-desktop586-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.21-server-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-desktop-latest-1016.20080716-1.20090515.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-desktop586-latest-1016.20080716-1.20090515.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-server-latest-1016.20080716-1.20090515.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.21-desktop-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.21-desktop586-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.21-server-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20090515.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20090515.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20090515.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.21-desktop-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.27.21-desktop586-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.21-server-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20090515.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20090515.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20090515.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.21-desktop-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-2.6.27.21-desktop586-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.21-server-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-desktop-latest-0.37-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-desktop586-latest-0.37-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-server-latest-0.37-1.20090515.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.21-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.27.21-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.21-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-desktop-latest-2.0.2-1.20090515.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-desktop586-latest-2.0.2-1.20090515.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-server-latest-2.0.2-1.20090515.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.21-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.27.21-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.21-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-desktop-latest-2.0.2-1.20090515.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-desktop586-latest-2.0.2-1.20090515.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-server-latest-2.0.2-1.20090515.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.21-desktop-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-2.6.27.21-desktop586-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.21-server-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-desktop-latest-1.0.0-1.20090515.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-desktop586-latest-1.0.0-1.20090515.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-server-latest-1.0.0-1.20090515.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.21-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.27.21-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.21-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-desktop-latest-2.0.2-1.20090515.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-2.0.2-1.20090515.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-server-latest-2.0.2-1.20090515.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.21-desktop-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.27.21-desktop586-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.21-server-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20090515.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20090515.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20090515.3mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:28:06", "description": "Security fixes :\n\n - a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n - a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments.\n (CVE-2009-0834, Important)\n\n - Chris Evans reported a deficiency in the Linux kernel signals implementation. The clone() system call permits the caller to indicate the signal it wants to receive when its child exits. When clone() is called with the CLONE_PARENT flag, it permits the caller to clone a new child that shares the same parent as itself, enabling the indicated signal to be sent to the caller's parent (instead of the caller), even if the caller's parent has different real and effective user IDs. This could lead to a denial of service of the parent. (CVE-2009-0028, Moderate)\n\n - the sock_getsockopt() function in the Linux kernel did not properly initialize a data structure that can be directly returned to user-space when the getsockopt() function is called with SO_BSDCOMPAT optname set. This flaw could possibly lead to memory disclosure.\n (CVE-2009-0676, Moderate)\n\nBug fixes :\n\n - a kernel crash may have occurred for Scientific Linux 4.7 guests if their guest configuration file specified 'vif = [ 'type=ioemu' ]'. This crash only occurred when starting guests via the 'xm create' command. (BZ#477146)\n\n - a bug in IO-APIC NMI watchdog may have prevented Scientific Linux 4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs during installation and 'NMI received for unknown reason [xx]' errors may have occurred. (BZ#479184)\n\n - a kernel deadlock on some systems when using netdump through a network interface that uses the igb driver.\n (BZ#480579)\n\n - a possible kernel hang in sys_ptrace() on the Itanium® architecture, possibly triggered by tracing a threaded process with strace. (BZ#484904)\n\n - the RHSA-2008:0665 errata only fixed the known problem with the LSI Logic LSI53C1030 Ultra320 SCSI controller, for tape devices. Read commands sent to tape devices may have received incorrect data. This issue may have led to data corruption. This update includes a fix for all types of devices. (BZ#487399)\n\n - a missing memory barrier caused a race condition in the AIO subsystem between the read_events() and aio_complete() functions. This may have caused a thread in read_events() to sleep indefinitely, possibly causing an application hang. (BZ#489935)\n\n - due to a lack of synchronization in the NFS client code, modifications to some pages (for files on an NFS mounted file system) made through a region of memory mapped by mmap() may be lost if the NFS client invalidates its page cache for particular files. (BZ#490119)\n\n - a NULL pointer dereference in the megaraid_mbox driver caused a system crash on some systems. (BZ#493420)\n\n - the ext3_symlink() function in the ext3 file system code used an illegal __GFP_FS allocation inside some transactions. This may have resulted in a kernel panic and 'Assertion failure' errors. (BZ#493422)\n\n - do_machine_check() cleared all Machine Check Exception (MCE) status registers, preventing the BIOS from using them to determine the cause of certain panics and errors. (BZ#494915)\n\n - a bug prevented NMI watchdog from initializing on HP ProLiant DL580 G5 systems. (BZ#497330)", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0028", "CVE-2009-0676", "CVE-2009-0834"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090430_KERNEL_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60577", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60577);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0028\", \"CVE-2009-0676\", \"CVE-2009-0834\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fixes :\n\n - a logic error was found in the do_setlk() function of\n the Linux kernel Network File System (NFS)\n implementation. If a signal interrupted a lock request,\n the local POSIX lock was incorrectly created. This could\n cause a denial of service on the NFS server if a file\n descriptor was closed before its corresponding lock\n request returned. (CVE-2008-4307, Important)\n\n - a deficiency was found in the Linux kernel system call\n auditing implementation on 64-bit systems. This could\n allow a local, unprivileged user to circumvent a system\n call audit configuration, if that configuration filtered\n based on the 'syscall' number or arguments.\n (CVE-2009-0834, Important)\n\n - Chris Evans reported a deficiency in the Linux kernel\n signals implementation. The clone() system call permits\n the caller to indicate the signal it wants to receive\n when its child exits. When clone() is called with the\n CLONE_PARENT flag, it permits the caller to clone a new\n child that shares the same parent as itself, enabling\n the indicated signal to be sent to the caller's parent\n (instead of the caller), even if the caller's parent has\n different real and effective user IDs. This could lead\n to a denial of service of the parent. (CVE-2009-0028,\n Moderate)\n\n - the sock_getsockopt() function in the Linux kernel did\n not properly initialize a data structure that can be\n directly returned to user-space when the getsockopt()\n function is called with SO_BSDCOMPAT optname set. This\n flaw could possibly lead to memory disclosure.\n (CVE-2009-0676, Moderate)\n\nBug fixes :\n\n - a kernel crash may have occurred for Scientific Linux\n 4.7 guests if their guest configuration file specified\n 'vif = [ 'type=ioemu' ]'. This crash only occurred when\n starting guests via the 'xm create' command. (BZ#477146)\n\n - a bug in IO-APIC NMI watchdog may have prevented\n Scientific Linux 4.7 from being installed on HP ProLiant\n DL580 G5 systems. Hangs during installation and 'NMI\n received for unknown reason [xx]' errors may have\n occurred. (BZ#479184)\n\n - a kernel deadlock on some systems when using netdump\n through a network interface that uses the igb driver.\n (BZ#480579)\n\n - a possible kernel hang in sys_ptrace() on the\n Itanium® architecture, possibly triggered by tracing\n a threaded process with strace. (BZ#484904)\n\n - the RHSA-2008:0665 errata only fixed the known problem\n with the LSI Logic LSI53C1030 Ultra320 SCSI controller,\n for tape devices. Read commands sent to tape devices may\n have received incorrect data. This issue may have led to\n data corruption. This update includes a fix for all\n types of devices. (BZ#487399)\n\n - a missing memory barrier caused a race condition in the\n AIO subsystem between the read_events() and\n aio_complete() functions. This may have caused a thread\n in read_events() to sleep indefinitely, possibly causing\n an application hang. (BZ#489935)\n\n - due to a lack of synchronization in the NFS client code,\n modifications to some pages (for files on an NFS mounted\n file system) made through a region of memory mapped by\n mmap() may be lost if the NFS client invalidates its\n page cache for particular files. (BZ#490119)\n\n - a NULL pointer dereference in the megaraid_mbox driver\n caused a system crash on some systems. (BZ#493420)\n\n - the ext3_symlink() function in the ext3 file system code\n used an illegal __GFP_FS allocation inside some\n transactions. This may have resulted in a kernel panic\n and 'Assertion failure' errors. (BZ#493422)\n\n - do_machine_check() cleared all Machine Check Exception\n (MCE) status registers, preventing the BIOS from using\n them to determine the cause of certain panics and\n errors. (BZ#494915)\n\n - a bug prevented NMI watchdog from initializing on HP\n ProLiant DL580 G5 systems. (BZ#497330)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=477146\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=479184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=480579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=484904\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=487399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=489935\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=490119\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=493420\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=493422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=494915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=497330\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0905&L=scientific-linux-errata&T=0&P=319\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93c098ce\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_cwe_id(264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"kernel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-doc-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-devel-2.6.9-78.0.22.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:01:54", "description": "Updated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments. (CVE-2009-0834, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel signals implementation. The clone() system call permits the caller to indicate the signal it wants to receive when its child exits. When clone() is called with the CLONE_PARENT flag, it permits the caller to clone a new child that shares the same parent as itself, enabling the indicated signal to be sent to the caller's parent (instead of the caller), even if the caller's parent has different real and effective user IDs. This could lead to a denial of service of the parent.\n(CVE-2009-0028, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly initialize a data structure that can be directly returned to user-space when the getsockopt() function is called with SO_BSDCOMPAT optname set. This flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\nBug fixes :\n\n* a kernel crash may have occurred for Red Hat Enterprise Linux 4.7 guests if their guest configuration file specified 'vif = [ 'type=ioemu' ]'. This crash only occurred when starting guests via the 'xm create' command. (BZ#477146)\n\n* a bug in IO-APIC NMI watchdog may have prevented Red Hat Enterprise Linux 4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs during installation and 'NMI received for unknown reason [xx]' errors may have occurred. (BZ#479184)\n\n* a kernel deadlock on some systems when using netdump through a network interface that uses the igb driver. (BZ#480579)\n\n* a possible kernel hang in sys_ptrace() on the Itanium(r) architecture, possibly triggered by tracing a threaded process with strace. (BZ#484904)\n\n* the RHSA-2008:0665 errata only fixed the known problem with the LSI Logic LSI53C1030 Ultra320 SCSI controller, for tape devices. Read commands sent to tape devices may have received incorrect data. This issue may have led to data corruption. This update includes a fix for all types of devices. (BZ#487399)\n\n* a missing memory barrier caused a race condition in the AIO subsystem between the read_events() and aio_complete() functions. This may have caused a thread in read_events() to sleep indefinitely, possibly causing an application hang. (BZ#489935)\n\n* due to a lack of synchronization in the NFS client code, modifications to some pages (for files on an NFS mounted file system) made through a region of memory mapped by mmap() may be lost if the NFS client invalidates its page cache for particular files.\n(BZ#490119)\n\n* a NULL pointer dereference in the megaraid_mbox driver caused a system crash on some systems. (BZ#493420)\n\n* the ext3_symlink() function in the ext3 file system code used an illegal __GFP_FS allocation inside some transactions. This may have resulted in a kernel panic and 'Assertion failure' errors. (BZ#493422)\n\n* do_machine_check() cleared all Machine Check Exception (MCE) status registers, preventing the BIOS from using them to determine the cause of certain panics and errors. (BZ#494915)\n\n* a bug prevented NMI watchdog from initializing on HP ProLiant DL580 G5 systems. (BZ#497330)\n\nThis update contains backported patches to fix these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-05-26T00:00:00", "type": "nessus", "title": "CentOS 4 : kernel (CESA-2009:0459)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0028", "CVE-2009-0676", "CVE-2009-0834"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-hugemem-devel", "p-cpe:/a:centos:centos:kernel-largesmp", "p-cpe:/a:centos:centos:kernel-largesmp-devel", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-smp-devel", "p-cpe:/a:centos:centos:kernel-xenU", "p-cpe:/a:centos:centos:kernel-xenU-devel", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2009-0459.NASL", "href": "https://www.tenable.com/plugins/nessus/38902", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0459 and \n# CentOS Errata and Security Advisory 2009:0459 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38902);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0028\", \"CVE-2009-0676\", \"CVE-2009-0834\");\n script_bugtraq_id(33846, 33951);\n script_xref(name:\"RHSA\", value:\"2009:0459\");\n\n script_name(english:\"CentOS 4 : kernel (CESA-2009:0459)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues and various\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a logic error was found in the do_setlk() function of the Linux\nkernel Network File System (NFS) implementation. If a signal\ninterrupted a lock request, the local POSIX lock was incorrectly\ncreated. This could cause a denial of service on the NFS server if a\nfile descriptor was closed before its corresponding lock request\nreturned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local,\nunprivileged user to circumvent a system call audit configuration, if\nthat configuration filtered based on the 'syscall' number or\narguments. (CVE-2009-0834, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel signals\nimplementation. The clone() system call permits the caller to indicate\nthe signal it wants to receive when its child exits. When clone() is\ncalled with the CLONE_PARENT flag, it permits the caller to clone a\nnew child that shares the same parent as itself, enabling the\nindicated signal to be sent to the caller's parent (instead of the\ncaller), even if the caller's parent has different real and effective\nuser IDs. This could lead to a denial of service of the parent.\n(CVE-2009-0028, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly\ninitialize a data structure that can be directly returned to\nuser-space when the getsockopt() function is called with SO_BSDCOMPAT\noptname set. This flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\nBug fixes :\n\n* a kernel crash may have occurred for Red Hat Enterprise Linux 4.7\nguests if their guest configuration file specified 'vif = [\n'type=ioemu' ]'. This crash only occurred when starting guests via the\n'xm create' command. (BZ#477146)\n\n* a bug in IO-APIC NMI watchdog may have prevented Red Hat Enterprise\nLinux 4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs\nduring installation and 'NMI received for unknown reason [xx]' errors\nmay have occurred. (BZ#479184)\n\n* a kernel deadlock on some systems when using netdump through a\nnetwork interface that uses the igb driver. (BZ#480579)\n\n* a possible kernel hang in sys_ptrace() on the Itanium(r)\narchitecture, possibly triggered by tracing a threaded process with\nstrace. (BZ#484904)\n\n* the RHSA-2008:0665 errata only fixed the known problem with the LSI\nLogic LSI53C1030 Ultra320 SCSI controller, for tape devices. Read\ncommands sent to tape devices may have received incorrect data. This\nissue may have led to data corruption. This update includes a fix for\nall types of devices. (BZ#487399)\n\n* a missing memory barrier caused a race condition in the AIO\nsubsystem between the read_events() and aio_complete() functions. This\nmay have caused a thread in read_events() to sleep indefinitely,\npossibly causing an application hang. (BZ#489935)\n\n* due to a lack of synchronization in the NFS client code,\nmodifications to some pages (for files on an NFS mounted file system)\nmade through a region of memory mapped by mmap() may be lost if the\nNFS client invalidates its page cache for particular files.\n(BZ#490119)\n\n* a NULL pointer dereference in the megaraid_mbox driver caused a\nsystem crash on some systems. (BZ#493420)\n\n* the ext3_symlink() function in the ext3 file system code used an\nillegal __GFP_FS allocation inside some transactions. This may have\nresulted in a kernel panic and 'Assertion failure' errors. (BZ#493422)\n\n* do_machine_check() cleared all Machine Check Exception (MCE) status\nregisters, preventing the BIOS from using them to determine the cause\nof certain panics and errors. (BZ#494915)\n\n* a bug prevented NMI watchdog from initializing on HP ProLiant DL580\nG5 systems. (BZ#497330)\n\nThis update contains backported patches to fix these issues. The\nsystem must be rebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015838.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?065c1c0d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015839.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6b07d768\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-doc-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-doc-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.22.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:56:21", "description": "From Red Hat Security Advisory 2009:0459 :\n\nUpdated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments. (CVE-2009-0834, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel signals implementation. The clone() system call permits the caller to indicate the signal it wants to receive when its child exits. When clone() is called with the CLONE_PARENT flag, it permits the caller to clone a new child that shares the same parent as itself, enabling the indicated signal to be sent to the caller's parent (instead of the caller), even if the caller's parent has different real and effective user IDs. This could lead to a denial of service of the parent.\n(CVE-2009-0028, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly initialize a data structure that can be directly returned to user-space when the getsockopt() function is called with SO_BSDCOMPAT optname set. This flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\nBug fixes :\n\n* a kernel crash may have occurred for Red Hat Enterprise Linux 4.7 guests if their guest configuration file specified 'vif = [ 'type=ioemu' ]'. This crash only occurred when starting guests via the 'xm create' command. (BZ#477146)\n\n* a bug in IO-APIC NMI watchdog may have prevented Red Hat Enterprise Linux 4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs during installation and 'NMI received for unknown reason [xx]' errors may have occurred. (BZ#479184)\n\n* a kernel deadlock on some systems when using netdump through a network interface that uses the igb driver. (BZ#480579)\n\n* a possible kernel hang in sys_ptrace() on the Itanium(r) architecture, possibly triggered by tracing a threaded process with strace. (BZ#484904)\n\n* the RHSA-2008:0665 errata only fixed the known problem with the LSI Logic LSI53C1030 Ultra320 SCSI controller, for tape devices. Read commands sent to tape devices may have received incorrect data. This issue may have led to data corruption. This update includes a fix for all types of devices. (BZ#487399)\n\n* a missing memory barrier caused a race condition in the AIO subsystem between the read_events() and aio_complete() functions. This may have caused a thread in read_events() to sleep indefinitely, possibly causing an application hang. (BZ#489935)\n\n* due to a lack of synchronization in the NFS client code, modifications to some pages (for files on an NFS mounted file system) made through a region of memory mapped by mmap() may be lost if the NFS client invalidates its page cache for particular files.\n(BZ#490119)\n\n* a NULL pointer dereference in the megaraid_mbox driver caused a system crash on some systems. (BZ#493420)\n\n* the ext3_symlink() function in the ext3 file system code used an illegal __GFP_FS allocation inside some transactions. This may have resulted in a kernel panic and 'Assertion failure' errors. (BZ#493422)\n\n* do_machine_check() cleared all Machine Check Exception (MCE) status registers, preventing the BIOS from using them to determine the cause of certain panics and errors. (BZ#494915)\n\n* a bug prevented NMI watchdog from initializing on HP ProLiant DL580 G5 systems. (BZ#497330)\n\nThis update contains backported patches to fix these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : kernel (ELSA-2009-0459)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0028", "CVE-2009-0676", "CVE-2009-0834"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-hugemem-devel", "p-cpe:/a:oracle:linux:kernel-largesmp", "p-cpe:/a:oracle:linux:kernel-largesmp-devel", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-smp-devel", "p-cpe:/a:oracle:linux:kernel-xenU", "p-cpe:/a:oracle:linux:kernel-xenU-devel", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-0459.NASL", "href": "https://www.tenable.com/plugins/nessus/67853", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0459 and \n# Oracle Linux Security Advisory ELSA-2009-0459 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67853);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0028\", \"CVE-2009-0676\", \"CVE-2009-0834\");\n script_bugtraq_id(33846, 33951);\n script_xref(name:\"RHSA\", value:\"2009:0459\");\n\n script_name(english:\"Oracle Linux 4 : kernel (ELSA-2009-0459)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0459 :\n\nUpdated kernel packages that fix several security issues and various\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a logic error was found in the do_setlk() function of the Linux\nkernel Network File System (NFS) implementation. If a signal\ninterrupted a lock request, the local POSIX lock was incorrectly\ncreated. This could cause a denial of service on the NFS server if a\nfile descriptor was closed before its corresponding lock request\nreturned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local,\nunprivileged user to circumvent a system call audit configuration, if\nthat configuration filtered based on the 'syscall' number or\narguments. (CVE-2009-0834, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel signals\nimplementation. The clone() system call permits the caller to indicate\nthe signal it wants to receive when its child exits. When clone() is\ncalled with the CLONE_PARENT flag, it permits the caller to clone a\nnew child that shares the same parent as itself, enabling the\nindicated signal to be sent to the caller's parent (instead of the\ncaller), even if the caller's parent has different real and effective\nuser IDs. This could lead to a denial of service of the parent.\n(CVE-2009-0028, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly\ninitialize a data structure that can be directly returned to\nuser-space when the getsockopt() function is called with SO_BSDCOMPAT\noptname set. This flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\nBug fixes :\n\n* a kernel crash may have occurred for Red Hat Enterprise Linux 4.7\nguests if their guest configuration file specified 'vif = [\n'type=ioemu' ]'. This crash only occurred when starting guests via the\n'xm create' command. (BZ#477146)\n\n* a bug in IO-APIC NMI watchdog may have prevented Red Hat Enterprise\nLinux 4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs\nduring installation and 'NMI received for unknown reason [xx]' errors\nmay have occurred. (BZ#479184)\n\n* a kernel deadlock on some systems when using netdump through a\nnetwork interface that uses the igb driver. (BZ#480579)\n\n* a possible kernel hang in sys_ptrace() on the Itanium(r)\narchitecture, possibly triggered by tracing a threaded process with\nstrace. (BZ#484904)\n\n* the RHSA-2008:0665 errata only fixed the known problem with the LSI\nLogic LSI53C1030 Ultra320 SCSI controller, for tape devices. Read\ncommands sent to tape devices may have received incorrect data. This\nissue may have led to data corruption. This update includes a fix for\nall types of devices. (BZ#487399)\n\n* a missing memory barrier caused a race condition in the AIO\nsubsystem between the read_events() and aio_complete() functions. This\nmay have caused a thread in read_events() to sleep indefinitely,\npossibly causing an application hang. (BZ#489935)\n\n* due to a lack of synchronization in the NFS client code,\nmodifications to some pages (for files on an NFS mounted file system)\nmade through a region of memory mapped by mmap() may be lost if the\nNFS client invalidates its page cache for particular files.\n(BZ#490119)\n\n* a NULL pointer dereference in the megaraid_mbox driver caused a\nsystem crash on some systems. (BZ#493420)\n\n* the ext3_symlink() function in the ext3 file system code used an\nillegal __GFP_FS allocation inside some transactions. This may have\nresulted in a kernel panic and 'Assertion failure' errors. (BZ#493422)\n\n* do_machine_check() cleared all Machine Check Exception (MCE) status\nregisters, preventing the BIOS from using them to determine the cause\nof certain panics and errors. (BZ#494915)\n\n* a bug prevented NMI watchdog from initializing on HP ProLiant DL580\nG5 systems. (BZ#497330)\n\nThis update contains backported patches to fix these issues. The\nsystem must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-May/000993.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2008-4307\", \"CVE-2009-0028\", \"CVE-2009-0676\", \"CVE-2009-0834\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-0459\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-devel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-doc-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-doc-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:59:20", "description": "Updated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments. (CVE-2009-0834, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel signals implementation. The clone() system call permits the caller to indicate the signal it wants to receive when its child exits. When clone() is called with the CLONE_PARENT flag, it permits the caller to clone a new child that shares the same parent as itself, enabling the indicated signal to be sent to the caller's parent (instead of the caller), even if the caller's parent has different real and effective user IDs. This could lead to a denial of service of the parent.\n(CVE-2009-0028, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly initialize a data structure that can be directly returned to user-space when the getsockopt() function is called with SO_BSDCOMPAT optname set. This flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\nBug fixes :\n\n* a kernel crash may have occurred for Red Hat Enterprise Linux 4.7 guests if their guest configuration file specified 'vif = [ 'type=ioemu' ]'. This crash only occurred when starting guests via the 'xm create' command. (BZ#477146)\n\n* a bug in IO-APIC NMI watchdog may have prevented Red Hat Enterprise Linux 4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs during installation and 'NMI received for unknown reason [xx]' errors may have occurred. (BZ#479184)\n\n* a kernel deadlock on some systems when using netdump through a network interface that uses the igb driver. (BZ#480579)\n\n* a possible kernel hang in sys_ptrace() on the Itanium(r) architecture, possibly triggered by tracing a threaded process with strace. (BZ#484904)\n\n* the RHSA-2008:0665 errata only fixed the known problem with the LSI Logic LSI53C1030 Ultra320 SCSI controller, for tape devices. Read commands sent to tape devices may have received incorrect data. This issue may have led to data corruption. This update includes a fix for all types of devices. (BZ#487399)\n\n* a missing memory barrier caused a race condition in the AIO subsystem between the read_events() and aio_complete() functions. This may have caused a thread in read_events() to sleep indefinitely, possibly causing an application hang. (BZ#489935)\n\n* due to a lack of synchronization in the NFS client code, modifications to some pages (for files on an NFS mounted file system) made through a region of memory mapped by mmap() may be lost if the NFS client invalidates its page cache for particular files.\n(BZ#490119)\n\n* a NULL pointer dereference in the megaraid_mbox driver caused a system crash on some systems. (BZ#493420)\n\n* the ext3_symlink() function in the ext3 file system code used an illegal __GFP_FS allocation inside some transactions. This may have resulted in a kernel panic and 'Assertion failure' errors. (BZ#493422)\n\n* do_machine_check() cleared all Machine Check Exception (MCE) status registers, preventing the BIOS from using them to determine the cause of certain panics and errors. (BZ#494915)\n\n* a bug prevented NMI watchdog from initializing on HP ProLiant DL580 G5 systems. (BZ#497330)\n\nThis update contains backported patches to fix these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-05-01T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2009:0459)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0028", "CVE-2009-0676", "CVE-2009-0834"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2009-0459.NASL", "href": "https://www.tenable.com/plugins/nessus/38661", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0459. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38661);\n script_version(\"1.31\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0028\", \"CVE-2009-0676\", \"CVE-2009-0834\");\n script_bugtraq_id(33846, 33951);\n script_xref(name:\"RHSA\", value:\"2009:0459\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2009:0459)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues and various\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a logic error was found in the do_setlk() function of the Linux\nkernel Network File System (NFS) implementation. If a signal\ninterrupted a lock request, the local POSIX lock was incorrectly\ncreated. This could cause a denial of service on the NFS server if a\nfile descriptor was closed before its corresponding lock request\nreturned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local,\nunprivileged user to circumvent a system call audit configuration, if\nthat configuration filtered based on the 'syscall' number or\narguments. (CVE-2009-0834, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel signals\nimplementation. The clone() system call permits the caller to indicate\nthe signal it wants to receive when its child exits. When clone() is\ncalled with the CLONE_PARENT flag, it permits the caller to clone a\nnew child that shares the same parent as itself, enabling the\nindicated signal to be sent to the caller's parent (instead of the\ncaller), even if the caller's parent has different real and effective\nuser IDs. This could lead to a denial of service of the parent.\n(CVE-2009-0028, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly\ninitialize a data structure that can be directly returned to\nuser-space when the getsockopt() function is called with SO_BSDCOMPAT\noptname set. This flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\nBug fixes :\n\n* a kernel crash may have occurred for Red Hat Enterprise Linux 4.7\nguests if their guest configuration file specified 'vif = [\n'type=ioemu' ]'. This crash only occurred when starting guests via the\n'xm create' command. (BZ#477146)\n\n* a bug in IO-APIC NMI watchdog may have prevented Red Hat Enterprise\nLinux 4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs\nduring installation and 'NMI received for unknown reason [xx]' errors\nmay have occurred. (BZ#479184)\n\n* a kernel deadlock on some systems when using netdump through a\nnetwork interface that uses the igb driver. (BZ#480579)\n\n* a possible kernel hang in sys_ptrace() on the Itanium(r)\narchitecture, possibly triggered by tracing a threaded process with\nstrace. (BZ#484904)\n\n* the RHSA-2008:0665 errata only fixed the known problem with the LSI\nLogic LSI53C1030 Ultra320 SCSI controller, for tape devices. Read\ncommands sent to tape devices may have received incorrect data. This\nissue may have led to data corruption. This update includes a fix for\nall types of devices. (BZ#487399)\n\n* a missing memory barrier caused a race condition in the AIO\nsubsystem between the read_events() and aio_complete() functions. This\nmay have caused a thread in read_events() to sleep indefinitely,\npossibly causing an application hang. (BZ#489935)\n\n* due to a lack of synchronization in the NFS client code,\nmodifications to some pages (for files on an NFS mounted file system)\nmade through a region of memory mapped by mmap() may be lost if the\nNFS client invalidates its page cache for particular files.\n(BZ#490119)\n\n* a NULL pointer dereference in the megaraid_mbox driver caused a\nsystem crash on some systems. (BZ#493420)\n\n* the ext3_symlink() function in the ext3 file system code used an\nillegal __GFP_FS allocation inside some transactions. This may have\nresulted in a kernel panic and 'Assertion failure' errors. (BZ#493422)\n\n* do_machine_check() cleared all Machine Check Exception (MCE) status\nregisters, preventing the BIOS from using them to determine the cause\nof certain panics and errors. (BZ#494915)\n\n* a bug prevented NMI watchdog from initializing on HP ProLiant DL580\nG5 systems. (BZ#497330)\n\nThis update contains backported patches to fix these issues. The\nsystem must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0459\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-4307\", \"CVE-2009-0028\", \"CVE-2009-0676\", \"CVE-2009-0834\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:0459\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0459\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.22.EL\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-13T14:36:36", "description": "These updated packages fix the following security issues :\n\n - the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n - the Linux kernel implementation of the Network File System (NFS) did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFS share. (CVE-2009-1336, Moderate)\n\n - a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across multiple hardware receive descriptors. Receipt of such a frame could leak through a validation check, leading to a corruption of the length check. A remote attacker could use this flaw to send a specially crafted packet that would cause a denial of service. (CVE-2009-1385, Important)\n\n - the Linux kernel Network File System daemon (nfsd) implementation did not drop the CAP_MKNOD capability when handling requests from local, unprivileged users.\n This flaw could possibly lead to an information leak or privilege escalation. (CVE-2009-1072, Moderate)\n\n - Frank Filz reported the NFSv4 client was missing a file permission check for the execute bit in some situations.\n This could allow local, unprivileged users to run non-executable files on NFSv4 mounted file systems.\n (CVE-2009-1630, Moderate)\n\n - a missing check was found in the hypervisor_callback() function in the Linux kernel provided by the kernel-xen package. This could cause a denial of service of a 32-bit guest if an application running in that guest accesses a certain memory location in the kernel.\n (CVE-2009-1758, Moderate)\n\n - a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and agp_generic_alloc_pages() functions did not zero out the memory pages they allocate, which may later be available to user-space processes. This flaw could possibly lead to an information leak. (CVE-2009-1192, Low)\n\nThese updated packages also fix the following bugs :\n\n - '/proc/[pid]/maps' and '/proc/[pid]/smaps' can only be read by processes able to use the ptrace() call on a given process; however, certain information from '/proc/[pid]/stat' and '/proc/[pid]/wchan' could be used to reconstruct memory maps, making it possible to bypass the Address Space Layout Randomization (ASLR) security feature. This update addresses this issue. (BZ#499549)\n\n - in some situations, the link count was not decreased when renaming unused files on NFS mounted file systems.\n This may have resulted in poor performance. With this update, the link count is decreased in these situations, the same as is done for other file operations, such as unlink and rmdir. (BZ#501802)\n\n - tcp_ack() cleared the probes_out variable even if there were outstanding packets. When low TCP keepalive intervals were used, this bug may have caused problems, such as connections terminating, when using remote tools such as rsh and rlogin. (BZ#501754)\n\n - off-by-one errors in the time normalization code could have caused clock_gettime() to return one billion nanoseconds, rather than adding an extra second. This bug could have caused the name service cache daemon (nscd) to consume excessive CPU resources. (BZ#501800)\n\n - a system panic could occur when one thread read '/proc/bus/input/devices' while another was removing a device. With this update, a mutex has been added to protect the input_dev_list and input_handler_list variables, which resolves this issue. (BZ#501804)\n\n - using netdump may have caused a kernel deadlock on some systems. (BZ#504565)\n\n - the file system mask, which lists capabilities for users with a file system user ID (fsuid) of 0, was missing the CAP_MKNOD and CAP_LINUX_IMMUTABLE capabilities. This could, potentially, allow users with an fsuid other than 0 to perform actions on some file system types that would otherwise be prevented. This update adds these capabilities. (BZ#497269)\n\nKernel Feature Support :\n\n - added a new allowable value to '/proc/sys/kernel/wake_balance' to allow the scheduler to run the thread on any available CPU rather than scheduling it on the optimal CPU.\n\n - added 'max_writeback_pages' tunable parameter to /proc/sys/vm/ to allow the maximum number of modified pages kupdate writes to disk, per iteration per run.\n\n - added 'swap_token_timeout' tunable parameter to /proc/sys/vm/ to provide a valid hold time for the swap out protection token.\n\n - added diskdump support to sata_svw driver.\n\n - limited physical memory to 64GB for 32-bit kernels running on systems with more than 64GB of physical memory to prevent boot failures.\n\n - improved reliability of autofs.\n\n - added support for 'rdattr_error' in NFSv4 readdir requests.\n\n - fixed various short packet handling issues for NFSv4 readdir and sunrpc.\n\n - fixed several CIFS bugs.\n\nNetworking and IPv6 Enablement :\n\n - added router solicitation support.\n\n - enforced sg requires tx csum in ethtool.\n\nPlatform Support :\n\nx86, AMD64, Intel 64\n\n - added support for a new Intel chipset.\n\n - added initialization vendor info in boot_cpu_data.\n\n - added support for N_Port ID Virtualization (NPIV) for IBM System z guests using zFCP.\n\n - added HDMI support for some AMD and ATI chipsets.\n\n - updated HDA driver in ALSA to latest upstream as of 2008-07-22.\n\n - added support for affected_cpus for cpufreq.\n\n - removed polling timer from i8042.\n\n - fixed PM-Timer when using the ASUS A8V Deluxe motherboard.\n\n - backported usbfs_mutex in usbfs.\n\nNetwork Driver Updates :\n\n - updated forcedeth driver to latest upstream version 0.61.\n\n - fixed various e1000 issues when using Intel ESB2 hardware.\n\n - updated e1000e driver to upstream version 0.3.3.3-k6.\n\n - updated igb to upstream version 1.2.45-k2.\n\n - updated tg3 to upstream version 3.96.\n\n - updated ixgbe to upstream version 1.3.18-k4.\n\n - updated bnx2 to upstream version 1.7.9.\n\n - updated bnx2x to upstream version 1.45.23.\n\n - fixed bugs and added enhancements for the NetXen NX2031 and NX3031 products.\n\n - updated Realtek r8169 driver to support newer network chipsets. All variants of RTL810x/RTL8168(9) are now supported.\n\nStorage Driver Updates :\n\n - fixed various SCSI issues. Also, the SCSI sd driver now calls the revalidate_disk wrapper.\n\n - fixed a dmraid reduced I/O delay bug in certain configurations.\n\n - removed quirk aac_quirk_scsi_32 for some aacraid controllers.\n\n - updated FCP driver on IBM System z systems with support for point-to-point connections.\n\n - updated lpfc to version 8.0.16.46.\n\n - updated megaraid_sas to version 4.01-RH1.\n\n - updated MPT Fusion driver to version 3.12.29.00rh.\n\n - updated qla2xxx firmware to 4.06.01 for 4GB/s and 8GB/s adapters.\n\n - updated qla2xxx driver to version 8.02.09.00.04.08-d.\n\n - fixed sata_nv in libsata to disable ADMA mode by default.\n\nMiscellaneous Updates :\n\n - upgraded OpenFabrics Alliance Enterprise Distribution (OFED) to version 1.4.\n\n - added driver support and fixes for various Wacom tablets.\n\nNote: The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1072", "CVE-2009-1192", "CVE-2009-1336", "CVE-2009-1337", "CVE-2009-1385", "CVE-2009-1630", "CVE-2009-1758"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090630_KERNEL_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60609", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60609);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1072\", \"CVE-2009-1192\", \"CVE-2009-1336\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1630\", \"CVE-2009-1758\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"These updated packages fix the following security issues :\n\n - the exit_notify() function in the Linux kernel did not\n properly reset the exit signal if a process executed a\n set user ID (setuid) application before exiting. This\n could allow a local, unprivileged user to elevate their\n privileges. (CVE-2009-1337, Important)\n\n - the Linux kernel implementation of the Network File\n System (NFS) did not properly initialize the file name\n limit in the nfs_server data structure. This flaw could\n possibly lead to a denial of service on a client\n mounting an NFS share. (CVE-2009-1336, Moderate)\n\n - a flaw was found in the Intel PRO/1000 network driver in\n the Linux kernel. Frames with sizes near the MTU of an\n interface may be split across multiple hardware receive\n descriptors. Receipt of such a frame could leak through\n a validation check, leading to a corruption of the\n length check. A remote attacker could use this flaw to\n send a specially crafted packet that would cause a\n denial of service. (CVE-2009-1385, Important)\n\n - the Linux kernel Network File System daemon (nfsd)\n implementation did not drop the CAP_MKNOD capability\n when handling requests from local, unprivileged users.\n This flaw could possibly lead to an information leak or\n privilege escalation. (CVE-2009-1072, Moderate)\n\n - Frank Filz reported the NFSv4 client was missing a file\n permission check for the execute bit in some situations.\n This could allow local, unprivileged users to run\n non-executable files on NFSv4 mounted file systems.\n (CVE-2009-1630, Moderate)\n\n - a missing check was found in the hypervisor_callback()\n function in the Linux kernel provided by the kernel-xen\n package. This could cause a denial of service of a\n 32-bit guest if an application running in that guest\n accesses a certain memory location in the kernel.\n (CVE-2009-1758, Moderate)\n\n - a flaw was found in the AGPGART driver. The\n agp_generic_alloc_page() and agp_generic_alloc_pages()\n functions did not zero out the memory pages they\n allocate, which may later be available to user-space\n processes. This flaw could possibly lead to an\n information leak. (CVE-2009-1192, Low)\n\nThese updated packages also fix the following bugs :\n\n - '/proc/[pid]/maps' and '/proc/[pid]/smaps' can only be\n read by processes able to use the ptrace() call on a\n given process; however, certain information from\n '/proc/[pid]/stat' and '/proc/[pid]/wchan' could be used\n to reconstruct memory maps, making it possible to bypass\n the Address Space Layout Randomization (ASLR) security\n feature. This update addresses this issue. (BZ#499549)\n\n - in some situations, the link count was not decreased\n when renaming unused files on NFS mounted file systems.\n This may have resulted in poor performance. With this\n update, the link count is decreased in these situations,\n the same as is done for other file operations, such as\n unlink and rmdir. (BZ#501802)\n\n - tcp_ack() cleared the probes_out variable even if there\n were outstanding packets. When low TCP keepalive\n intervals were used, this bug may have caused problems,\n such as connections terminating, when using remote tools\n such as rsh and rlogin. (BZ#501754)\n\n - off-by-one errors in the time normalization code could\n have caused clock_gettime() to return one billion\n nanoseconds, rather than adding an extra second. This\n bug could have caused the name service cache daemon\n (nscd) to consume excessive CPU resources. (BZ#501800)\n\n - a system panic could occur when one thread read\n '/proc/bus/input/devices' while another was removing a\n device. With this update, a mutex has been added to\n protect the input_dev_list and input_handler_list\n variables, which resolves this issue. (BZ#501804)\n\n - using netdump may have caused a kernel deadlock on some\n systems. (BZ#504565)\n\n - the file system mask, which lists capabilities for users\n with a file system user ID (fsuid) of 0, was missing the\n CAP_MKNOD and CAP_LINUX_IMMUTABLE capabilities. This\n could, potentially, allow users with an fsuid other than\n 0 to perform actions on some file system types that\n would otherwise be prevented. This update adds these\n capabilities. (BZ#497269)\n\nKernel Feature Support :\n\n - added a new allowable value to\n '/proc/sys/kernel/wake_balance' to allow the scheduler\n to run the thread on any available CPU rather than\n scheduling it on the optimal CPU.\n\n - added 'max_writeback_pages' tunable parameter to\n /proc/sys/vm/ to allow the maximum number of modified\n pages kupdate writes to disk, per iteration per run.\n\n - added 'swap_token_timeout' tunable parameter to\n /proc/sys/vm/ to provide a valid hold time for the swap\n out protection token.\n\n - added diskdump support to sata_svw driver.\n\n - limited physical memory to 64GB for 32-bit kernels\n running on systems with more than 64GB of physical\n memory to prevent boot failures.\n\n - improved reliability of autofs.\n\n - added support for 'rdattr_error' in NFSv4 readdir\n requests.\n\n - fixed various short packet handling issues for NFSv4\n readdir and sunrpc.\n\n - fixed several CIFS bugs.\n\nNetworking and IPv6 Enablement :\n\n - added router solicitation support.\n\n - enforced sg requires tx csum in ethtool.\n\nPlatform Support :\n\nx86, AMD64, Intel 64\n\n - added support for a new Intel chipset.\n\n - added initialization vendor info in boot_cpu_data.\n\n - added support for N_Port ID Virtualization (NPIV) for\n IBM System z guests using zFCP.\n\n - added HDMI support for some AMD and ATI chipsets.\n\n - updated HDA driver in ALSA to latest upstream as of\n 2008-07-22.\n\n - added support for affected_cpus for cpufreq.\n\n - removed polling timer from i8042.\n\n - fixed PM-Timer when using the ASUS A8V Deluxe\n motherboard.\n\n - backported usbfs_mutex in usbfs.\n\nNetwork Driver Updates :\n\n - updated forcedeth driver to latest upstream version\n 0.61.\n\n - fixed various e1000 issues when using Intel ESB2\n hardware.\n\n - updated e1000e driver to upstream version 0.3.3.3-k6.\n\n - updated igb to upstream version 1.2.45-k2.\n\n - updated tg3 to upstream version 3.96.\n\n - updated ixgbe to upstream version 1.3.18-k4.\n\n - updated bnx2 to upstream version 1.7.9.\n\n - updated bnx2x to upstream version 1.45.23.\n\n - fixed bugs and added enhancements for the NetXen NX2031\n and NX3031 products.\n\n - updated Realtek r8169 driver to support newer network\n chipsets. All variants of RTL810x/RTL8168(9) are now\n supported.\n\nStorage Driver Updates :\n\n - fixed various SCSI issues. Also, the SCSI sd driver now\n calls the revalidate_disk wrapper.\n\n - fixed a dmraid reduced I/O delay bug in certain\n configurations.\n\n - removed quirk aac_quirk_scsi_32 for some aacraid\n controllers.\n\n - updated FCP driver on IBM System z systems with support\n for point-to-point connections.\n\n - updated lpfc to version 8.0.16.46.\n\n - updated megaraid_sas to version 4.01-RH1.\n\n - updated MPT Fusion driver to version 3.12.29.00rh.\n\n - updated qla2xxx firmware to 4.06.01 for 4GB/s and 8GB/s\n adapters.\n\n - updated qla2xxx driver to version 8.02.09.00.04.08-d.\n\n - fixed sata_nv in libsata to disable ADMA mode by\n default.\n\nMiscellaneous Updates :\n\n - upgraded OpenFabrics Alliance Enterprise Distribution\n (OFED) to version 1.4.\n\n - added driver support and fixes for various Wacom\n tablets.\n\nNote: The system must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=497269\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=499549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=501754\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=501800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=501802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=501804\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=504565\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0907&L=scientific-linux-errata&T=0&P=75\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2857eca5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(16, 20, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"kernel-2.6.9-89.0.3.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-devel-2.6.9-89.0.3.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-doc-2.6.9-89.0.3.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-largesmp-2.6.9-89.0.3.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-largesmp-devel-2.6.9-89.0.3.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-2.6.9-89.0.3.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-devel-2.6.9-89.0.3.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-2.6.9-89.0.3.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-devel-2.6.9-89.0.3.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:10:36", "description": "The Linux kernel on SUSE Linux Enterprise 10 Service Pack 2 was updated to fix various security issues and several bugs.\n\nThe following security issues were fixed: CVE-2009-0834: The audit_syscall_entry function in the Linux kernel on the x86_64 platform did not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls.\n\n - nfsd in the Linux kernel did not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option. (CVE-2009-1072)\n\n - The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod. (CVE-2009-0835)\n\n - Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.\n (CVE-2009-1439)\n\nThis requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.\n\n - The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n (CVE-2009-1337)\n\n - The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program. (SUSE is enabling CONFIG_SHMEM, so is by default not affected, the fix is just for completeness). (CVE-2009-0859)\n\nThe GCC option -fwrapv has been added to compilation to work around potentially removing integer overflow checks.\n\n - Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent. (CVE-2009-1265)\n\nAlso a number of bugs were fixed, for details please see the RPM changelog.", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 6237)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1072", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1439"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-6237.NASL", "href": "https://www.tenable.com/plugins/nessus/41539", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41539);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1072\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1439\");\n\n script_name(english:\"SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 6237)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux kernel on SUSE Linux Enterprise 10 Service Pack 2 was\nupdated to fix various security issues and several bugs.\n\nThe following security issues were fixed: CVE-2009-0834: The\naudit_syscall_entry function in the Linux kernel on the x86_64\nplatform did not properly handle (1) a 32-bit process making a 64-bit\nsyscall or (2) a 64-bit process making a 32-bit syscall, which allows\nlocal users to bypass certain syscall audit configurations via crafted\nsyscalls.\n\n - nfsd in the Linux kernel did not drop the CAP_MKNOD\n capability before handling a user request in a thread,\n which allows local users to create device nodes, as\n demonstrated on a filesystem that has been exported with\n the root_squash option. (CVE-2009-1072)\n\n - The __secure_computing function in kernel/seccomp.c in\n the seccomp subsystem in the Linux kernel on the x86_64\n platform, when CONFIG_SECCOMP is enabled, does not\n properly handle (1) a 32-bit process making a 64-bit\n syscall or (2) a 64-bit process making a 32-bit syscall,\n which allows local users to bypass intended access\n restrictions via crafted syscalls that are\n misinterpreted as (a) stat or (b) chmod. (CVE-2009-0835)\n\n - Buffer overflow in fs/cifs/connect.c in CIFS in the\n Linux kernel 2.6.29 and earlier allows remote attackers\n to cause a denial of service (crash) or potential code\n execution via a long nativeFileSystem field in a Tree\n Connect response to an SMB mount request.\n (CVE-2009-1439)\n\nThis requires that kernel can be made to mount a 'cifs' filesystem\nfrom a malicious CIFS server.\n\n - The exit_notify function in kernel/exit.c in the Linux\n kernel did not restrict exit signals when the CAP_KILL\n capability is held, which allows local users to send an\n arbitrary signal to a process by running a program that\n modifies the exit_signal field and then uses an exec\n system call to launch a setuid application.\n (CVE-2009-1337)\n\n - The shm_get_stat function in ipc/shm.c in the shm\n subsystem in the Linux kernel, when CONFIG_SHMEM is\n disabled, misinterprets the data type of an inode, which\n allows local users to cause a denial of service (system\n hang) via an SHM_INFO shmctl call, as demonstrated by\n running the ipcs program. (SUSE is enabling\n CONFIG_SHMEM, so is by default not affected, the fix is\n just for completeness). (CVE-2009-0859)\n\nThe GCC option -fwrapv has been added to compilation to work around\npotentially removing integer overflow checks.\n\n - Integer overflow in rose_sendmsg (sys/net/af_rose.c) in\n the Linux kernel might allow attackers to obtain\n sensitive information via a large length value, which\n causes 'garbage' memory to be sent. (CVE-2009-1265)\n\nAlso a number of bugs were fixed, for details please see the RPM\nchangelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0834.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0835.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0859.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1072.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1265.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1337.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1439.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6237.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(16, 20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.39.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:24:08", "description": "The Linux kernel on SUSE Linux Enterprise 10 Service Pack 2 was updated to fix various security issues and several bugs.\n\nThe following security issues were fixed: CVE-2009-0834: The audit_syscall_entry function in the Linux kernel on the x86_64 platform did not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls.\n\n - nfsd in the Linux kernel did not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option. (CVE-2009-1072)\n\n - The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod. (CVE-2009-0835)\n\n - Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.\n (CVE-2009-1439)\n\nThis requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.\n\n - The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n (CVE-2009-1337)\n\n - The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program. (SUSE is enabling CONFIG_SHMEM, so is by default not affected, the fix is just for completeness). (CVE-2009-0859)\n\nThe GCC option -fwrapv has been added to compilation to work around potentially removing integer overflow checks.\n\n - Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent. (CVE-2009-1265)\n\nAlso a number of bugs were fixed, for details please see the RPM changelog.", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 6236)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1072", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1439"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-6236.NASL", "href": "https://www.tenable.com/plugins/nessus/59137", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59137);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1072\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1439\");\n\n script_name(english:\"SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 6236)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux kernel on SUSE Linux Enterprise 10 Service Pack 2 was\nupdated to fix various security issues and several bugs.\n\nThe following security issues were fixed: CVE-2009-0834: The\naudit_syscall_entry function in the Linux kernel on the x86_64\nplatform did not properly handle (1) a 32-bit process making a 64-bit\nsyscall or (2) a 64-bit process making a 32-bit syscall, which allows\nlocal users to bypass certain syscall audit configurations via crafted\nsyscalls.\n\n - nfsd in the Linux kernel did not drop the CAP_MKNOD\n capability before handling a user request in a thread,\n which allows local users to create device nodes, as\n demonstrated on a filesystem that has been exported with\n the root_squash option. (CVE-2009-1072)\n\n - The __secure_computing function in kernel/seccomp.c in\n the seccomp subsystem in the Linux kernel on the x86_64\n platform, when CONFIG_SECCOMP is enabled, does not\n properly handle (1) a 32-bit process making a 64-bit\n syscall or (2) a 64-bit process making a 32-bit syscall,\n which allows local users to bypass intended access\n restrictions via crafted syscalls that are\n misinterpreted as (a) stat or (b) chmod. (CVE-2009-0835)\n\n - Buffer overflow in fs/cifs/connect.c in CIFS in the\n Linux kernel 2.6.29 and earlier allows remote attackers\n to cause a denial of service (crash) or potential code\n execution via a long nativeFileSystem field in a Tree\n Connect response to an SMB mount request.\n (CVE-2009-1439)\n\nThis requires that kernel can be made to mount a 'cifs' filesystem\nfrom a malicious CIFS server.\n\n - The exit_notify function in kernel/exit.c in the Linux\n kernel did not restrict exit signals when the CAP_KILL\n capability is held, which allows local users to send an\n arbitrary signal to a process by running a program that\n modifies the exit_signal field and then uses an exec\n system call to launch a setuid application.\n (CVE-2009-1337)\n\n - The shm_get_stat function in ipc/shm.c in the shm\n subsystem in the Linux kernel, when CONFIG_SHMEM is\n disabled, misinterprets the data type of an inode, which\n allows local users to cause a denial of service (system\n hang) via an SHM_INFO shmctl call, as demonstrated by\n running the ipcs program. (SUSE is enabling\n CONFIG_SHMEM, so is by default not affected, the fix is\n just for completeness). (CVE-2009-0859)\n\nThe GCC option -fwrapv has been added to compilation to work around\npotentially removing integer overflow checks.\n\n - Integer overflow in rose_sendmsg (sys/net/af_rose.c) in\n the Linux kernel might allow attackers to obtain\n sensitive information via a large length value, which\n causes 'garbage' memory to be sent. (CVE-2009-1265)\n\nAlso a number of bugs were fixed, for details please see the RPM\nchangelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0834.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0835.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0859.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1072.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1265.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1337.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1439.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6236.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(16, 20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.39.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:01:10", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to denial of service, privilege escalation, or information leak. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-4307 Bryn M. Reeves reported a denial of service in the NFS filesystem. Local users can trigger a kernel BUG() due to a race condition in the do_setlk function.\n\n - CVE-2008-5395 Helge Deller discovered a denial of service condition that allows local users on PA-RISC to crash the system by attempting to unwind a stack containing userspace addresses.\n\n - CVE-2008-5701 Vlad Malov reported an issue on 64-bit MIPS where a local user could cause a system crash by crafting a malicious binary which makes o32 syscalls with a number less than 4000.\n\n - CVE-2008-5702 Zvonimir Rakamaric reported an off-by-one error in the ib700wdt watchdog driver which allows local users to cause a buffer underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl call.\n\n - CVE-2008-5713 Flavio Leitner discovered that a local user can cause a denial of service by generating large amounts of traffic on a large SMP system, resulting in soft lockups.\n\n - CVE-2009-0028 Chris Evans discovered a situation in which a child process can send an arbitrary signal to its parent.\n\n - CVE-2009-0029 Christian Borntraeger discovered an issue effecting the alpha, mips, powerpc, s390 and sparc64 architectures that allows local users to cause a denial of service or potentially gain elevated privileges.\n\n - CVE-2009-0031 Vegard Nossum discovered a memory leak in the keyctl subsystem that allows local users to cause a denial of service by consuming all available kernel memory.\n\n - CVE-2009-0065 Wei Yongjun discovered a memory overflow in the SCTP implementation that can be triggered by remote users, permitting remote code execution.\n\n - CVE-2009-0322 Pavel Roskin provided a fix for an issue in the dell_rbu driver that allows a local user to cause a denial of service (oops) by reading 0 bytes from a sysfs entry.\n\n - CVE-2009-0675 Roel Kluin discovered inverted logic in the skfddi driver that permits local, unprivileged users to reset the driver statistics.\n\n - CVE-2009-0676 Clement LECIGNE discovered a bug in the sock_getsockopt function that may result in leaking sensitive kernel memory.\n\n - CVE-2009-0834 Roland McGrath discovered an issue on amd64 kernels that allows local users to circumvent system call audit configurations which filter based on the syscall numbers or argument details.\n\n - CVE-2009-0859 Jiri Olsa discovered that a local user can cause a denial of service (system hang) using a SHM_INFO shmctl call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1192 Shaohua Li reported an issue in the AGP subsystem that may allow local users to read sensitive kernel memory due to a leak of uninitialized memory.\n\n - CVE-2009-1265 Thomas Pollet reported an overflow in the af_rose implementation that allows remote attackers to retrieve uninitialized kernel memory that may contain sensitive data.\n\n - CVE-2009-1336 Trond Myklebust reported an issue in the encode_lookup() function in the nfs server subsystem that allows local users to cause a denial of service (oops in encode_lookup()) by use of a long filename.\n\n - CVE-2009-1337 Oleg Nesterov discovered an issue in the exit_notify function that allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\n - CVE-2009-1439 Pavan Naregundi reported an issue in the CIFS filesystem code that allows remote users to overwrite memory via a long nativeFileSystem field in a Tree Connect response during mount.", "cvss3": {}, "published": "2009-05-11T00:00:00", "type": "nessus", "title": "Debian DSA-1794-1 : linux-2.6 - denial of service/privilege escalation/information leak", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2008-5395", "CVE-2008-5701", "CVE-2008-5702", "CVE-2008-5713", "CVE-2009-0028", "CVE-2009-0029", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0322", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0834", "CVE-2009-0859", "CVE-2009-1192", "CVE-2009-1265", "CVE-2009-1336", "CVE-2009-1337", "CVE-2009-1439"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1794.NASL", "href": "https://www.tenable.com/plugins/nessus/38722", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1794. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38722);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2008-5395\", \"CVE-2008-5701\", \"CVE-2008-5702\", \"CVE-2008-5713\", \"CVE-2009-0028\", \"CVE-2009-0029\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0834\", \"CVE-2009-0859\", \"CVE-2009-1192\", \"CVE-2009-1265\", \"CVE-2009-1336\", \"CVE-2009-1337\", \"CVE-2009-1439\");\n script_bugtraq_id(33113, 33846, 33951, 34020, 34405, 34453, 34654, 34673);\n script_xref(name:\"DSA\", value:\"1794\");\n\n script_name(english:\"Debian DSA-1794-1 : linux-2.6 - denial of service/privilege escalation/information leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to denial of service, privilege escalation, or information\nleak. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems :\n\n - CVE-2008-4307\n Bryn M. Reeves reported a denial of service in the NFS\n filesystem. Local users can trigger a kernel BUG() due\n to a race condition in the do_setlk function.\n\n - CVE-2008-5395\n Helge Deller discovered a denial of service condition\n that allows local users on PA-RISC to crash the system\n by attempting to unwind a stack containing userspace\n addresses.\n\n - CVE-2008-5701\n Vlad Malov reported an issue on 64-bit MIPS where a\n local user could cause a system crash by crafting a\n malicious binary which makes o32 syscalls with a number\n less than 4000.\n\n - CVE-2008-5702\n Zvonimir Rakamaric reported an off-by-one error in the\n ib700wdt watchdog driver which allows local users to\n cause a buffer underflow by making a specially crafted\n WDIOC_SETTIMEOUT ioctl call.\n\n - CVE-2008-5713\n Flavio Leitner discovered that a local user can cause a\n denial of service by generating large amounts of traffic\n on a large SMP system, resulting in soft lockups.\n\n - CVE-2009-0028\n Chris Evans discovered a situation in which a child\n process can send an arbitrary signal to its parent.\n\n - CVE-2009-0029\n Christian Borntraeger discovered an issue effecting the\n alpha, mips, powerpc, s390 and sparc64 architectures\n that allows local users to cause a denial of service or\n potentially gain elevated privileges.\n\n - CVE-2009-0031\n Vegard Nossum discovered a memory leak in the keyctl\n subsystem that allows local users to cause a denial of\n service by consuming all available kernel memory.\n\n - CVE-2009-0065\n Wei Yongjun discovered a memory overflow in the SCTP\n implementation that can be triggered by remote users,\n permitting remote code execution.\n\n - CVE-2009-0322\n Pavel Roskin provided a fix for an issue in the dell_rbu\n driver that allows a local user to cause a denial of\n service (oops) by reading 0 bytes from a sysfs entry.\n\n - CVE-2009-0675\n Roel Kluin discovered inverted logic in the skfddi\n driver that permits local, unprivileged users to reset\n the driver statistics.\n\n - CVE-2009-0676\n Clement LECIGNE discovered a bug in the sock_getsockopt\n function that may result in leaking sensitive kernel\n memory.\n\n - CVE-2009-0834\n Roland McGrath discovered an issue on amd64 kernels that\n allows local users to circumvent system call audit\n configurations which filter based on the syscall numbers\n or argument details.\n\n - CVE-2009-0859\n Jiri Olsa discovered that a local user can cause a\n denial of service (system hang) using a SHM_INFO shmctl\n call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1192\n Shaohua Li reported an issue in the AGP subsystem that\n may allow local users to read sensitive kernel memory\n due to a leak of uninitialized memory.\n\n - CVE-2009-1265\n Thomas Pollet reported an overflow in the af_rose\n implementation that allows remote attackers to retrieve\n uninitialized kernel memory that may contain sensitive\n data.\n\n - CVE-2009-1336\n Trond Myklebust reported an issue in the encode_lookup()\n function in the nfs server subsystem that allows local\n users to cause a denial of service (oops in\n encode_lookup()) by use of a long filename.\n\n - CVE-2009-1337\n Oleg Nesterov discovered an issue in the exit_notify\n function that allows local users to send an arbitrary\n signal to a process by running a program that modifies\n the exit_signal field and then uses an exec system call\n to launch a setuid application.\n\n - CVE-2009-1439\n Pavan Naregundi reported an issue in the CIFS filesystem\n code that allows remote users to overwrite memory via a\n long nativeFileSystem field in a Tree Connect response\n during mount.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0675\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1794\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6, fai-kernels, and user-mode-linux packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-24etch2.\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or 'leap-frog' fashion.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"fai-kernels\", reference:\"1.17+etch.24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.18\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-alpha\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-arm\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-hppa\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-i386\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-ia64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mips\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mipsel\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-s390\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-sparc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390-tape\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.18\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.18\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.18\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.18-6\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.18\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"user-mode-linux\", reference:\"2.6.18-1um-2etch.24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:54:18", "description": "NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. (CVE-2008-4307)\n\nSparc syscalls did not correctly check mmap regions. A local attacker could cause a system panic, leading to a denial of service.\n(CVE-2008-6107)\n\nIn certain situations, cloned processes were able to send signals to parent processes, crossing privilege boundaries. A local attacker could send arbitrary signals to parent processes, leading to a denial of service. (CVE-2009-0028)\n\nThe 64-bit syscall interfaces did not correctly handle sign extension.\nA local attacker could make malicious syscalls, possibly gaining root privileges. The x86_64 architecture was not affected. (CVE-2009-0029)\n\nThe SCTP stack did not correctly validate FORWARD-TSN packets. A remote attacker could send specially crafted SCTP traffic causing a system crash, leading to a denial of service. (CVE-2009-0065)\n\nThe Dell platform device did not correctly validate user parameters. A local attacker could perform specially crafted reads to crash the system, leading to a denial of service. (CVE-2009-0322)\n\nNetwork interfaces statistics for the SysKonnect FDDI driver did not check capabilities. A local user could reset statistics, potentially interfering with packet accounting systems. (CVE-2009-0675)\n\nThe getsockopt function did not correctly clear certain parameters. A local attacker could read leaked kernel memory, leading to a loss of privacy. (CVE-2009-0676)\n\nThe syscall interface did not correctly validate parameters when crossing the 64-bit/32-bit boundary. A local attacker could bypass certain syscall restricts via crafted syscalls. (CVE-2009-0834, CVE-2009-0835)\n\nThe shared memory subsystem did not correctly handle certain shmctl calls when CONFIG_SHMEM was disabled. Ubuntu kernels were not vulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-752-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2008-6107", "CVE-2009-0028", "CVE-2009-0029", "CVE-2009-0065", "CVE-2009-0322", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.15-54", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:fglrx-control", "p-cpe:/a:canonical:ubuntu_linux:fglrx-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:linux", "p-cpe:/a:canonical:ubuntu_linux:linux-386", "p-cpe:/a:canonical:ubuntu_linux:linux-686", "p-cpe:/a:canonical:ubuntu_linux:linux-686-smp", "p-cpe:/a:canonical:ubuntu_linux:linux-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8-smp", "p-cpe:/a:canonical:ubuntu_linux:linux-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-386", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-686", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-server", "p-cpe:/a:canonical:ubuntu_linux:linux-doc", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-server", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-386", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-686", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-common", "p-cpe:/a:canonical:ubuntu_linux:linux-server", "p-cpe:/a:canonical:ubuntu_linux:linux-source", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:nvidia-legacy-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx", "p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx-dev", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-752-1.NASL", "href": "https://www.tenable.com/plugins/nessus/36418", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-752-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36418);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2008-6107\", \"CVE-2009-0028\", \"CVE-2009-0029\", \"CVE-2009-0065\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\");\n script_bugtraq_id(33113, 33846, 33948, 33951, 34020);\n script_xref(name:\"USN\", value:\"752-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-752-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"NFS did not correctly handle races between fcntl and interrupts. A\nlocal attacker on an NFS mount could consume unlimited kernel memory,\nleading to a denial of service. (CVE-2008-4307)\n\nSparc syscalls did not correctly check mmap regions. A local attacker\ncould cause a system panic, leading to a denial of service.\n(CVE-2008-6107)\n\nIn certain situations, cloned processes were able to send signals to\nparent processes, crossing privilege boundaries. A local attacker\ncould send arbitrary signals to parent processes, leading to a denial\nof service. (CVE-2009-0028)\n\nThe 64-bit syscall interfaces did not correctly handle sign extension.\nA local attacker could make malicious syscalls, possibly gaining root\nprivileges. The x86_64 architecture was not affected. (CVE-2009-0029)\n\nThe SCTP stack did not correctly validate FORWARD-TSN packets. A\nremote attacker could send specially crafted SCTP traffic causing a\nsystem crash, leading to a denial of service. (CVE-2009-0065)\n\nThe Dell platform device did not correctly validate user parameters. A\nlocal attacker could perform specially crafted reads to crash the\nsystem, leading to a denial of service. (CVE-2009-0322)\n\nNetwork interfaces statistics for the SysKonnect FDDI driver did not\ncheck capabilities. A local user could reset statistics, potentially\ninterfering with packet accounting systems. (CVE-2009-0675)\n\nThe getsockopt function did not correctly clear certain parameters. A\nlocal attacker could read leaked kernel memory, leading to a loss of\nprivacy. (CVE-2009-0676)\n\nThe syscall interface did not correctly validate parameters when\ncrossing the 64-bit/32-bit boundary. A local attacker could bypass\ncertain syscall restricts via crafted syscalls. (CVE-2009-0834,\nCVE-2009-0835)\n\nThe shared memory subsystem did not correctly handle certain shmctl\ncalls when CONFIG_SHMEM was disabled. Ubuntu kernels were not\nvulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/752-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.15-54\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-control\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-686-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-legacy-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-4307\", \"CVE-2008-6107\", \"CVE-2009-0028\", \"CVE-2009-0029\", \"CVE-2009-0065\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-752-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avm-fritz-firmware\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avm-fritz-firmware-2.6.15-54\", pkgver:\"3.11+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avm-fritz-kernel-source\", pkgver:\"3.11+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"fglrx-control\", pkgver:\"8.25.18+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"fglrx-kernel-source\", pkgver:\"8.25.18+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-386\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-686\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-686-smp\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-amd64-generic\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-amd64-k8\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-amd64-k8-smp\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-amd64-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-amd64-xeon\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-54-386\", pkgver:\"2.6.15-54.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-54-686\", pkgver:\"2.6.15-54.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-54-amd64-generic\", pkgver:\"2.6.15-54.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-54-amd64-k8\", pkgver:\"2.6.15-54.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-54-amd64-server\", pkgver:\"2.6.15-54.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-54-amd64-xeon\", pkgver:\"2.6.15-54.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-54-server\", pkgver:\"2.6.15-54.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-386\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-686\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-amd64-generic\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-amd64-k8\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-amd64-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-amd64-xeon\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-386\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-686\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-generic\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-k8\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-server\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-xeon\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-server\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-386\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-686\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-amd64-generic\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-amd64-k8\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-amd64-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-amd64-xeon\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-386\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-686\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-generic\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-k8\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-server\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-xeon\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-server\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-386\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-686\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-amd64-generic\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-amd64-k8\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-amd64-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-amd64-xeon\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-54-386\", pkgver:\"2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-54-686\", pkgver:\"2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-54-amd64-generic\", pkgver:\"2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-54-amd64-k8\", pkgver:\"2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-54-amd64-xeon\", pkgver:\"2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-386\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-686\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-amd64-generic\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-amd64-k8\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-amd64-xeon\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx\", pkgver:\"1.0.8776+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-dev\", pkgver:\"1.0.8776+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-legacy\", pkgver:\"1.0.7174+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-legacy-dev\", pkgver:\"1.0.7174+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-kernel-source\", pkgver:\"1.0.8776+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-legacy-kernel-source\", pkgver:\"1.0.7174+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"xorg-driver-fglrx\", pkgver:\"7.0.0-8.25.18+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"xorg-driver-fglrx-dev\", pkgver:\"7.0.0-8.25.18+2.6.15.12-54.5\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avm-fritz-firmware / avm-fritz-firmware-2.6.15-54 / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:01:54", "description": "Update to kernel 2.6.27.24:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.22 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.23 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.24 Includes ext4 bug fixes from Fedora 11. Updates the atl2 network driver to version 2.0.5\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-05-26T00:00:00", "type": "nessus", "title": "Fedora 10 : kernel-2.6.27.24-170.2.68.fc10 (2009-5356)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1242", "CVE-2009-1337", "CVE-2009-1439", "CVE-2009-1633"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-5356.NASL", "href": "https://www.tenable.com/plugins/nessus/38906", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-5356.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38906);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1242\", \"CVE-2009-1337\", \"CVE-2009-1439\", \"CVE-2009-1633\");\n script_bugtraq_id(34405, 34453, 34612);\n script_xref(name:\"FEDORA\", value:\"2009-5356\");\n\n script_name(english:\"Fedora 10 : kernel-2.6.27.24-170.2.68.fc10 (2009-5356)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to kernel 2.6.27.24:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.22\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.23\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.24\nIncludes ext4 bug fixes from Fedora 11. Updates the atl2 network\ndriver to version 2.0.5\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.22\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ba7d6425\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.23\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4faa1f7f\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.24\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5f5b64f7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=493771\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=494275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=496572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=502109\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-May/024027.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3a46328f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"kernel-2.6.27.24-170.2.68.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:15:05", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nThe exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n(CVE-2009-1337)\n\nThe selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue fixed in 2.6.27.21. (CVE-2009-1184)\n\ndrivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 does not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. (CVE-2009-1192)\n\nInteger overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes garbage memory to be sent. (CVE-2009-1265)\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2010-07-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2009:119)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1184", "CVE-2009-1192", "CVE-2009-1265", "CVE-2009-1337"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-server-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hso-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-server-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-server-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-server-latest", "p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:nouveau-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nouveau-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nouveau-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-server-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "cpe:/o:mandriva:linux:2009.1"], "id": "MANDRIVA_MDVSA-2009-119.NASL", "href": "https://www.tenable.com/plugins/nessus/48145", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:119. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48145);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-1184\", \"CVE-2009-1192\", \"CVE-2009-1265\", \"CVE-2009-1337\");\n script_bugtraq_id(34405, 34654, 34673);\n script_xref(name:\"MDVSA\", value:\"2009:119\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2009:119)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nThe exit_notify function in kernel/exit.c in the Linux kernel before\n2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability\nis held, which allows local users to send an arbitrary signal to a\nprocess by running a program that modifies the exit_signal field and\nthen uses an exec system call to launch a setuid application.\n(CVE-2009-1337)\n\nThe selinux_ip_postroute_iptables_compat function in\nsecurity/selinux/hooks.c in the SELinux subsystem in the Linux kernel\nbefore 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is\nenabled, omits calls to avc_has_perm for the (1) node and (2) port,\nwhich allows local users to bypass intended restrictions on network\ntraffic. NOTE: this was incorrectly reported as an issue fixed in\n2.6.27.21. (CVE-2009-1184)\n\ndrivers/char/agp/generic.c in the agp subsystem in the Linux kernel\nbefore 2.6.30-rc3 does not zero out pages that may later be available\nto a user-space process, which allows local users to obtain sensitive\ninformation by reading these pages. (CVE-2009-1192)\n\nInteger overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux\nkernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow\nremote attackers to obtain sensitive information via a large length\nvalue, which causes garbage memory to be sent. (CVE-2009-1265)\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nouveau-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nouveau-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nouveau-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.1\", reference:\"alsa_raoppcm-kernel-2.6.29.3-desktop-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-2.6.29.3-desktop586-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"alsa_raoppcm-kernel-2.6.29.3-server-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20090515.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20090515.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"alsa_raoppcm-kernel-server-latest-0.5.1-1.20090515.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"broadcom-wl-kernel-2.6.29.3-desktop-1mnb-5.10.79.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"broadcom-wl-kernel-2.6.29.3-desktop586-1mnb-5.10.79.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"broadcom-wl-kernel-2.6.29.3-server-1mnb-5.10.79.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"broadcom-wl-kernel-desktop-latest-5.10.79.10-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"broadcom-wl-kernel-desktop586-latest-5.10.79.10-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"broadcom-wl-kernel-server-latest-5.10.79.10-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"em8300-kernel-2.6.29.3-desktop-1mnb-0.17.2-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"em8300-kernel-2.6.29.3-desktop586-1mnb-0.17.2-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"em8300-kernel-2.6.29.3-server-1mnb-0.17.2-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"em8300-kernel-desktop-latest-0.17.2-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"em8300-kernel-desktop586-latest-0.17.2-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"em8300-kernel-server-latest-0.17.2-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.29.3-desktop-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.29.3-desktop586-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.29.3-server-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20090515.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20090515.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20090515.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"fglrx-kernel-2.6.29.3-desktop-1mnb-8.600-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.29.3-desktop586-1mnb-8.600-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"fglrx-kernel-2.6.29.3-server-1mnb-8.600-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"fglrx-kernel-desktop-latest-8.600-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.600-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"fglrx-kernel-server-latest-8.600-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.29.3-desktop-1mnb-1.18-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.29.3-desktop586-1mnb-1.18-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.29.3-server-1mnb-1.18-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop-latest-1.18-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop586-latest-1.18-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-server-latest-1.18-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hsfmodem-kernel-2.6.29.3-desktop-1mnb-7.80.02.03-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.29.3-desktop586-1mnb-7.80.02.03-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hsfmodem-kernel-2.6.29.3-server-1mnb-7.80.02.03-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hsfmodem-kernel-desktop-latest-7.80.02.03-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.80.02.03-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hsfmodem-kernel-server-latest-7.80.02.03-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hso-kernel-2.6.29.3-desktop-1mnb-1.2-3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hso-kernel-2.6.29.3-desktop586-1mnb-1.2-3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hso-kernel-2.6.29.3-server-1mnb-1.2-3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hso-kernel-desktop-latest-1.2-1.20090515.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hso-kernel-desktop586-latest-1.2-1.20090515.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hso-kernel-server-latest-1.2-1.20090515.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-desktop-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-desktop-devel-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-desktop-devel-latest-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-desktop-latest-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-doc-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-server-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-server-devel-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-server-devel-latest-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-server-latest-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-source-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-source-latest-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kqemu-kernel-2.6.29.3-desktop-1mnb-1.4.0pre1-4\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kqemu-kernel-2.6.29.3-desktop586-1mnb-1.4.0pre1-4\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kqemu-kernel-2.6.29.3-server-1mnb-1.4.0pre1-4\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kqemu-kernel-desktop-latest-1.4.0pre1-1.20090515.4\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kqemu-kernel-desktop586-latest-1.4.0pre1-1.20090515.4\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kqemu-kernel-server-latest-1.4.0pre1-1.20090515.4\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"libafs-kernel-2.6.29.3-desktop-1mnb-1.4.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libafs-kernel-2.6.29.3-desktop586-1mnb-1.4.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"libafs-kernel-2.6.29.3-server-1mnb-1.4.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"libafs-kernel-desktop-latest-1.4.10-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libafs-kernel-desktop586-latest-1.4.10-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"libafs-kernel-server-latest-1.4.10-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lirc-kernel-2.6.29.3-desktop-1mnb-0.8.5-0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"lirc-kernel-2.6.29.3-desktop586-1mnb-0.8.5-0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lirc-kernel-2.6.29.3-server-1mnb-0.8.5-0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lirc-kernel-desktop-latest-0.8.5-1.20090515.0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.5-1.20090515.0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lirc-kernel-server-latest-0.8.5-1.20090515.0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lzma-kernel-2.6.29.3-desktop-1mnb-4.43-27mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"lzma-kernel-2.6.29.3-desktop586-1mnb-4.43-27mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lzma-kernel-2.6.29.3-server-1mnb-4.43-27mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lzma-kernel-desktop-latest-4.43-1.20090515.27mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20090515.27mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lzma-kernel-server-latest-4.43-1.20090515.27mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"madwifi-kernel-2.6.29.3-desktop-1mnb-0.9.4-4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.29.3-desktop586-1mnb-0.9.4-4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"madwifi-kernel-2.6.29.3-server-1mnb-0.9.4-4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"madwifi-kernel-desktop-latest-0.9.4-1.20090515.4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.4-1.20090515.4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"madwifi-kernel-server-latest-0.9.4-1.20090515.4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"netfilter-rtsp-kernel-2.6.29.3-desktop-1mnb-2.6.26-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"netfilter-rtsp-kernel-2.6.29.3-desktop586-1mnb-2.6.26-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"netfilter-rtsp-kernel-2.6.29.3-server-1mnb-2.6.26-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"netfilter-rtsp-kernel-desktop-latest-2.6.26-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"netfilter-rtsp-kernel-desktop586-latest-2.6.26-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"netfilter-rtsp-kernel-server-latest-2.6.26-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nouveau-kernel-2.6.29.3-desktop-1mnb-0.0.12-0.20090329.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nouveau-kernel-2.6.29.3-desktop586-1mnb-0.0.12-0.20090329.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nouveau-kernel-2.6.29.3-server-1mnb-0.0.12-0.20090329.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nouveau-kernel-desktop-latest-0.0.12-1.20090515.0.20090329.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nouveau-kernel-desktop586-latest-0.0.12-1.20090515.0.20090329.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nouveau-kernel-server-latest-0.0.12-1.20090515.0.20090329.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia-current-kernel-2.6.29.3-desktop-1mnb-180.51-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.29.3-desktop586-1mnb-180.51-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia-current-kernel-2.6.29.3-server-1mnb-180.51-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia-current-kernel-desktop-latest-180.51-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-180.51-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia-current-kernel-server-latest-180.51-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia173-kernel-2.6.29.3-desktop-1mnb-173.14.18-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia173-kernel-2.6.29.3-desktop586-1mnb-173.14.18-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia173-kernel-2.6.29.3-server-1mnb-173.14.18-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia173-kernel-desktop-latest-173.14.18-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia173-kernel-desktop586-latest-173.14.18-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia173-kernel-server-latest-173.14.18-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia96xx-kernel-2.6.29.3-desktop-1mnb-96.43.11-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.29.3-desktop586-1mnb-96.43.11-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia96xx-kernel-2.6.29.3-server-1mnb-96.43.11-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.11-1.20090515.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.11-1.20090515.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia96xx-kernel-server-latest-96.43.11-1.20090515.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"opencbm-kernel-2.6.29.3-desktop-1mnb-0.4.2a-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"opencbm-kernel-2.6.29.3-desktop586-1mnb-0.4.2a-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"opencbm-kernel-2.6.29.3-server-1mnb-0.4.2a-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"opencbm-kernel-desktop-latest-0.4.2a-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"opencbm-kernel-desktop586-latest-0.4.2a-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"opencbm-kernel-server-latest-0.4.2a-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"rt2870-kernel-2.6.29.3-desktop-1mnb-1.4.0.0-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"rt2870-kernel-2.6.29.3-desktop586-1mnb-1.4.0.0-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"rt2870-kernel-2.6.29.3-server-1mnb-1.4.0.0-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"rt2870-kernel-desktop-latest-1.4.0.0-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"rt2870-kernel-desktop586-latest-1.4.0.0-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"rt2870-kernel-server-latest-1.4.0.0-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.29.3-desktop-1mnb-2.9.11-0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.29.3-desktop586-1mnb-2.9.11-0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.29.3-server-1mnb-2.9.11-0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20090515.0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20090515.0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20090515.0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-kernel-2.6.29.3-desktop-1mnb-3.4-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"squashfs-kernel-2.6.29.3-desktop586-1mnb-3.4-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-kernel-2.6.29.3-server-1mnb-3.4-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-kernel-desktop-latest-3.4-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"squashfs-kernel-desktop586-latest-3.4-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-kernel-server-latest-3.4-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-lzma-kernel-2.6.29.3-desktop-1mnb-3.3-10mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.29.3-desktop586-1mnb-3.3-10mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-lzma-kernel-2.6.29.3-server-1mnb-3.3-10mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20090515.10mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20090515.10mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20090515.10mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"syntek-kernel-2.6.29.3-desktop-1mnb-1.3.1-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"syntek-kernel-2.6.29.3-desktop586-1mnb-1.3.1-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"syntek-kernel-2.6.29.3-server-1mnb-1.3.1-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"syntek-kernel-desktop-latest-1.3.1-1.20090515.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"syntek-kernel-desktop586-latest-1.3.1-1.20090515.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"syntek-kernel-server-latest-1.3.1-1.20090515.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tp_smapi-kernel-2.6.29.3-desktop-1mnb-0.40-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"tp_smapi-kernel-2.6.29.3-desktop586-1mnb-0.40-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tp_smapi-kernel-2.6.29.3-server-1mnb-0.40-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tp_smapi-kernel-desktop-latest-0.40-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"tp_smapi-kernel-desktop586-latest-0.40-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tp_smapi-kernel-server-latest-0.40-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vboxadditions-kernel-2.6.29.3-desktop-1mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vboxadditions-kernel-2.6.29.3-desktop586-1mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vboxadditions-kernel-2.6.29.3-server-1mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vboxadditions-kernel-desktop-latest-2.2.0-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vboxadditions-kernel-desktop586-latest-2.2.0-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vboxadditions-kernel-server-latest-2.2.0-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vhba-kernel-2.6.29.3-desktop-1mnb-1.2.1-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vhba-kernel-2.6.29.3-desktop586-1mnb-1.2.1-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vhba-kernel-2.6.29.3-server-1mnb-1.2.1-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vhba-kernel-desktop-latest-1.2.1-1.20090519.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vhba-kernel-desktop586-latest-1.2.1-1.20090519.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vhba-kernel-server-latest-1.2.1-1.20090519.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"virtualbox-kernel-2.6.29.3-desktop-1mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.29.3-desktop586-1mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"virtualbox-kernel-2.6.29.3-server-1mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"virtualbox-kernel-desktop-latest-2.2.0-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-2.2.0-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"virtualbox-kernel-server-latest-2.2.0-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vpnclient-kernel-2.6.29.3-desktop-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.29.3-desktop586-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vpnclient-kernel-2.6.29.3-server-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20090515.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20090515.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20090515.3mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T15:01:13", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, privilege escalation or a sensitive memory leak. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-0028 Chris Evans discovered a situation in which a child process can send an arbitrary signal to its parent.\n\n - CVE-2009-0834 Roland McGrath discovered an issue on amd64 kernels that allows local users to circumvent system call audit configurations which filter based on the syscall numbers or argument details.\n\n - CVE-2009-0835 Roland McGrath discovered an issue on amd64 kernels with CONFIG_SECCOMP enabled. By making a specially crafted syscall, local users can bypass access restrictions.\n\n - CVE-2009-0859 Jiri Olsa discovered that a local user can cause a denial of service (system hang) using a SHM_INFO shmctl call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1046 Mikulas Patocka reported an issue in the console subsystem that allows a local user to cause memory corruption by selecting a small number of 3-byte UTF-8 characters.\n\n - CVE-2009-1072 Igor Zhbanov reported that nfsd was not properly dropping CAP_MKNOD, allowing users to create device nodes on file systems exported with root_squash.\n\n - CVE-2009-1184 Dan Carpenter reported a coding issue in the selinux subsystem that allows local users to bypass certain networking checks when running with compat_net=1.\n\n - CVE-2009-1192 Shaohua Li reported an issue in the AGP subsystem they may allow local users to read sensitive kernel memory due to a leak of uninitialized memory.\n\n - CVE-2009-1242 Benjamin Gilbert reported a local denial of service vulnerability in the KVM VMX implementation that allows local users to trigger an oops.\n\n - CVE-2009-1265 Thomas Pollet reported an overflow in the af_rose implementation that allows remote attackers to retrieve uninitialized kernel memory that may contain sensitive data.\n\n - CVE-2009-1337 Oleg Nesterov discovered an issue in the exit_notify function that allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\n - CVE-2009-1338 Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to reach processes outside of the current process namespace.\n\n - CVE-2009-1439 Pavan Naregundi reported an issue in the CIFS filesystem code that allows remote users to overwrite memory via a long nativeFileSystem field in a Tree Connect response during mount.", "cvss3": {}, "published": "2009-05-18T00:00:00", "type": "nessus", "title": "Debian DSA-1800-1 : linux-2.6 - denial of service/privilege escalation/sensitive memory leak", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0028", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1046", "CVE-2009-1072", "CVE-2009-1184", "CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1338", "CVE-2009-1439"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1800.NASL", "href": "https://www.tenable.com/plugins/nessus/38795", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1800. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38795);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-0028\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1046\", \"CVE-2009-1072\", \"CVE-2009-1184\", \"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1338\", \"CVE-2009-1439\");\n script_bugtraq_id(33672, 33948, 33951, 34020, 34205, 34405, 34453, 34654, 34673);\n script_xref(name:\"DSA\", value:\"1800\");\n\n script_name(english:\"Debian DSA-1800-1 : linux-2.6 - denial of service/privilege escalation/sensitive memory leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, privilege escalation or a sensitive\nmemory leak. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2009-0028\n Chris Evans discovered a situation in which a child\n process can send an arbitrary signal to its parent.\n\n - CVE-2009-0834\n Roland McGrath discovered an issue on amd64 kernels that\n allows local users to circumvent system call audit\n configurations which filter based on the syscall numbers\n or argument details.\n\n - CVE-2009-0835\n Roland McGrath discovered an issue on amd64 kernels with\n CONFIG_SECCOMP enabled. By making a specially crafted\n syscall, local users can bypass access restrictions.\n\n - CVE-2009-0859\n Jiri Olsa discovered that a local user can cause a\n denial of service (system hang) using a SHM_INFO shmctl\n call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1046\n Mikulas Patocka reported an issue in the console\n subsystem that allows a local user to cause memory\n corruption by selecting a small number of 3-byte UTF-8\n characters.\n\n - CVE-2009-1072\n Igor Zhbanov reported that nfsd was not properly\n dropping CAP_MKNOD, allowing users to create device\n nodes on file systems exported with root_squash.\n\n - CVE-2009-1184\n Dan Carpenter reported a coding issue in the selinux\n subsystem that allows local users to bypass certain\n networking checks when running with compat_net=1.\n\n - CVE-2009-1192\n Shaohua Li reported an issue in the AGP subsystem they\n may allow local users to read sensitive kernel memory\n due to a leak of uninitialized memory.\n\n - CVE-2009-1242\n Benjamin Gilbert reported a local denial of service\n vulnerability in the KVM VMX implementation that allows\n local users to trigger an oops.\n\n - CVE-2009-1265\n Thomas Pollet reported an overflow in the af_rose\n implementation that allows remote attackers to retrieve\n uninitialized kernel memory that may contain sensitive\n data.\n\n - CVE-2009-1337\n Oleg Nesterov discovered an issue in the exit_notify\n function that allows local users to send an arbitrary\n signal to a process by running a program that modifies\n the exit_signal field and then uses an exec system call\n to launch a setuid application.\n\n - CVE-2009-1338\n Daniel Hokka Zakrisson discovered that a kill(-1) is\n permitted to reach processes outside of the current\n process namespace.\n\n - CVE-2009-1439\n Pavan Naregundi reported an issue in the CIFS filesystem\n code that allows remote users to overwrite memory via a\n long nativeFileSystem field in a Tree Connect response\n during mount.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0835\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1072\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1800\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6 and user-mode-linux packages.\n\nFor the oldstable distribution (etch), these problems, where\napplicable, will be fixed in future updates to linux-2.6 and\nlinux-2.6.24.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.6.26-15lenny2.\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or 'leap-frog' fashion.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 20, 119, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"linux-doc-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-486\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-4kc-malta\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-5kc-malta\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-686-bigmem\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-alpha\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-arm\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-armel\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-hppa\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-i386\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-ia64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-mips\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-mipsel\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-s390\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-sparc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-generic\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-legacy\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-openvz\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-vserver\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-xen\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-footbridge\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-iop32x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-itanium\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-ixp4xx\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-mckinley\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-openvz-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-openvz-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-orion5x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc64-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-r4k-ip22\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-r5k-cobalt\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-r5k-ip32\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-s390\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-s390x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sb1-bcm91250a\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sb1a-bcm91480b\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sparc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sparc64-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-versatile\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-686-bigmem\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-itanium\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-mckinley\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-powerpc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-s390x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-sparc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-xen-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-xen-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-486\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-4kc-malta\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-5kc-malta\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-686-bigmem\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-alpha-legacy\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-alpha-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-footbridge\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-iop32x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-itanium\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-ixp4xx\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-mckinley\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-openvz-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-openvz-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-orion5x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc64-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-r4k-ip22\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-r5k-cobalt\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-r5k-ip32\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-s390\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-s390-tape\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-s390x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sb1-bcm91250a\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sb1a-bcm91480b\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sparc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sparc64-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-versatile\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-686-bigmem\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-itanium\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-mckinley\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-powerpc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-s390x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-sparc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-xen-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-xen-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-libc-dev\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-manual-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-modules-2.6.26-2-xen-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-modules-2.6.26-2-xen-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-patch-debian-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-source-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-support-2.6.26-2\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-tree-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"user-mode-linux\", reference:\"2.6.26-1um-2+15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xen-linux-system-2.6.26-2-xen-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xen-linux-system-2.6.26-2-xen-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:03:25", "description": "This kernel update for openSUSE 10.3 fixes some bugs and several security problems.\n\nThe following security issues are fixed: A local denial of service problem in the splice(2) system call.\n\nCVE-2009-0834: The audit_syscall_entry function in the Linux kernel on the x86_64 platform did not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls.\n\nCVE-2009-1072: nfsd in the Linux kernel did not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.\n\nCVE-2009-0835 The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod.\n\nCVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.\n\nThis requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.\n\nCVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\nCVE-2009-0859: The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program. (SUSE is enabling CONFIG_SHMEM, so is by default not affected, the fix is just for completeness).\n\nCVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent.\n\nCVE-2009-0028: The clone system call in the Linux kernel allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit.\n\nCVE-2009-0676: The sock_getsockopt function in net/core/sock.c in the Linux kernel does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request.\n\nCVE-2009-0322: drivers/firmware/dell_rbu.c in the Linux kernel allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/.\n\nCVE-2009-0269: fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.\n\nCVE-2009-0065: Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-4554: The do_splice_from function in fs/splice.c in the Linux kernel does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.\n\nSome other non-security bugs were fixed, please see the RPM changelog.", "cvss3": {}, "published": "2009-06-09T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : kernel (kernel-6274)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4554", "CVE-2008-5702", "CVE-2009-0028", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1072", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1439"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-bigsmp", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xenpae", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_KERNEL-6274.NASL", "href": "https://www.tenable.com/plugins/nessus/39335", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-6274.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39335);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4554\", \"CVE-2008-5702\", \"CVE-2009-0028\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0676\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1072\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1439\");\n\n script_name(english:\"openSUSE 10 Security Update : kernel (kernel-6274)\");\n script_summary(english:\"Check for the kernel-6274 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update for openSUSE 10.3 fixes some bugs and several\nsecurity problems.\n\nThe following security issues are fixed: A local denial of service\nproblem in the splice(2) system call.\n\nCVE-2009-0834: The audit_syscall_entry function in the Linux kernel on\nthe x86_64 platform did not properly handle (1) a 32-bit process\nmaking a 64-bit syscall or (2) a 64-bit process making a 32-bit\nsyscall, which allows local users to bypass certain syscall audit\nconfigurations via crafted syscalls.\n\nCVE-2009-1072: nfsd in the Linux kernel did not drop the CAP_MKNOD\ncapability before handling a user request in a thread, which allows\nlocal users to create device nodes, as demonstrated on a filesystem\nthat has been exported with the root_squash option.\n\nCVE-2009-0835 The __secure_computing function in kernel/seccomp.c in\nthe seccomp subsystem in the Linux kernel on the x86_64 platform, when\nCONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit\nprocess making a 64-bit syscall or (2) a 64-bit process making a\n32-bit syscall, which allows local users to bypass intended access\nrestrictions via crafted syscalls that are misinterpreted as (a) stat\nor (b) chmod.\n\nCVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the\nLinux kernel 2.6.29 and earlier allows remote attackers to cause a\ndenial of service (crash) or potential code execution via a long\nnativeFileSystem field in a Tree Connect response to an SMB mount\nrequest.\n\nThis requires that kernel can be made to mount a 'cifs' filesystem\nfrom a malicious CIFS server.\n\nCVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux\nkernel did not restrict exit signals when the CAP_KILL capability is\nheld, which allows local users to send an arbitrary signal to a\nprocess by running a program that modifies the exit_signal field and\nthen uses an exec system call to launch a setuid application.\n\nCVE-2009-0859: The shm_get_stat function in ipc/shm.c in the shm\nsubsystem in the Linux kernel, when CONFIG_SHMEM is disabled,\nmisinterprets the data type of an inode, which allows local users to\ncause a denial of service (system hang) via an SHM_INFO shmctl call,\nas demonstrated by running the ipcs program. (SUSE is enabling\nCONFIG_SHMEM, so is by default not affected, the fix is just for\ncompleteness).\n\nCVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in\nthe Linux kernel might allow attackers to obtain sensitive information\nvia a large length value, which causes 'garbage' memory to be sent.\n\nCVE-2009-0028: The clone system call in the Linux kernel allows local\nusers to send arbitrary signals to a parent process from an\nunprivileged child process by launching an additional child process\nwith the CLONE_PARENT flag, and then letting this new process exit.\n\nCVE-2009-0676: The sock_getsockopt function in net/core/sock.c in the\nLinux kernel does not initialize a certain structure member, which\nallows local users to obtain potentially sensitive information from\nkernel memory via an SO_BSDCOMPAT getsockopt request.\n\nCVE-2009-0322: drivers/firmware/dell_rbu.c in the Linux kernel allows\nlocal users to cause a denial of service (system crash) via a read\nsystem call that specifies zero bytes from the (1) image_type or (2)\npacket_size file in /sys/devices/platform/dell_rbu/.\n\nCVE-2009-0269: fs/ecryptfs/inode.c in the eCryptfs subsystem in the\nLinux kernel allows local users to cause a denial of service (fault or\nmemory corruption), or possibly have unspecified other impact, via a\nreadlink call that results in an error, leading to use of a -1 return\nvalue as an array index.\n\nCVE-2009-0065: Buffer overflow in net/sctp/sm_statefuns.c in the\nStream Control Transmission Protocol (sctp) implementation in the\nLinux kernel allows remote attackers to have an unknown impact via an\nFWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in\ndrivers/watchdog/ib700wdt.c in the Linux kernel might allow local\nusers to have an unknown impact via a certain /dev/watchdog\nWDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-4554: The do_splice_from function in fs/splice.c in the Linux\nkernel does not reject file descriptors that have the O_APPEND flag\nset, which allows local users to bypass append mode and make arbitrary\nchanges to other locations in the file.\n\nSome other non-security bugs were fixed, please see the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xenpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-bigsmp-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-debug-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-default-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-source-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-syms-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xen-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xenpae-2.6.22.19-0.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-bigsmp / kernel-debug / kernel-default / kernel-source / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-21T14:26:10", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-4307 Bryn M. Reeves reported a denial of service in the NFS filesystem. Local users can trigger a kernel BUG() due to a race condition in the do_setlk function.\n\n - CVE-2008-5079 Hugo Dias reported a DoS condition in the ATM subsystem that can be triggered by a local user by calling the svc_listen function twice on the same socket and reading /proc/net/atm/*vc.\n\n - CVE-2008-5395 Helge Deller discovered a denial of service condition that allows local users on PA-RISC systems to crash a system by attempting to unwind a stack containing userspace addresses.\n\n - CVE-2008-5700 Alan Cox discovered a lack of minimum timeouts on SG_IO requests, which allows local users of systems using ATA to cause a denial of service by forcing drives into PIO mode.\n\n - CVE-2008-5701 Vlad Malov reported an issue on 64-bit MIPS systems where a local user could cause a system crash by crafing a malicious binary which makes o32 syscalls with a number less than 4000.\n\n - CVE-2008-5702 Zvonimir Rakamaric reported an off-by-one error in the ib700wdt watchdog driver which allows local users to cause a buffer underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl call.\n\n - CVE-2009-0028 Chris Evans discovered a situation in which a child process can send an arbitrary signal to its parent.\n\n - CVE-2009-0029 Christian Borntraeger discovered an issue effecting the alpha, mips, powerpc, s390 and sparc64 architectures that allows local users to cause a denial of service or potentially gain elevated privileges.\n\n - CVE-2009-0031 Vegard Nossum discovered a memory leak in the keyctl subsystem that allows local users to cause a denial of service by consuming all of kernel memory.\n\n - CVE-2009-0065 Wei Yongjun discovered a memory overflow in the SCTP implementation that can be triggered by remote users, permitting remote code execution.\n\n - CVE-2009-0269 Duane Griffin provided a fix for an issue in the eCryptfs subsystem which allows local users to cause a denial of service (fault or memory corruption).\n\n - CVE-2009-0322 Pavel Roskin provided a fix for an issue in the dell_rbu driver that allows a local user to cause a denial of service (oops) by reading 0 bytes from a sysfs entry.\n\n - CVE-2009-0675 Roel Kluin discovered inverted logic in the skfddi driver that permits local, unprivileged users to reset the driver statistics.\n\n - CVE-2009-0676 Clement LECIGNE discovered a bug in the sock_getsockopt function that may result in leaking sensitive kernel memory.\n\n - CVE-2009-0745 Peter Kerwien discovered an issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) during a resize operation.\n\n - CVE-2009-0834 Roland McGrath discovered an issue on amd64 kernels that allows local users to circumvent system call audit configurations which filter based on the syscall numbers or argument details.\n\n - CVE-2009-0859 Jiri Olsa discovered that a local user can cause a denial of service (system hang) using a SHM_INFO shmctl call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1046 Mikulas Patocka reported an issue in the console subsystem that allows a local user to cause memory corruption by selecting a small number of 3-byte UTF-8 characters.\n\n - CVE-2009-1192 Shaohua Li reported an issue in the AGP subsystem that may allow local users to read sensitive kernel memory due to a leak of uninitialized memory.\n\n - CVE-2009-1242 Benjamin Gilbert reported a local denial of service vulnerability in the KVM VMX implementation that allows local users to trigger an oops.\n\n - CVE-2009-1265 Thomas Pollet reported an overflow in the af_rose implementation that allows remote attackers to retrieve uninitialized kernel memory that may contain sensitive data.\n\n - CVE-2009-1337 Oleg Nesterov discovered an issue in the exit_notify function that allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\n - CVE-2009-1338 Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to reach processes outside of the current process namespace.\n\n - CVE-2009-1439 Pavan Naregundi reported an issue in the CIFS filesystem code that allows remote users to overwrite memory via a long nativeFileSystem field in a Tree Connect response during mount.", "cvss3": {}, "published": "2009-05-04T00:00:00", "type": "nessus", "title": "Debian DSA-1787-1 : linux-2.6.24 - denial of service/privilege escalation/information leak", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2008-5079", "CVE-2008-5395", "CVE-2008-5700", "CVE-2008-5701", "CVE-2008-5702", "CVE-2009-0028", "CVE-2009-0029", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0745", "CVE-2009-0834", "CVE-2009-0859", "CVE-2009-1046", "CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1338", "CVE-2009-1439"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6.24", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1787.NASL", "href": "https://www.tenable.com/plugins/nessus/38668", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1787. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38668);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2008-5079\", \"CVE-2008-5395\", \"CVE-2008-5700\", \"CVE-2008-5701\", \"CVE-2008-5702\", \"CVE-2009-0028\", \"CVE-2009-0029\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0745\", \"CVE-2009-0834\", \"CVE-2009-0859\", \"CVE-2009-1046\", \"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1338\", \"CVE-2009-1439\");\n script_bugtraq_id(32676, 33113, 33672, 33846, 33951, 34020, 34405, 34453, 34654, 34673);\n script_xref(name:\"DSA\", value:\"1787\");\n\n script_name(english:\"Debian DSA-1787-1 : linux-2.6.24 - denial of service/privilege escalation/information leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2008-4307\n Bryn M. Reeves reported a denial of service in the NFS\n filesystem. Local users can trigger a kernel BUG() due\n to a race condition in the do_setlk function.\n\n - CVE-2008-5079\n Hugo Dias reported a DoS condition in the ATM subsystem\n that can be triggered by a local user by calling the\n svc_listen function twice on the same socket and reading\n /proc/net/atm/*vc.\n\n - CVE-2008-5395\n Helge Deller discovered a denial of service condition\n that allows local users on PA-RISC systems to crash a\n system by attempting to unwind a stack containing\n userspace addresses.\n\n - CVE-2008-5700\n Alan Cox discovered a lack of minimum timeouts on SG_IO\n requests, which allows local users of systems using ATA\n to cause a denial of service by forcing drives into PIO\n mode.\n\n - CVE-2008-5701\n Vlad Malov reported an issue on 64-bit MIPS systems\n where a local user could cause a system crash by crafing\n a malicious binary which makes o32 syscalls with a\n number less than 4000.\n\n - CVE-2008-5702\n Zvonimir Rakamaric reported an off-by-one error in the\n ib700wdt watchdog driver which allows local users to\n cause a buffer underflow by making a specially crafted\n WDIOC_SETTIMEOUT ioctl call.\n\n - CVE-2009-0028\n Chris Evans discovered a situation in which a child\n process can send an arbitrary signal to its parent.\n\n - CVE-2009-0029\n Christian Borntraeger discovered an issue effecting the\n alpha, mips, powerpc, s390 and sparc64 architectures\n that allows local users to cause a denial of service or\n potentially gain elevated privileges.\n\n - CVE-2009-0031\n Vegard Nossum discovered a memory leak in the keyctl\n subsystem that allows local users to cause a denial of\n service by consuming all of kernel memory.\n\n - CVE-2009-0065\n Wei Yongjun discovered a memory overflow in the SCTP\n implementation that can be triggered by remote users,\n permitting remote code execution.\n\n - CVE-2009-0269\n Duane Griffin provided a fix for an issue in the\n eCryptfs subsystem which allows local users to cause a\n denial of service (fault or memory corruption).\n\n - CVE-2009-0322\n Pavel Roskin provided a fix for an issue in the dell_rbu\n driver that allows a local user to cause a denial of\n service (oops) by reading 0 bytes from a sysfs entry.\n\n - CVE-2009-0675\n Roel Kluin discovered inverted logic in the skfddi\n driver that permits local, unprivileged users to reset\n the driver statistics.\n\n - CVE-2009-0676\n Clement LECIGNE discovered a bug in the sock_getsockopt\n function that may result in leaking sensitive kernel\n memory.\n\n - CVE-2009-0745\n Peter Kerwien discovered an issue in the ext4 filesystem\n that allows local users to cause a denial of service\n (kernel oops) during a resize operation.\n\n - CVE-2009-0834\n Roland McGrath discovered an issue on amd64 kernels that\n allows local users to circumvent system call audit\n configurations which filter based on the syscall numbers\n or argument details.\n\n - CVE-2009-0859\n Jiri Olsa discovered that a local user can cause a\n denial of service (system hang) using a SHM_INFO shmctl\n call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1046\n Mikulas Patocka reported an issue in the console\n subsystem that allows a local user to cause memory\n corruption by selecting a small number of 3-byte UTF-8\n characters.\n\n - CVE-2009-1192\n Shaohua Li reported an issue in the AGP subsystem that\n may allow local users to read sensitive kernel memory\n due to a leak of uninitialized memory.\n\n - CVE-2009-1242\n Benjamin Gilbert reported a local denial of service\n vulnerability in the KVM VMX implementation that allows\n local users to trigger an oops.\n\n - CVE-2009-1265\n Thomas Pollet reported an overflow in the af_rose\n implementation that allows remote attackers to retrieve\n uninitialized kernel memory that may contain sensitive\n data.\n\n - CVE-2009-1337\n Oleg Nesterov discovered an issue in the exit_notify\n function that allows local users to send an arbitrary\n signal to a process by running a program that modifies\n the exit_signal field and then uses an exec system call\n to launch a setuid application.\n\n - CVE-2009-1338\n Daniel Hokka Zakrisson discovered that a kill(-1) is\n permitted to reach processes outside of the current\n process namespace.\n\n - CVE-2009-1439\n Pavan Naregundi reported an issue in the CIFS filesystem\n code that allows remote users to overwrite memory via a\n long nativeFileSystem field in a Tree Connect response\n during mount.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5079\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0269\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0675\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1787\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6.24 packages.\n\nFor the oldstable distribution (etch), these problems have been fixed\nin version 2.6.24-6~etchnhalf.8etch1.\n\nNote: Debian 'etch' includes linux kernel packages based upon both the\n2.6.18 and 2.6.24 linux releases. All known security issues are\ncarefully tracked against both packages and both packages will receive\nsecurity updates until security support for Debian 'etch' concludes.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, lower severity 2.6.18 and 2.6.24 updates will\ntypically release in a staggered or 'leap-frog' fashion.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-alpha\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-amd64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-arm\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-hppa\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-i386\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-ia64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mips\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mipsel\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-powerpc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-s390\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-sparc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-common\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r4k-ip22\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-ip32\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r4k-ip22\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-ip32\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390-tape\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.24-etchnhalf.1\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-13T14:59:28", "description": "Igor Zhbanov discovered that NFS clients were able to create device nodes even when root_squash was enabled. An authenticated remote attacker could create device nodes with open permissions, leading to a loss of privacy or escalation of privileges. Only Ubuntu 8.10 and 9.04 were affected. (CVE-2009-1072)\n\nDan Carpenter discovered that SELinux did not correctly handle certain network checks when running with compat_net=1. A local attacker could exploit this to bypass network checks. Default Ubuntu installations do not enable SELinux, and only Ubuntu 8.10 and 9.04 were affected.\n(CVE-2009-1184)\n\nShaohua Li discovered that memory was not correctly initialized in the AGP subsystem. A local attacker could potentially read kernel memory, leading to a loss of privacy. (CVE-2009-1192)\n\nBenjamin Gilbert discovered that the VMX implementation of KVM did not correctly handle certain registers. An attacker in a guest VM could exploit this to cause a host system crash, leading to a denial of service. This only affected 32bit hosts. Ubuntu 6.06 was not affected.\n(CVE-2009-1242)\n\nThomas Pollet discovered that the Amateur Radio X.25 Packet Layer Protocol did not correctly validate certain fields. A remote attacker could exploit this to read kernel memory, leading to a loss of privacy. (CVE-2009-1265)\n\nTrond Myklebust discovered that NFS did not correctly handle certain long filenames. An authenticated remote attacker could exploit this to cause a system crash, leading to a denial of service. Only Ubuntu 6.06 was affected. (CVE-2009-1336)\n\nOleg Nesterov discovered that the kernel did not correctly handle CAP_KILL. A local user could exploit this to send signals to arbitrary processes, leading to a denial of service. (CVE-2009-1337)\n\nDaniel Hokka Zakrisson discovered that signal handling was not correctly limited to process namespaces. A local user could bypass namespace restrictions, possibly leading to a denial of service. Only Ubuntu 8.04 was affected. (CVE-2009-1338)\n\nPavel Emelyanov discovered that network namespace support for IPv6 was not correctly handled. A remote attacker could send specially crafted IPv6 traffic that would cause a system crash, leading to a denial of service. Only Ubuntu 8.10 and 9.04 were affected. (CVE-2009-1360)\n\nNeil Horman discovered that the e1000 network driver did not correctly validate certain fields. A remote attacker could send a specially crafted packet that would cause a system crash, leading to a denial of service. (CVE-2009-1385)\n\nPavan Naregundi discovered that CIFS did not correctly check lengths when handling certain mount requests. A remote attacker could send specially crafted traffic to cause a system crash, leading to a denial of service. (CVE-2009-1439)\n\nSimon Vallet and Frank Filz discovered that execute permissions were not correctly handled by NFSv4. A local user could bypass permissions and run restricted programs, possibly leading to an escalation of privileges. (CVE-2009-1630)\n\nJeff Layton and Suresh Jayaraman discovered buffer overflows in the CIFS client code. A malicious remote server could exploit this to cause a system crash or execute arbitrary code as root.\n(CVE-2009-1633)\n\nMikulas Patocka discovered that /proc/iomem was not correctly initialized on Sparc. A local attacker could use this file to crash the system, leading to a denial of service. Ubuntu 6.06 was not affected. (CVE-2009-1914)\n\nMiklos Szeredi discovered that OCFS2 did not correctly handle certain splice operations. A local attacker could exploit this to cause a system hang, leading to a denial of service. Ubuntu 6.06 was not affected. (CVE-2009-1961).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-07-02T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : linux, linux-source-2.6.15 vulnerabilities (USN-793-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1072", "CVE-2009-1184", "CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1336", "CVE-2009-1337", "CVE-2009-1338", "CVE-2009-1360", "CVE-2009-1385", "CVE-2009-1439", "CVE-2009-1630", "CVE-2009-1633", "CVE-2009-1914", "CVE-2009-1961"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.28", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.28", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04"], "id": "UBUNTU_USN-793-1.NASL", "href": "https://www.tenable.com/plugins/nessus/39586", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-793-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39586);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-1072\", \"CVE-2009-1184\", \"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1336\", \"CVE-2009-1337\", \"CVE-2009-1338\", \"CVE-2009-1360\", \"CVE-2009-1385\", \"CVE-2009-1439\", \"CVE-2009-1630\", \"CVE-2009-1633\", \"CVE-2009-1914\", \"CVE-2009-1961\");\n script_bugtraq_id(34205, 34405, 34453, 34612, 34654, 34673, 34934, 35143, 35185);\n script_xref(name:\"USN\", value:\"793-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : linux, linux-source-2.6.15 vulnerabilities (USN-793-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Igor Zhbanov discovered that NFS clients were able to create device\nnodes even when root_squash was enabled. An authenticated remote\nattacker could create device nodes with open permissions, leading to a\nloss of privacy or escalation of privileges. Only Ubuntu 8.10 and 9.04\nwere affected. (CVE-2009-1072)\n\nDan Carpenter discovered that SELinux did not correctly handle certain\nnetwork checks when running with compat_net=1. A local attacker could\nexploit this to bypass network checks. Default Ubuntu installations do\nnot enable SELinux, and only Ubuntu 8.10 and 9.04 were affected.\n(CVE-2009-1184)\n\nShaohua Li discovered that memory was not correctly initialized in the\nAGP subsystem. A local attacker could potentially read kernel memory,\nleading to a loss of privacy. (CVE-2009-1192)\n\nBenjamin Gilbert discovered that the VMX implementation of KVM did not\ncorrectly handle certain registers. An attacker in a guest VM could\nexploit this to cause a host system crash, leading to a denial of\nservice. This only affected 32bit hosts. Ubuntu 6.06 was not affected.\n(CVE-2009-1242)\n\nThomas Pollet discovered that the Amateur Radio X.25 Packet Layer\nProtocol did not correctly validate certain fields. A remote attacker\ncould exploit this to read kernel memory, leading to a loss of\nprivacy. (CVE-2009-1265)\n\nTrond Myklebust discovered that NFS did not correctly handle certain\nlong filenames. An authenticated remote attacker could exploit this to\ncause a system crash, leading to a denial of service. Only Ubuntu 6.06\nwas affected. (CVE-2009-1336)\n\nOleg Nesterov discovered that the kernel did not correctly handle\nCAP_KILL. A local user could exploit this to send signals to arbitrary\nprocesses, leading to a denial of service. (CVE-2009-1337)\n\nDaniel Hokka Zakrisson discovered that signal handling was not\ncorrectly limited to process namespaces. A local user could bypass\nnamespace restrictions, possibly leading to a denial of service. Only\nUbuntu 8.04 was affected. (CVE-2009-1338)\n\nPavel Emelyanov discovered that network namespace support for IPv6 was\nnot correctly handled. A remote attacker could send specially crafted\nIPv6 traffic that would cause a system crash, leading to a denial of\nservice. Only Ubuntu 8.10 and 9.04 were affected. (CVE-2009-1360)\n\nNeil Horman discovered that the e1000 network driver did not correctly\nvalidate certain fields. A remote attacker could send a specially\ncrafted packet that would cause a system crash, leading to a denial of\nservice. (CVE-2009-1385)\n\nPavan Naregundi discovered that CIFS did not correctly check lengths\nwhen handling certain mount requests. A remote attacker could send\nspecially crafted traffic to cause a system crash, leading to a denial\nof service. (CVE-2009-1439)\n\nSimon Vallet and Frank Filz discovered that execute permissions were\nnot correctly handled by NFSv4. A local user could bypass permissions\nand run restricted programs, possibly leading to an escalation of\nprivileges. (CVE-2009-1630)\n\nJeff Layton and Suresh Jayaraman discovered buffer overflows in the\nCIFS client code. A malicious remote server could exploit this to\ncause a system crash or execute arbitrary code as root.\n(CVE-2009-1633)\n\nMikulas Patocka discovered that /proc/iomem was not correctly\ninitialized on Sparc. A local attacker could use this file to crash\nthe system, leading to a denial of service. Ubuntu 6.06 was not\naffected. (CVE-2009-1914)\n\nMiklos Szeredi discovered that OCFS2 did not correctly handle certain\nsplice operations. A local attacker could exploit this to cause a\nsystem hang, leading to a denial of service. Ubuntu 6.06 was not\naffected. (CVE-2009-1961).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/793-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16, 20, 119, 189, 264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.28\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.28\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2009-1072\", \"CVE-2009-1184\", \"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1336\", \"CVE-2009-1337\", \"CVE-2009-1338\", \"CVE-2009-1360\", \"CVE-2009-1385\", \"CVE-2009-1439\", \"CVE-2009-1630\", \"CVE-2009-1633\", \"CVE-2009-1914\", \"CVE-2009-1961\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-793-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-386\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-686\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-generic\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-k8\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-server\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-xeon\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-server\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-386\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-686\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-generic\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-k8\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-server\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-xeon\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-server\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24-386\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24-generic\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24-openvz\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24-rt\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24-server\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24-virtual\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24-xen\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-386\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-generic\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-lpia\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-lpiacompat\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-openvz\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-rt\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-server\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-virtual\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-xen\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-24-386\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-24-generic\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-24-server\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-24-virtual\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-doc-2.6.27\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-14\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-14-generic\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-14-server\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-14-generic\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-14-server\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-14-virtual\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-source-2.6.27\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-doc-2.6.28\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-headers-2.6.28-13\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-headers-2.6.28-13-generic\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-headers-2.6.28-13-server\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-13-generic\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-13-lpia\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-13-server\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-13-versatile\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-13-virtual\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-source-2.6.28\", pkgver:\"2.6.28-13.45\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.15 / linux-doc-2.6.24 / linux-doc-2.6.27 / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:06:35", "description": "This kernel update for openSUSE 11.0 fixes some bugs and several security problems.\n\nThe following security issues are fixed: A local denial of service problem in the splice(2) system call.\n\nCVE-2009-1630: The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.\n\nCVE-2009-0834: The audit_syscall_entry function in the Linux kernel on the x86_64 platform did not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls.\n\nCVE-2009-1072: nfsd in the Linux kernel did not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.\n\nCVE-2009-0835 The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod.\n\nCVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.\n\nThis requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.\n\nCVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\nCVE-2009-0859: The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program. (SUSE is enabling CONFIG_SHMEM, so is by default not affected, the fix is just for completeness).\n\nCVE-2009-1242: The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka 'Long mode enable') bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform.\n\nCVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent.\n\nCVE-2009-0028: The clone system call in the Linux kernel allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit.\n\nCVE-2009-0675: The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an 'inverted logic' issue.\n\nCVE-2009-0676: The sock_getsockopt function in net/core/sock.c in the Linux kernel does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request.\n\nCVE-2009-0322: drivers/firmware/dell_rbu.c in the Linux kernel allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/.\n\nCVE-2009-0269: fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.\n\nCVE-2009-0065: Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.\n\nSome other non-security bugs were fixed, please see the RPM changelog.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-951)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0028", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1072", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1439", "CVE-2009-1630"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:acerhk-kmp-debug", "p-cpe:/a:novell:opensuse:acx-kmp-debug", "p-cpe:/a:novell:opensuse:appleir-kmp-debug", "p-cpe:/a:novell:opensuse:at76_usb-kmp-debug", "p-cpe:/a:novell:opensuse:atl2-kmp-debug", "p-cpe:/a:novell:opensuse:aufs-kmp-debug", "p-cpe:/a:novell:opensuse:dazuko-kmp-debug", "p-cpe:/a:novell:opensuse:drbd-kmp-debug", "p-cpe:/a:novell:opensuse:gspcav-kmp-debug", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-debug", "p-cpe:/a:novell:opensuse:ivtv-kmp-debug", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kqemu-kmp-debug", "p-cpe:/a:novell:opensuse:nouveau-kmp-debug", "p-cpe:/a:novell:opensuse:omnibook-kmp-debug", "p-cpe:/a:novell:opensuse:pcc-acpi-kmp-debug", "p-cpe:/a:novell:opensuse:pcfclock-kmp-debug", "p-cpe:/a:novell:opensuse:tpctl-kmp-debug", "p-cpe:/a:novell:opensuse:uvcvideo-kmp-debug", "p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug", "p-cpe:/a:novell:opensuse:vmware-kmp-debug", "p-cpe:/a:novell:opensuse:wlan-ng-kmp-debug", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_KERNEL-090602.NASL", "href": "https://www.tenable.com/plugins/nessus/40012", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-951.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40012);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0028\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1072\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1439\", \"CVE-2009-1630\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-951)\");\n script_summary(english:\"Check for the kernel-951 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update for openSUSE 11.0 fixes some bugs and several\nsecurity problems.\n\nThe following security issues are fixed: A local denial of service\nproblem in the splice(2) system call.\n\nCVE-2009-1630: The nfs_permission function in fs/nfs/dir.c in the NFS\nclient implementation in the Linux kernel when atomic_open is\navailable, does not check execute (aka EXEC or MAY_EXEC) permission\nbits, which allows local users to bypass permissions and execute\nfiles, as demonstrated by files on an NFSv4 fileserver.\n\nCVE-2009-0834: The audit_syscall_entry function in the Linux kernel on\nthe x86_64 platform did not properly handle (1) a 32-bit process\nmaking a 64-bit syscall or (2) a 64-bit process making a 32-bit\nsyscall, which allows local users to bypass certain syscall audit\nconfigurations via crafted syscalls.\n\nCVE-2009-1072: nfsd in the Linux kernel did not drop the CAP_MKNOD\ncapability before handling a user request in a thread, which allows\nlocal users to create device nodes, as demonstrated on a filesystem\nthat has been exported with the root_squash option.\n\nCVE-2009-0835 The __secure_computing function in kernel/seccomp.c in\nthe seccomp subsystem in the Linux kernel on the x86_64 platform, when\nCONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit\nprocess making a 64-bit syscall or (2) a 64-bit process making a\n32-bit syscall, which allows local users to bypass intended access\nrestrictions via crafted syscalls that are misinterpreted as (a) stat\nor (b) chmod.\n\nCVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the\nLinux kernel 2.6.29 and earlier allows remote attackers to cause a\ndenial of service (crash) or potential code execution via a long\nnativeFileSystem field in a Tree Connect response to an SMB mount\nrequest.\n\nThis requires that kernel can be made to mount a 'cifs' filesystem\nfrom a malicious CIFS server.\n\nCVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux\nkernel did not restrict exit signals when the CAP_KILL capability is\nheld, which allows local users to send an arbitrary signal to a\nprocess by running a program that modifies the exit_signal field and\nthen uses an exec system call to launch a setuid application.\n\nCVE-2009-0859: The shm_get_stat function in ipc/shm.c in the shm\nsubsystem in the Linux kernel, when CONFIG_SHMEM is disabled,\nmisinterprets the data type of an inode, which allows local users to\ncause a denial of service (system hang) via an SHM_INFO shmctl call,\nas demonstrated by running the ipcs program. (SUSE is enabling\nCONFIG_SHMEM, so is by default not affected, the fix is just for\ncompleteness).\n\nCVE-2009-1242: The vmx_set_msr function in arch/x86/kvm/vmx.c in the\nVMX implementation in the KVM subsystem in the Linux kernel on the\ni386 platform allows guest OS users to cause a denial of service\n(OOPS) by setting the EFER_LME (aka 'Long mode enable') bit in the\nExtended Feature Enable Register (EFER) model-specific register, which\nis specific to the x86_64 platform.\n\nCVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in\nthe Linux kernel might allow attackers to obtain sensitive information\nvia a large length value, which causes 'garbage' memory to be sent.\n\nCVE-2009-0028: The clone system call in the Linux kernel allows local\nusers to send arbitrary signals to a parent process from an\nunprivileged child process by launching an additional child process\nwith the CLONE_PARENT flag, and then letting this new process exit.\n\nCVE-2009-0675: The skfp_ioctl function in drivers/net/skfp/skfddi.c in\nthe Linux kernel permits SKFP_CLR_STATS requests only when the\nCAP_NET_ADMIN capability is absent, instead of when this capability is\npresent, which allows local users to reset the driver statistics,\nrelated to an 'inverted logic' issue.\n\nCVE-2009-0676: The sock_getsockopt function in net/core/sock.c in the\nLinux kernel does not initialize a certain structure member, which\nallows local users to obtain potentially sensitive information from\nkernel memory via an SO_BSDCOMPAT getsockopt request.\n\nCVE-2009-0322: drivers/firmware/dell_rbu.c in the Linux kernel allows\nlocal users to cause a denial of service (system crash) via a read\nsystem call that specifies zero bytes from the (1) image_type or (2)\npacket_size file in /sys/devices/platform/dell_rbu/.\n\nCVE-2009-0269: fs/ecryptfs/inode.c in the eCryptfs subsystem in the\nLinux kernel allows local users to cause a denial of service (fault or\nmemory corruption), or possibly have unspecified other impact, via a\nreadlink call that results in an error, leading to use of a -1 return\nvalue as an array index.\n\nCVE-2009-0065: Buffer overflow in net/sctp/sm_statefuns.c in the\nStream Control Transmission Protocol (sctp) implementation in the\nLinux kernel allows remote attackers to have an unknown impact via an\nFWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.\n\nSome other non-security bugs were fixed, please see the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=399966\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=407523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=408818\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=429484\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=462365\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=463522\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=465955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=465963\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=470942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=470943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=472896\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=478002\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=478003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=482720\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=483819\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=483820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492282\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496398\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=497551\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=497597\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=498237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502675\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503353\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acerhk-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acx-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:appleir-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:at76_usb-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:atl2-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:aufs-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dazuko-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:drbd-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gspcav-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ivtv-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kqemu-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nouveau-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:omnibook-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcc-acpi-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tpctl-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:uvcvideo-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vmware-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wlan-ng-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"acerhk-kmp-debug-0.5.35_2.6.25.20_0.4-98.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"acx-kmp-debug-20080210_2.6.25.20_0.4-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"appleir-kmp-debug-1.1_2.6.25.20_0.4-108.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"at76_usb-kmp-debug-0.17_2.6.25.20_0.4-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"atl2-kmp-debug-2.0.4_2.6.25.20_0.4-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"aufs-kmp-debug-cvs20080429_2.6.25.20_0.4-13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"dazuko-kmp-debug-2.3.4.4_2.6.25.20_0.4-42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"drbd-kmp-debug-8.2.6_2.6.25.20_0.4-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"gspcav-kmp-debug-01.00.20_2.6.25.20_0.4-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"iscsitarget-kmp-debug-0.4.15_2.6.25.20_0.4-63.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"ivtv-kmp-debug-1.0.3_2.6.25.20_0.4-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-debug-2.6.25.20-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-default-2.6.25.20-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-pae-2.6.25.20-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-source-2.6.25.20-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-syms-2.6.25.20-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-vanilla-2.6.25.20-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-xen-2.6.25.20-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kqemu-kmp-debug-1.3.0pre11_2.6.25.20_0.4-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"nouveau-kmp-debug-0.10.1.20081112_2.6.25.20_0.4-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"omnibook-kmp-debug-20080313_2.6.25.20_0.4-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"pcc-acpi-kmp-debug-0.9_2.6.25.20_0.4-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"pcfclock-kmp-debug-0.44_2.6.25.20_0.4-207.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tpctl-kmp-debug-4.17_2.6.25.20_0.4-189.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"uvcvideo-kmp-debug-r200_2.6.25.20_0.4-2.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"virtualbox-ose-kmp-debug-1.5.6_2.6.25.20_0.4-33.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"vmware-kmp-debug-2008.04.14_2.6.25.20_0.4-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"wlan-ng-kmp-debug-0.2.8_2.6.25.20_0.4-107.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acerhk-kmp-debug / acx-kmp-debug / appleir-kmp-debug / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:11:21", "description": "The Linux kernel on SUSE Linux Enterprise 11 was updated to 2.6.27.23 and received lots of bugs and security fixes.\n\nThe following security issues have been fixed :\n\n - Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.\n (CVE-2009-1439)\n\nThis requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.\n\n - The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n (CVE-2009-1337)\n\nThe GCC option -fwrapv has been added to compilation to work around potentially removing integer overflow checks.\n\n - Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent. (CVE-2009-1265)\n\n - The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka 'Long mode enable') bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform. (CVE-2009-1242)\n\n - The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets. (CVE-2009-1360)\n\n - drivers/char/agp/generic.c in the agp subsystem in the Linux kernel does not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. (CVE-2009-1192)\n\nAdditionaly a lot of bugs have been fixed and are listed in the RPM changelog.", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 927 / 929 / 930)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1360", "CVE-2009-1439"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-vmi", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen", "p-cpe:/a:novell:suse_linux:11:kernel-default", "p-cpe:/a:novell:suse_linux:11:kernel-default-base", "p-cpe:/a:novell:suse_linux:11:kernel-default-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default-man", "p-cpe:/a:novell:suse_linux:11:kernel-pae", "p-cpe:/a:novell:suse_linux:11:kernel-pae-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:11:kernel-source", "p-cpe:/a:novell:suse_linux:11:kernel-syms", "p-cpe:/a:novell:suse_linux:11:kernel-vmi", "p-cpe:/a:novell:suse_linux:11:kernel-vmi-base", "p-cpe:/a:novell:suse_linux:11:kernel-xen", "p-cpe:/a:novell:suse_linux:11:kernel-xen-base", "p-cpe:/a:novell:suse_linux:11:kernel-xen-extra", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_KERNEL-090527.NASL", "href": "https://www.tenable.com/plugins/nessus/41411", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41411);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1360\", \"CVE-2009-1439\");\n\n script_name(english:\"SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 927 / 929 / 930)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux kernel on SUSE Linux Enterprise 11 was updated to 2.6.27.23\nand received lots of bugs and security fixes.\n\nThe following security issues have been fixed :\n\n - Buffer overflow in fs/cifs/connect.c in CIFS in the\n Linux kernel 2.6.29 and earlier allows remote attackers\n to cause a denial of service (crash) or potential code\n execution via a long nativeFileSystem field in a Tree\n Connect response to an SMB mount request.\n (CVE-2009-1439)\n\nThis requires that kernel can be made to mount a 'cifs' filesystem\nfrom a malicious CIFS server.\n\n - The exit_notify function in kernel/exit.c in the Linux\n kernel did not restrict exit signals when the CAP_KILL\n capability is held, which allows local users to send an\n arbitrary signal to a process by running a program that\n modifies the exit_signal field and then uses an exec\n system call to launch a setuid application.\n (CVE-2009-1337)\n\nThe GCC option -fwrapv has been added to compilation to work around\npotentially removing integer overflow checks.\n\n - Integer overflow in rose_sendmsg (sys/net/af_rose.c) in\n the Linux kernel might allow attackers to obtain\n sensitive information via a large length value, which\n causes 'garbage' memory to be sent. (CVE-2009-1265)\n\n - The vmx_set_msr function in arch/x86/kvm/vmx.c in the\n VMX implementation in the KVM subsystem in the Linux\n kernel on the i386 platform allows guest OS users to\n cause a denial of service (OOPS) by setting the EFER_LME\n (aka 'Long mode enable') bit in the Extended Feature\n Enable Register (EFER) model-specific register, which is\n specific to the x86_64 platform. (CVE-2009-1242)\n\n - The __inet6_check_established function in\n net/ipv6/inet6_hashtables.c in the Linux kernel, when\n Network Namespace Support (aka NET_NS) is enabled,\n allows remote attackers to cause a denial of service\n (NULL pointer dereference and system crash) via vectors\n involving IPv6 packets. (CVE-2009-1360)\n\n - drivers/char/agp/generic.c in the agp subsystem in the\n Linux kernel does not zero out pages that may later be\n available to a user-space process, which allows local\n users to obtain sensitive information by reading these\n pages. (CVE-2009-1192)\n\nAdditionaly a lot of bugs have been fixed and are listed in the RPM\nchangelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=408304\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=459065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=460284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=464360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=465854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=467518\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=474062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=483706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=484931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=486430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=486803\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487755\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487987\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=489005\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=489105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=491289\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=491430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492282\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=493392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=493991\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=494463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495068\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495515\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495816\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496027\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496398\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496502\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=497807\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=498042\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=498237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499845\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=500508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501234\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502026\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502425\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502903\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503038\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503457\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=505831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=505925\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1192.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1242.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1265.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1337.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1360.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1439.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 927 / 929 / 930 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-vmi-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-extra-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-extra-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-source-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-syms-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-extra-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-extra-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-source-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-syms-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-extra-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ext4dev-kmp-default-0_2.6.27.23_0.1-7.1.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-default-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-default-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-source-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-syms-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-pae-0_2.6.27.23_0.1-7.1.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-vmi-0_2.6.27.23_0.1-7.1.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-xen-0_2.6.27.23_0.1-7.1.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-vmi-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-vmi-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"kernel-default-man-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"ext4dev-kmp-xen-0_2.6.27.23_0.1-7.1.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-base-2.6.27.23-0.1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:05:58", "description": "This Linux kernel update for openSUSE 11.1 fixes lots of bugs and some security issues. The kernel was also updated to the 2.6.27.23 stable release.\n\nFollowing security issues have been fixed: CVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.\n\nThis requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.\n\nCVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\nThe GCC option -fwrapv has been added to compilation to work around potentially removing integer overflow checks.\n\nCVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent.\n\nCVE-2009-1242: The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka 'Long mode enable') bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform.\n\nCVE-2009-1360: The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets.\n\nCVE-2009-1192: drivers/char/agp/generic.c in the agp subsystem in the Linux kernel does not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages.\n\nAdditionaly a lot of bugs have been fixed and are listed in the RPM changelog.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-932)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1360", "CVE-2009-1439"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:aufs-kmp-debug", "p-cpe:/a:novell:opensuse:aufs-kmp-trace", "p-cpe:/a:novell:opensuse:brocade-bfa-kmp-debug", "p-cpe:/a:novell:opensuse:brocade-bfa-kmp-trace", "p-cpe:/a:novell:opensuse:dazuko-kmp-debug", "p-cpe:/a:novell:opensuse:dazuko-kmp-trace", "p-cpe:/a:novell:opensuse:drbd-kmp-debug", "p-cpe:/a:novell:opensuse:drbd-kmp-trace", "p-cpe:/a:novell:opensuse:intel-iamt-heci-kmp-debug", "p-cpe:/a:novell:opensuse:intel-iamt-heci-kmp-trace", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-debug", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-trace", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-extra", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-extra", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-extra", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-trace", "p-cpe:/a:novell:opensuse:kernel-trace-base", "p-cpe:/a:novell:opensuse:kernel-trace-extra", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-xen-extra", "p-cpe:/a:novell:opensuse:kqemu-kmp-debug", "p-cpe:/a:novell:opensuse:kqemu-kmp-trace", "p-cpe:/a:novell:opensuse:kvm-kmp-trace", "p-cpe:/a:novell:opensuse:lirc-kmp-trace", "p-cpe:/a:novell:opensuse:ofed-kmp-debug", "p-cpe:/a:novell:opensuse:ofed-kmp-trace", "p-cpe:/a:novell:opensuse:oracleasm-kmp-debug", "p-cpe:/a:novell:opensuse:oracleasm-kmp-trace", "p-cpe:/a:novell:opensuse:pcfclock-kmp-debug", "p-cpe:/a:novell:opensuse:pcfclock-kmp-trace", "p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug", "p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-trace", "p-cpe:/a:novell:opensuse:vmware-kmp-debug", "p-cpe:/a:novell:opensuse:vmware-kmp-trace", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_KERNEL-090527.NASL", "href": "https://www.tenable.com/plugins/nessus/40250", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-932.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40250);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1360\", \"CVE-2009-1439\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-932)\");\n script_summary(english:\"Check for the kernel-932 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This Linux kernel update for openSUSE 11.1 fixes lots of bugs and some\nsecurity issues. The kernel was also updated to the 2.6.27.23 stable\nrelease.\n\nFollowing security issues have been fixed: CVE-2009-1439: Buffer\noverflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and\nearlier allows remote attackers to cause a denial of service (crash)\nor potential code execution via a long nativeFileSystem field in a\nTree Connect response to an SMB mount request.\n\nThis requires that kernel can be made to mount a 'cifs' filesystem\nfrom a malicious CIFS server.\n\nCVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux\nkernel did not restrict exit signals when the CAP_KILL capability is\nheld, which allows local users to send an arbitrary signal to a\nprocess by running a program that modifies the exit_signal field and\nthen uses an exec system call to launch a setuid application.\n\nThe GCC option -fwrapv has been added to compilation to work around\npotentially removing integer overflow checks.\n\nCVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in\nthe Linux kernel might allow attackers to obtain sensitive information\nvia a large length value, which causes 'garbage' memory to be sent.\n\nCVE-2009-1242: The vmx_set_msr function in arch/x86/kvm/vmx.c in the\nVMX implementation in the KVM subsystem in the Linux kernel on the\ni386 platform allows guest OS users to cause a denial of service\n(OOPS) by setting the EFER_LME (aka 'Long mode enable') bit in the\nExtended Feature Enable Register (EFER) model-specific register, which\nis specific to the x86_64 platform.\n\nCVE-2009-1360: The __inet6_check_established function in\nnet/ipv6/inet6_hashtables.c in the Linux kernel, when Network\nNamespace Support (aka NET_NS) is enabled, allows remote attackers to\ncause a denial of service (NULL pointer dereference and system crash)\nvia vectors involving IPv6 packets.\n\nCVE-2009-1192: drivers/char/agp/generic.c in the agp subsystem in the\nLinux kernel does not zero out pages that may later be available to a\nuser-space process, which allows local users to obtain sensitive\ninformation by reading these pages.\n\nAdditionaly a lot of bugs have been fixed and are listed in the RPM\nchangelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=408304\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=459065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=460284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=464360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=465854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=467518\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=474062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=483706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=484931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=486430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=486803\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487755\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487987\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=489005\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=489105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=491289\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=491430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492282\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=493392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=493991\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=494463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495068\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495515\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495816\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496027\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496398\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496502\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=497807\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=498042\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=498237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499845\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=500508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501234\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502026\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502425\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502903\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503038\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503457\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=505831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=505925\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:aufs-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:aufs-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:brocade-bfa-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:brocade-bfa-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dazuko-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dazuko-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:drbd-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:drbd-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:intel-iamt-heci-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:intel-iamt-heci-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kqemu-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kqemu-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kvm-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:lirc-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ofed-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ofed-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:oracleasm-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:oracleasm-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vmware-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vmware-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"aufs-kmp-debug-cvs20081020_2.6.27.23_0.1-1.32.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"aufs-kmp-trace-cvs20081020_2.6.27.23_0.1-1.32.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"brocade-bfa-kmp-debug-1.1.0.2_2.6.27.23_0.1-1.7.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"brocade-bfa-kmp-trace-1.1.0.2_2.6.27.23_0.1-1.7.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"dazuko-kmp-debug-2.3.6_2.6.27.23_0.1-1.49.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"dazuko-kmp-trace-2.3.6_2.6.27.23_0.1-1.49.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"drbd-kmp-debug-8.2.7_2.6.27.23_0.1-1.19.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"drbd-kmp-trace-8.2.7_2.6.27.23_0.1-1.19.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"intel-iamt-heci-kmp-debug-3.1.0.31_2.6.27.23_0.1-2.40.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"intel-iamt-heci-kmp-trace-3.1.0.31_2.6.27.23_0.1-2.40.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"iscsitarget-kmp-debug-0.4.15_2.6.27.23_0.1-89.11.12\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"iscsitarget-kmp-trace-0.4.15_2.6.27.23_0.1-89.11.12\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-debug-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-debug-base-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-debug-extra-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-default-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-default-base-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-default-extra-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-pae-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-pae-base-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-pae-extra-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-source-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-syms-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-trace-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-trace-base-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-trace-extra-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-vanilla-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-xen-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-xen-base-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-xen-extra-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kqemu-kmp-debug-1.4.0pre1_2.6.27.23_0.1-2.1.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kqemu-kmp-trace-1.4.0pre1_2.6.27.23_0.1-2.1.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kvm-kmp-trace-78_2.6.27.23_0.1-6.6.20\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"lirc-kmp-trace-0.8.4_2.6.27.23_0.1-0.1.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"ofed-kmp-debug-1.4_2.6.27.23_0.1-21.15.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"ofed-kmp-trace-1.4_2.6.27.23_0.1-21.15.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"oracleasm-kmp-debug-2.0.5_2.6.27.23_0.1-2.36.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"oracleasm-kmp-trace-2.0.5_2.6.27.23_0.1-2.36.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"pcfclock-kmp-debug-0.44_2.6.27.23_0.1-227.56.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"pcfclock-kmp-trace-0.44_2.6.27.23_0.1-227.56.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"virtualbox-ose-kmp-debug-2.0.6_2.6.27.23_0.1-2.8.32\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"virtualbox-ose-kmp-trace-2.0.6_2.6.27.23_0.1-2.8.32\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"vmware-kmp-debug-2008.09.03_2.6.27.23_0.1-5.50.25\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"vmware-kmp-trace-2008.09.03_2.6.27.23_0.1-5.50.25\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"kvm-kmp-trace-78_2.6.27.23_0.1-6.6.21\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"virtualbox-ose-kmp-debug-2.0.6_2.6.27.23_0.1-2.8.33\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"virtualbox-ose-kmp-trace-2.0.6_2.6.27.23_0.1-2.8.33\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"aufs-kmp-debug / aufs-kmp-trace / brocade-bfa-kmp-debug / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:57:50", "description": "NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. Ubuntu 8.10 was not affected.\n(CVE-2008-4307)\n\nSparc syscalls did not correctly check mmap regions. A local attacker could cause a system panic, leading to a denial of service. Ubuntu 8.10 was not affected. (CVE-2008-6107)\n\nIn certain situations, cloned processes were able to send signals to parent processes, crossing privilege boundaries. A local attacker could send arbitrary signals to parent processes, leading to a denial of service. (CVE-2009-0028)\n\nThe kernel keyring did not free memory correctly. A local attacker could consume unlimited kernel memory, leading to a denial of service.\n(CVE-2009-0031)\n\nThe SCTP stack did not correctly validate FORWARD-TSN packets. A remote attacker could send specially crafted SCTP traffic causing a system crash, leading to a denial of service. (CVE-2009-0065)\n\nThe eCryptfs filesystem did not correctly handle certain VFS return codes. A local attacker with write-access to an eCryptfs filesystem could cause a system crash, leading to a denial of service.\n(CVE-2009-0269)\n\nThe Dell platform device did not correctly validate user parameters. A local attacker could perform specially crafted reads to crash the system, leading to a denial of service. (CVE-2009-0322)\n\nThe page fault handler could consume stack memory. A local attacker could exploit this to crash the system or gain root privileges with a Kprobe registered. Only Ubuntu 8.10 was affected. (CVE-2009-0605)\n\nNetwork interfaces statistics for the SysKonnect FDDI driver did not check capabilities. A local user could reset statistics, potentially interfering with packet accounting systems. (CVE-2009-0675)\n\nThe getsockopt function did not correctly clear certain parameters. A local attacker could read leaked kernel memory, leading to a loss of privacy. (CVE-2009-0676)\n\nThe ext4 filesystem did not correctly clear group descriptors when resizing. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2009-0745)\n\nThe ext4 filesystem did not correctly validate certain fields. A local attacker could mount a malicious ext4 filesystem, causing a system crash, leading to a denial of service. (CVE-2009-0746, CVE-2009-0747, CVE-2009-0748)\n\nThe syscall interface did not correctly validate parameters when crossing the 64-bit/32-bit boundary. A local attacker could bypass certain syscall restricts via crafted syscalls. (CVE-2009-0834, CVE-2009-0835)\n\nThe shared memory subsystem did not correctly handle certain shmctl calls when CONFIG_SHMEM was disabled. Ubuntu kernels were not vulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859)\n\nThe virtual consoles did not correctly handle certain UTF-8 sequences.\nA local attacker on the physical console could exploit this to cause a system crash, leading to a denial of service. (CVE-2009-1046).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.22 vulnerabilities (USN-751-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2008-6107", "CVE-2009-0028", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0605", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0745", "CVE-2009-0746", "CVE-2009-0747", "CVE-2009-0748", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1046"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27", "cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10"], "id": "UBUNTU_USN-751-1.NASL", "href": "https://www.tenable.com/plugins/nessus/37337", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-751-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37337);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2008-6107\", \"CVE-2009-0028\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0605\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0745\", \"CVE-2009-0746\", \"CVE-2009-0747\", \"CVE-2009-0748\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1046\");\n script_bugtraq_id(33113, 33672, 33846, 33948, 33951, 34020);\n script_xref(name:\"USN\", value:\"751-1\");\n\n script_name(english:\"Ubuntu 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.22 vulnerabilities (USN-751-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"NFS did not correctly handle races between fcntl and interrupts. A\nlocal attacker on an NFS mount could consume unlimited kernel memory,\nleading to a denial of service. Ubuntu 8.10 was not affected.\n(CVE-2008-4307)\n\nSparc syscalls did not correctly check mmap regions. A local attacker\ncould cause a system panic, leading to a denial of service. Ubuntu\n8.10 was not affected. (CVE-2008-6107)\n\nIn certain situations, cloned processes were able to send signals to\nparent processes, crossing privilege boundaries. A local attacker\ncould send arbitrary signals to parent processes, leading to a denial\nof service. (CVE-2009-0028)\n\nThe kernel keyring did not free memory correctly. A local attacker\ncould consume unlimited kernel memory, leading to a denial of service.\n(CVE-2009-0031)\n\nThe SCTP stack did not correctly validate FORWARD-TSN packets. A\nremote attacker could send specially crafted SCTP traffic causing a\nsystem crash, leading to a denial of service. (CVE-2009-0065)\n\nThe eCryptfs filesystem did not correctly handle certain VFS return\ncodes. A local attacker with write-access to an eCryptfs filesystem\ncould cause a system crash, leading to a denial of service.\n(CVE-2009-0269)\n\nThe Dell platform device did not correctly validate user parameters. A\nlocal attacker could perform specially crafted reads to crash the\nsystem, leading to a denial of service. (CVE-2009-0322)\n\nThe page fault handler could consume stack memory. A local attacker\ncould exploit this to crash the system or gain root privileges with a\nKprobe registered. Only Ubuntu 8.10 was affected. (CVE-2009-0605)\n\nNetwork interfaces statistics for the SysKonnect FDDI driver did not\ncheck capabilities. A local user could reset statistics, potentially\ninterfering with packet accounting systems. (CVE-2009-0675)\n\nThe getsockopt function did not correctly clear certain parameters. A\nlocal attacker could read leaked kernel memory, leading to a loss of\nprivacy. (CVE-2009-0676)\n\nThe ext4 filesystem did not correctly clear group descriptors when\nresizing. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2009-0745)\n\nThe ext4 filesystem did not correctly validate certain fields. A local\nattacker could mount a malicious ext4 filesystem, causing a system\ncrash, leading to a denial of service. (CVE-2009-0746, CVE-2009-0747,\nCVE-2009-0748)\n\nThe syscall interface did not correctly validate parameters when\ncrossing the 64-bit/32-bit boundary. A local attacker could bypass\ncertain syscall restricts via crafted syscalls. (CVE-2009-0834,\nCVE-2009-0835)\n\nThe shared memory subsystem did not correctly handle certain shmctl\ncalls when CONFIG_SHMEM was disabled. Ubuntu kernels were not\nvulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859)\n\nThe virtual consoles did not correctly handle certain UTF-8 sequences.\nA local attacker on the physical console could exploit this to cause a\nsystem crash, leading to a denial of service. (CVE-2009-1046).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/751-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(7\\.10|8\\.04|8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 7.10 / 8.04 / 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-4307\", \"CVE-2008-6107\", \"CVE-2009-0028\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0605\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0745\", \"CVE-2009-0746\", \"CVE-2009-0747\", \"CVE-2009-0748\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1046\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-751-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-doc-2.6.22\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-386\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-generic\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-rt\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-server\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-ume\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-virtual\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-xen\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-386\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-cell\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-generic\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpia\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpiacompat\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-rt\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-server\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-ume\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-virtual\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-xen\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-386\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-generic\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-server\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-virtual\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-source-2.6.22\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-386\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-generic\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-openvz\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-rt\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-server\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-virtual\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-xen\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-386\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-generic\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-lpia\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-lpiacompat\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-openvz\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-rt\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-server\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-virtual\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-xen\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-386\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-generic\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-server\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-virtual\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-doc-2.6.27\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11-generic\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11-server\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-generic\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-server\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-virtual\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-source-2.6.27\", pkgver:\"2.6.27-11.31\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.22 / linux-doc-2.6.24 / linux-doc-2.6.27 / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-05T14:12:42", "description": "Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5.2 Extended Update Support.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* a flaw was found in the IPv6 Extension Header (EH) handling implementation in the Linux kernel. The skb->dst data structure was not properly validated in the ipv6_hop_jumbo() function. This could possibly lead to a remote denial of service. (CVE-2007-4567, Important)\n\n* the possibility of a timeout value overflow was found in the Linux kernel high-resolution timers functionality, hrtimers. This could allow a local, unprivileged user to execute arbitrary code, or cause a denial of service (kernel panic). (CVE-2007-5966, Important)\n\n* memory leaks were found on some error paths in the icmp_send() function in the Linux kernel. This could, potentially, cause the network connectivity to cease. (CVE-2009-0778, Important)\n\n* a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments. (CVE-2009-0834, Important)\n\n* a flaw was found in the Intel PRO/1000 Linux driver (e1000) in the Linux kernel. Frames with sizes near the MTU of an interface may be split across multiple hardware receive descriptors. Receipt of such a frame could leak through a validation check, leading to a corruption of the length check. A remote attacker could use this flaw to send a specially crafted packet that would cause a denial of service or code execution. (CVE-2009-1385, Important)\n\n* the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a setuid or setgid program was executed. A local, unprivileged user could use this flaw to bypass the mmap_min_addr protection mechanism and perform a NULL pointer dereference attack, or bypass the Address Space Layout Randomization (ASLR) security feature.\n(CVE-2009-1895, Important)\n\n* a flaw was found in each of the following Intel PRO/1000 Linux drivers in the Linux kernel: e1000 and e1000e. A remote attacker using packets larger than the MTU could bypass the existing fragment check, resulting in partial, invalid frames being passed to the network stack. These flaws could also possibly be used to trigger a remote denial of service. (CVE-2009-4536, CVE-2009-4538, Important)\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. Receiving overly-long frames with a certain revision of the network cards supported by this driver could possibly result in a remote denial of service. (CVE-2009-4537, Important)\n\nNote: This update also fixes several bugs. Documentation for these bug fixes will be available shortly from www.redhat.com/docs/en-US/errata/RHSA-2010-0079/Kernel_Security_Update / index.html\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2010:0079)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4567", "CVE-2007-5966", "CVE-2009-0778", "CVE-2009-0834", "CVE-2009-1385", "CVE-2009-1895", "CVE-2009-4536", "CVE-2009-4537", "CVE-2009-4538"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5.2"], "id": "REDHAT-RHSA-2010-0079.NASL", "href": "https://www.tenable.com/plugins/nessus/63915", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0079. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63915);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-4567\", \"CVE-2007-5966\", \"CVE-2009-0778\", \"CVE-2009-0834\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-4536\", \"CVE-2009-4537\", \"CVE-2009-4538\");\n script_bugtraq_id(35647, 37519, 37521, 37523);\n script_xref(name:\"RHSA\", value:\"2010:0079\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2010:0079)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.2 Extended\nUpdate Support.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* a flaw was found in the IPv6 Extension Header (EH) handling\nimplementation in the Linux kernel. The skb->dst data structure was\nnot properly validated in the ipv6_hop_jumbo() function. This could\npossibly lead to a remote denial of service. (CVE-2007-4567,\nImportant)\n\n* the possibility of a timeout value overflow was found in the Linux\nkernel high-resolution timers functionality, hrtimers. This could\nallow a local, unprivileged user to execute arbitrary code, or cause a\ndenial of service (kernel panic). (CVE-2007-5966, Important)\n\n* memory leaks were found on some error paths in the icmp_send()\nfunction in the Linux kernel. This could, potentially, cause the\nnetwork connectivity to cease. (CVE-2009-0778, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local,\nunprivileged user to circumvent a system call audit configuration, if\nthat configuration filtered based on the 'syscall' number or\narguments. (CVE-2009-0834, Important)\n\n* a flaw was found in the Intel PRO/1000 Linux driver (e1000) in the\nLinux kernel. Frames with sizes near the MTU of an interface may be\nsplit across multiple hardware receive descriptors. Receipt of such a\nframe could leak through a validation check, leading to a corruption\nof the length check. A remote attacker could use this flaw to send a\nspecially crafted packet that would cause a denial of service or code\nexecution. (CVE-2009-1385, Important)\n\n* the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared\nwhen a setuid or setgid program was executed. A local, unprivileged\nuser could use this flaw to bypass the mmap_min_addr protection\nmechanism and perform a NULL pointer dereference attack, or bypass the\nAddress Space Layout Randomization (ASLR) security feature.\n(CVE-2009-1895, Important)\n\n* a flaw was found in each of the following Intel PRO/1000 Linux\ndrivers in the Linux kernel: e1000 and e1000e. A remote attacker using\npackets larger than the MTU could bypass the existing fragment check,\nresulting in partial, invalid frames being passed to the network\nstack. These flaws could also possibly be used to trigger a remote\ndenial of service. (CVE-2009-4536, CVE-2009-4538, Important)\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux\nkernel. Receiving overly-long frames with a certain revision of the\nnetwork cards supported by this driver could possibly result in a\nremote denial of service. (CVE-2009-4537, Important)\n\nNote: This update also fixes several bugs. Documentation for these bug\nfixes will be available shortly from\nwww.redhat.com/docs/en-US/errata/RHSA-2010-0079/Kernel_Security_Update\n/ index.html\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2007-4567.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2007-5966.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-0778.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-0834.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-1385.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-1895.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-4536.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-4537.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-4538.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2010-0079.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 20, 189, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", reference:\"kernel-doc-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-92.1.35.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-92.1.35.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-16T14:45:05", "description": "CVE-2008-5029 kernel: Unix sockets kernel panic\n\nCVE-2008-5300 kernel: fix soft lockups/OOM issues with unix socket garbage collector\n\nCVE-2009-1337 kernel: exit_notify: kill the wrong capable(CAP_KILL) check\n\nCVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service\n\nCVE-2009-1895 kernel: personality: fix PER_CLEAR_ON_SETID\n\nCVE-2009-2848 kernel: execve: must clear current->clear_child_tid\n\nCVE-2009-3001, CVE-2009-3002 kernel: numerous getname() infoleaks 520300 - kernel: ipv4: make ip_append_data() handle NULL routing table [rhel-3]\n\nCVE-2009-3547 kernel: fs: pipe.c NULL pointer dereference\n\nSecurity fixes :\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could,potentially, lead to a denial of service issue.\n (CVE-2008-5029, Important)\n\n - the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service.\n (CVE-2008-5300, Important)\n\n - the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n - a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across multiple hardware receive descriptors. Receipt of such a frame could leak through a validation check, leading to a corruption of the length check. A remote attacker could use this flaw to send a specially crafted packet that would cause a denial of service or code execution. (CVE-2009-1385, Important)\n\n - the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a setuid or setgid program was executed. A local, unprivileged user could use this flaw to bypass the mmap_min_addr protection mechanism and perform a NULL pointer dereference attack, or bypass the Address Space Layout Randomization (ASLR) security feature.\n (CVE-2009-1895, Important)\n\n - it was discovered that, when executing a new process, the clear_child_tid pointer in the Linux kernel is not cleared. If this pointer points to a writable portion of the memory of the new program, the kernel could corrupt four bytes of memory, possibly leading to a local denial of service or privilege escalation. (CVE-2009-2848, Important)\n\n - missing initialization flaws were found in getname() implementations in the IrDA sockets, AppleTalk DDP protocol, NET/ROM protocol, and ROSE protocol implementations in the Linux kernel. Certain data structures in these getname() implementations were not initialized properly before being copied to user-space.\n These flaws could lead to an information leak.\n (CVE-2009-3002, Important)\n\n - a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel:\n pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)\n\nBug fixes :\n\n - this update adds the mmap_min_addr tunable and restriction checks to help prevent unprivileged users from creating new memory mappings below the minimum address. This can help prevent the exploitation of NULL pointer dereference bugs. Note that mmap_min_addr is set to zero (disabled) by default for backwards compatibility. (BZ#512642)\n\n - a bridge reference count problem in IPv6 has been fixed.\n (BZ#457010)\n\n - enforce null-termination of user-supplied arguments to setsockopt(). (BZ#505514)\n\n - the gcc flag '-fno-delete-null-pointer-checks' was added to the kernel build options. This prevents gcc from optimizing out NULL pointer checks after the first use of a pointer. NULL pointer bugs are often exploited by attackers. Keeping these checks is a safety measure.\n (BZ#511185)\n\n - a check has been added to the IPv4 code to make sure that rt is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable. (BZ#520300)\n\nThe system must be rebooted for this update to take effect.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL3.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5029", "CVE-2008-5300", "CVE-2009-1337", "CVE-2009-1385", "CVE-2009-1895", "CVE-2009-2848", "CVE-2009-3001", "CVE-2009-3002", "CVE-2009-3547"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20091103_KERNEL_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60688", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60688);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2848\", \"CVE-2009-3001\", \"CVE-2009-3002\", \"CVE-2009-3547\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL3.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2008-5029 kernel: Unix sockets kernel panic\n\nCVE-2008-5300 kernel: fix soft lockups/OOM issues with unix socket\ngarbage collector\n\nCVE-2009-1337 kernel: exit_notify: kill the wrong capable(CAP_KILL)\ncheck\n\nCVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service\n\nCVE-2009-1895 kernel: personality: fix PER_CLEAR_ON_SETID\n\nCVE-2009-2848 kernel: execve: must clear current->clear_child_tid\n\nCVE-2009-3001, CVE-2009-3002 kernel: numerous getname() infoleaks\n520300 - kernel: ipv4: make ip_append_data() handle NULL routing table\n[rhel-3]\n\nCVE-2009-3547 kernel: fs: pipe.c NULL pointer dereference\n\nSecurity fixes :\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make\n indirect recursive calls to itself. This\n could,potentially, lead to a denial of service issue.\n (CVE-2008-5029, Important)\n\n - the sendmsg() function in the Linux kernel did not block\n during UNIX socket garbage collection. This could,\n potentially, lead to a local denial of service.\n (CVE-2008-5300, Important)\n\n - the exit_notify() function in the Linux kernel did not\n properly reset the exit signal if a process executed a\n set user ID (setuid) application before exiting. This\n could allow a local, unprivileged user to elevate their\n privileges. (CVE-2009-1337, Important)\n\n - a flaw was found in the Intel PRO/1000 network driver in\n the Linux kernel. Frames with sizes near the MTU of an\n interface may be split across multiple hardware receive\n descriptors. Receipt of such a frame could leak through\n a validation check, leading to a corruption of the\n length check. A remote attacker could use this flaw to\n send a specially crafted packet that would cause a\n denial of service or code execution. (CVE-2009-1385,\n Important)\n\n - the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not\n cleared when a setuid or setgid program was executed. A\n local, unprivileged user could use this flaw to bypass\n the mmap_min_addr protection mechanism and perform a\n NULL pointer dereference attack, or bypass the Address\n Space Layout Randomization (ASLR) security feature.\n (CVE-2009-1895, Important)\n\n - it was discovered that, when executing a new process,\n the clear_child_tid pointer in the Linux kernel is not\n cleared. If this pointer points to a writable portion of\n the memory of the new program, the kernel could corrupt\n four bytes of memory, possibly leading to a local denial\n of service or privilege escalation. (CVE-2009-2848,\n Important)\n\n - missing initialization flaws were found in getname()\n implementations in the IrDA sockets, AppleTalk DDP\n protocol, NET/ROM protocol, and ROSE protocol\n implementations in the Linux kernel. Certain data\n structures in these getname() implementations were not\n initialized properly before being copied to user-space.\n These flaws could lead to an information leak.\n (CVE-2009-3002, Important)\n\n - a NULL pointer dereference flaw was found in each of the\n following functions in the Linux kernel:\n pipe_read_open(), pipe_write_open(), and\n pipe_rdwr_open(). When the mutex lock is not held, the\n i_pipe pointer could be released by other processes\n before it is used to update the pipe's reader and writer\n counters. This could lead to a local denial of service\n or privilege escalation. (CVE-2009-3547, Important)\n\nBug fixes :\n\n - this update adds the mmap_min_addr tunable and\n restriction checks to help prevent unprivileged users\n from creating new memory mappings below the minimum\n address. This can help prevent the exploitation of NULL\n pointer dereference bugs. Note that mmap_min_addr is set\n to zero (disabled) by default for backwards\n compatibility. (BZ#512642)\n\n - a bridge reference count problem in IPv6 has been fixed.\n (BZ#457010)\n\n - enforce null-termination of user-supplied arguments to\n setsockopt(). (BZ#505514)\n\n - the gcc flag '-fno-delete-null-pointer-checks' was added\n to the kernel build options. This prevents gcc from\n optimizing out NULL pointer checks after the first use\n of a pointer. NULL pointer bugs are often exploited by\n attackers. Keeping these checks is a safety measure.\n (BZ#511185)\n\n - a check has been added to the IPv4 code to make sure\n that rt is not NULL, to help prevent future bugs in\n functions that call ip_append_data() from being\n exploitable. (BZ#520300)\n\nThe system must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=457010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=505514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=511185\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=512642\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=520300\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0911&L=scientific-linux-errata&T=0&P=599\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1f8d1106\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 189, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"kernel-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-doc-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-smp-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-smp-unsupported-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-source-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-unsupported-2.4.21-63.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-13T14:57:17", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nThe selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue fixed in 2.6.27.21. (CVE-2009-1184)\n\nThe exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n(CVE-2009-1337)\n\nThe (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. (CVE-2009-1192)\n\nThe ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call. (CVE-2009-0029)\n\nThe __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel before 2.6.29, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets. (CVE-20090-1360)\n\nThe inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions. (CVE-2009-1961)\n\nInteger underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.\n(CVE-2009-1385)\n\nThe nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver. (CVE-2009-1630)\n\nAdditionally, the kernel package was updated to the Linux upstream stable version 2.6.27.24.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2009-06-18T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2009:135)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0029", "CVE-2009-1184", "CVE-2009-1192", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1360", "CVE-2009-1385", "CVE-2009-1630", "CVE-2009-1961"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hso-kernel-server-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-2.6.27.24-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.24-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.24-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.24-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.24-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-server-2.6.27.24-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.24-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.27.24-1mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.24-desktop-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.24-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.24-server-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "cpe:/o:mandriva:linux:2009.0"], "id": "MANDRIVA_MDVSA-2009-135.NASL", "href": "https://www.tenable.com/plugins/nessus/39444", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:135. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39444);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-0029\", \"CVE-2009-1184\", \"CVE-2009-1192\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1360\", \"CVE-2009-1385\", \"CVE-2009-1630\", \"CVE-2009-1961\");\n script_bugtraq_id(34405, 34654, 34673, 34934, 35143, 35185);\n script_xref(name:\"MDVSA\", value:\"2009:135\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2009:135)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nThe selinux_ip_postroute_iptables_compat function in\nsecurity/selinux/hooks.c in the SELinux subsystem in the Linux kernel\nbefore 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is\nenabled, omits calls to avc_has_perm for the (1) node and (2) port,\nwhich allows local users to bypass intended restrictions on network\ntraffic. NOTE: this was incorrectly reported as an issue fixed in\n2.6.27.21. (CVE-2009-1184)\n\nThe exit_notify function in kernel/exit.c in the Linux kernel before\n2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability\nis held, which allows local users to send an arbitrary signal to a\nprocess by running a program that modifies the exit_signal field and\nthen uses an exec system call to launch a setuid application.\n(CVE-2009-1337)\n\nThe (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages\nfunctions in drivers/char/agp/generic.c in the agp subsystem in the\nLinux kernel before 2.6.30-rc3 do not zero out pages that may later be\navailable to a user-space process, which allows local users to obtain\nsensitive information by reading these pages. (CVE-2009-1192)\n\nThe ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc,\nsparc64, and mips 64-bit platforms requires that a 32-bit argument in\na 64-bit register was properly sign extended when sent from a\nuser-mode application, but cannot verify this, which allows local\nusers to cause a denial of service (crash) or possibly gain privileges\nvia a crafted system call. (CVE-2009-0029)\n\nThe __inet6_check_established function in net/ipv6/inet6_hashtables.c\nin the Linux kernel before 2.6.29, when Network Namespace Support (aka\nNET_NS) is enabled, allows remote attackers to cause a denial of\nservice (NULL pointer dereference and system crash) via vectors\ninvolving IPv6 packets. (CVE-20090-1360)\n\nThe inode double locking code in fs/ocfs2/file.c in the Linux kernel\n2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before\n2.6.29.4, and possibly other versions down to 2.6.19 allows local\nusers to cause a denial of service (prevention of file creation and\nremoval) via a series of splice system calls that trigger a deadlock\nbetween the generic_file_splice_write, splice_from_pipe, and\nocfs2_file_splice_write functions. (CVE-2009-1961)\n\nInteger underflow in the e1000_clean_rx_irq function in\ndrivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel\nbefore 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel\nWired Ethernet (aka e1000) before 7.5.5 allows remote attackers to\ncause a denial of service (panic) via a crafted frame size.\n(CVE-2009-1385)\n\nThe nfs_permission function in fs/nfs/dir.c in the NFS client\nimplementation in the Linux kernel 2.6.29.3 and earlier, when\natomic_open is available, does not check execute (aka EXEC or\nMAY_EXEC) permission bits, which allows local users to bypass\npermissions and execute files, as demonstrated by files on an NFSv4\nfileserver. (CVE-2009-1630)\n\nAdditionally, the kernel package was updated to the Linux upstream\nstable version 2.6.27.24.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16, 20, 119, 189, 264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.27.24-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.24-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.24-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.24-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.24-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.27.24-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.24-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.27.24-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.24-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.24-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.24-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.24-desktop-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-2.6.27.24-desktop586-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.24-server-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20090615.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20090615.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-server-latest-0.5.1-1.20090615.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.24-desktop-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-2.6.27.24-desktop586-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.24-server-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-desktop-latest-2.3.0-1.20090615.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-desktop586-latest-2.3.0-1.20090615.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-server-latest-2.3.0-1.20090615.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.24-desktop-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-2.6.27.24-desktop586-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.24-server-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-desktop-latest-1.2.3-1.20090615.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-desktop586-latest-1.2.3-1.20090615.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-server-latest-1.2.3-1.20090615.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.24-desktop-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.24-desktop586-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.24-server-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20090615.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20090615.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20090615.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.24-desktop-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.27.24-desktop586-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.24-server-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-desktop-latest-8.522-1.20090615.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.522-1.20090615.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-server-latest-8.522-1.20090615.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.24-desktop-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-2.6.27.24-desktop586-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.24-server-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-desktop-latest-2.03.07-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-desktop586-latest-2.03.07-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-server-latest-2.03.07-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.24-desktop-1mnb-1.17-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.24-desktop586-1mnb-1.17-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.24-server-1mnb-1.17-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop-latest-1.17-1.20090615.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop586-latest-1.17-1.20090615.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-server-latest-1.17-1.20090615.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.24-desktop-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.27.24-desktop586-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.24-server-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-desktop-latest-7.68.00.13-1.20090615.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.68.00.13-1.20090615.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-server-latest-7.68.00.13-1.20090615.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.24-desktop-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-2.6.27.24-desktop586-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.24-server-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-desktop-latest-1.2-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-desktop586-latest-1.2-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-server-latest-1.2-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.24-desktop-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-2.6.27.24-desktop586-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.24-server-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-desktop-latest-0.4.16-1.20090615.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-desktop586-latest-0.4.16-1.20090615.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-server-latest-0.4.16-1.20090615.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-2.6.27.24-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-2.6.27.24-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-2.6.27.24-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-latest-2.6.27.24-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-latest-2.6.27.24-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.27.24-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.27.24-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.27.24-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.27.24-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-doc-2.6.27.24-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-2.6.27.24-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-2.6.27.24-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-latest-2.6.27.24-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-latest-2.6.27.24-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-2.6.27.24-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-latest-2.6.27.24-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.24-desktop-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-2.6.27.24-desktop586-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.24-server-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-desktop-latest-1.4.0pre1-1.20090615.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-desktop586-latest-1.4.0pre1-1.20090615.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-server-latest-1.4.0pre1-1.20090615.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.24-desktop-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-2.6.27.24-desktop586-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.24-server-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-desktop-latest-0.8.3-1.20090615.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.3-1.20090615.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-server-latest-0.8.3-1.20090615.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.24-desktop-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-2.6.27.24-desktop586-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.24-server-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-desktop-latest-4.43-1.20090615.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20090615.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-server-latest-4.43-1.20090615.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.24-desktop-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.27.24-desktop586-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.24-server-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-desktop-latest-0.9.4-1.20090615.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.4-1.20090615.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-server-latest-0.9.4-1.20090615.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.24-desktop-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.27.24-desktop586-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.24-server-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-desktop-latest-177.70-1.20090615.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-177.70-1.20090615.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-server-latest-177.70-1.20090615.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-2.6.27.24-desktop-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-2.6.27.24-desktop586-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-2.6.27.24-server-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-desktop-latest-173.14.12-1.20090615.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-desktop586-latest-173.14.12-1.20090615.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-server-latest-173.14.12-1.20090615.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.24-desktop-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-2.6.27.24-desktop586-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.24-server-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-desktop-latest-71.86.06-1.20090615.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-desktop586-latest-71.86.06-1.20090615.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-server-latest-71.86.06-1.20090615.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.24-desktop-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.27.24-desktop586-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.24-server-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.07-1.20090615.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.07-1.20090615.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-server-latest-96.43.07-1.20090615.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.24-desktop-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-2.6.27.24-desktop586-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.24-server-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-desktop-latest-0.8.0-1.20090615.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-desktop586-latest-0.8.0-1.20090615.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-server-latest-0.8.0-1.20090615.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.24-desktop-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-2.6.27.24-desktop586-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.24-server-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-desktop-latest-20080513-1.20090615.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-desktop586-latest-20080513-1.20090615.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-server-latest-20080513-1.20090615.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.24-desktop-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-2.6.27.24-desktop586-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.24-server-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-desktop-latest-0.4.2a-1.20090615.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-desktop586-latest-0.4.2a-1.20090615.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-server-latest-0.4.2a-1.20090615.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.24-desktop-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-2.6.27.24-desktop586-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.24-server-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-desktop-latest-1.5.9-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-desktop586-latest-1.5.9-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-server-latest-1.5.9-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.24-desktop-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-2.6.27.24-desktop586-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.24-server-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-desktop-latest-0.6.6-1.20090615.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-desktop586-latest-0.6.6-1.20090615.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-server-latest-0.6.6-1.20090615.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.24-desktop-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-2.6.27.24-desktop586-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.24-server-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-desktop-latest-1.7.0.0-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-desktop586-latest-1.7.0.0-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-server-latest-1.7.0.0-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.24-desktop-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-2.6.27.24-desktop586-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.24-server-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-desktop-latest-1.3.1.0-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-desktop586-latest-1.3.1.0-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-server-latest-1.3.1.0-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.24-desktop-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-2.6.27.24-desktop586-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.24-server-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-desktop-latest-1016.20080716-1.20090615.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-desktop586-latest-1016.20080716-1.20090615.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-server-latest-1016.20080716-1.20090615.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.24-desktop-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.24-desktop586-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.24-server-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20090615.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20090615.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20090615.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.24-desktop-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.27.24-desktop586-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.24-server-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20090615.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20090615.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20090615.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.24-desktop-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-2.6.27.24-desktop586-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.24-server-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-desktop-latest-0.37-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-desktop586-latest-0.37-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-server-latest-0.37-1.20090615.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.24-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.27.24-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.24-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-desktop-latest-2.0.2-1.20090615.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-desktop586-latest-2.0.2-1.20090615.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-server-latest-2.0.2-1.20090615.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.24-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.27.24-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.24-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-desktop-latest-2.0.2-1.20090615.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-desktop586-latest-2.0.2-1.20090615.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-server-latest-2.0.2-1.20090615.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.24-desktop-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-2.6.27.24-desktop586-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.24-server-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-desktop-latest-1.0.0-1.20090615.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-desktop586-latest-1.0.0-1.20090615.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-server-latest-1.0.0-1.20090615.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.24-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.27.24-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.24-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-desktop-latest-2.0.2-1.20090615.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-2.0.2-1.20090615.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-server-latest-2.0.2-1.20090615.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.24-desktop-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.27.24-desktop586-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.24-server-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20090615.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20090615.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20090615.3mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-13T15:12:34", "description": "a. Service Console update for COS kernel\n\n The service console package kernel is updated to version 2.4.21-63.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-5029, CVE-2008-5300, CVE-2009-1337, CVE-2009-1385, CVE-2009-1895, CVE-2009-2848, CVE-2009-3002, and CVE-2009-3547 to the security issues fixed in kernel-2.4.21-63.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-2698, CVE-2009-2692 to the security issues fixed in kernel-2.4.21-60.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2010-06-28T00:00:00", "type": "nessus", "title": "VMSA-2010-0010 : ESX 3.5 third-party update for Service Console kernel", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5029", "CVE-2008-5300", "CVE-2009-1337", "CVE-2009-1385", "CVE-2009-1895", "CVE-2009-2692", "CVE-2009-2698", "CVE-2009-2848", "CVE-2009-3002", "CVE-2009-3547"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:vmware:esx:3.5"], "id": "VMWARE_VMSA-2010-0010.NASL", "href": "https://www.tenable.com/plugins/nessus/47150", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from VMware Security Advisory 2010-0010. \n# The text itself is copyright (C) VMware Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47150);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2692\", \"CVE-2009-2698\", \"CVE-2009-2848\", \"CVE-2009-3002\", \"CVE-2009-3547\");\n script_bugtraq_id(32154, 34405, 35185, 35647, 35930, 36038, 36108, 36176, 36901);\n script_xref(name:\"VMSA\", value:\"2010-0010\");\n\n script_name(english:\"VMSA-2010-0010 : ESX 3.5 third-party update for Service Console kernel\");\n script_summary(english:\"Checks esxupdate output for the patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote VMware ESX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"a. Service Console update for COS kernel\n\n The service console package kernel is updated to version 2.4.21-63.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2008-5029, CVE-2008-5300, CVE-2009-1337,\n CVE-2009-1385, CVE-2009-1895, CVE-2009-2848, CVE-2009-3002, and\n CVE-2009-3547 to the security issues fixed in kernel-2.4.21-63.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-2698, CVE-2009-2692 to the security\n issues fixed in kernel-2.4.21-60.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.vmware.com/pipermail/security-announce/2010/000098.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply the missing patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Kernel Sendpage Local Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribu

OracleVM 2.1 : kernel (OVMSA-2009-0009)

Description

Related