ID REDHAT-RHSA-2012-0349.NASL Type nessus Reporter Tenable Modified 2016-05-26T00:00:00
Description
Red Hat Enterprise Linux 4 reaches end of Production Phase and transitions to Extended Life Phase.
On March 01, 2012, all Red Hat Enterprise Linux 4-based products listed below transition from the Production Phase to the Extended Life Phase :
Red Hat Enterprise Linux AS 4 Red Hat Enterprise Linux ES 4 Red Hat Enterprise Linux WS 4 Red Hat Desktop 4 Red Hat Global File System 4 Red Hat Cluster Suite 4
Red Hat offers support and services for each major release of Red Hat Enterprise Linux throughout four phases - Production 1, 2, and 3, and Extended Life Phase. For Red Hat Enterprise Linux 4, the Production Phase spans seven years, followed by a three-year Extended Life Phase. Together, these four phases constitute the 'life cycle'.
The specific support and services provided during each phase is described in detail at: http://redhat.com/rhel/lifecycle
On March 01, 2012, Red Hat Enterprise Linux 4 systems continue to be subscribed to Red Hat Enterprise Linux 4 channels on Red Hat Network (RHN), continue to require a Red Hat Enterprise Linux entitlement, and continue to have access to :
Limited technical support for existing Red Hat Enterprise Linux 4 deployments (for customers with Basic, Premium, or Standard support).
Previously released bug fixes (RHBAs), security errata (RHSAs), and product enhancements (RHEAs) via RHN. Software maintenance (new bug fix and security errata) are no longer provided for the Red Hat Enterprise Linux 4 product family.
Red Hat Knowledgebase and other content (white papers, reference architectures, etc.) found in the Red Hat Customer Portal.
Red Hat Enterprise Linux 4 documentation.
Please also note that new bug fix, security, or product enhancements advisories (RHBAs, RHSAs, and RHEAs) are no longer provided for the Red Hat Enterprise Linux 4 Add-Ons after March 01.
After March 01, you have several options. Your Red Hat subscription gives you continuous access to all active versions of the Red Hat software in both binary and source form, including all security updates and bug fixes. As Red Hat Enterprise Linux 4 transitions out of the Production Phase, we strongly recommend that you take full advantage of your subscription services and upgrade to Red Hat Enterprise Linux 5 or 6, which contain compelling new features and enablement for modern hardware platforms and ISV applications.
If you must remain on Red Hat Enterprise Linux 4, we recommend that you add the Red Hat Enterprise Linux Extended Life Cycle Support (ELS) Add-On subscription to your current Red Hat Enterprise Linux subscription. The ELS Add-On complements your Red Hat Enterprise Linux subscription and provides software maintenance services not otherwise available in the Extended Life Phase. Customers who purchase the ELS Add-On continue to receive software maintenance (critical impact security and urgent priority bug fixes) and technical support as provided in the Production 3 Phase. ELS is available for up to three years and requires that you have an existing Red Hat Enterprise Linux subscription with equivalent subscription terms and support level.
For more information on the Red Hat Enterprise Linux ELS Add-On, visit: http://www.redhat.com/products/enterprise-linux-add-ons/ extended-lifecycle-support/
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2012:0349. The text
# itself is copyright (C) Red Hat, Inc.
#
if (NASL_LEVEL < 3000) exit(0);
include("compat.inc");
if (description)
{
script_id(58194);
script_version ("$Revision: 1.8 $");
script_cvs_date("$Date: 2016/05/26 16:14:07 $");
script_xref(name:"RHSA", value:"2012:0349");
script_name(english:"RHEL 4 : redhat-release (EOL Notice) (RHSA-2012:0349)");
script_summary(english:"Checks rpm output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Red Hat host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Red Hat Enterprise Linux 4 reaches end of Production Phase and
transitions to Extended Life Phase.
On March 01, 2012, all Red Hat Enterprise Linux 4-based products
listed below transition from the Production Phase to the Extended Life
Phase :
Red Hat Enterprise Linux AS 4 Red Hat Enterprise Linux ES 4 Red Hat
Enterprise Linux WS 4 Red Hat Desktop 4 Red Hat Global File System 4
Red Hat Cluster Suite 4
Red Hat offers support and services for each major release of Red Hat
Enterprise Linux throughout four phases - Production 1, 2, and 3,
and Extended Life Phase. For Red Hat Enterprise Linux 4, the
Production Phase spans seven years, followed by a three-year Extended
Life Phase. Together, these four phases constitute the 'life cycle'.
The specific support and services provided during each phase is
described in detail at: http://redhat.com/rhel/lifecycle
On March 01, 2012, Red Hat Enterprise Linux 4 systems continue to be
subscribed to Red Hat Enterprise Linux 4 channels on Red Hat Network
(RHN), continue to require a Red Hat Enterprise Linux entitlement, and
continue to have access to :
* Limited technical support for existing Red Hat Enterprise Linux 4
deployments (for customers with Basic, Premium, or Standard support).
* Previously released bug fixes (RHBAs), security errata (RHSAs), and
product enhancements (RHEAs) via RHN. Software maintenance (new bug
fix and security errata) are no longer provided for the Red Hat
Enterprise Linux 4 product family.
* Red Hat Knowledgebase and other content (white papers, reference
architectures, etc.) found in the Red Hat Customer Portal.
* Red Hat Enterprise Linux 4 documentation.
Please also note that new bug fix, security, or product enhancements
advisories (RHBAs, RHSAs, and RHEAs) are no longer provided for the
Red Hat Enterprise Linux 4 Add-Ons after March 01.
After March 01, you have several options. Your Red Hat subscription
gives you continuous access to all active versions of the Red Hat
software in both binary and source form, including all security
updates and bug fixes. As Red Hat Enterprise Linux 4 transitions out
of the Production Phase, we strongly recommend that you take full
advantage of your subscription services and upgrade to Red Hat
Enterprise Linux 5 or 6, which contain compelling new features and
enablement for modern hardware platforms and ISV applications.
If you must remain on Red Hat Enterprise Linux 4, we recommend that
you add the Red Hat Enterprise Linux Extended Life Cycle Support (ELS)
Add-On subscription to your current Red Hat Enterprise Linux
subscription. The ELS Add-On complements your Red Hat Enterprise Linux
subscription and provides software maintenance services not otherwise
available in the Extended Life Phase. Customers who purchase the ELS
Add-On continue to receive software maintenance (critical impact
security and urgent priority bug fixes) and technical support as
provided in the Production 3 Phase. ELS is available for up to three
years and requires that you have an existing Red Hat Enterprise Linux
subscription with equivalent subscription terms and support level.
For more information on the Red Hat Enterprise Linux ELS Add-On,
visit: http://www.redhat.com/products/enterprise-linux-add-ons/
extended-lifecycle-support/"
);
script_set_attribute(
attribute:"see_also",
value:"http://www.redhat.com/products/enterprise-linux-add-ons/"
);
script_set_attribute(
attribute:"see_also",
value:"http://redhat.com/rhel/lifecycle"
);
script_set_attribute(
attribute:"see_also",
value:"http://rhn.redhat.com/errata/RHSA-2012-0349.html"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected redhat-release package."
);
script_set_attribute(attribute:"risk_factor", value:"High");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:redhat-release");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
script_set_attribute(attribute:"patch_publication_date", value:"2012/03/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/03/02");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.");
script_family(english:"Red Hat Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
flag = 0;
if (rpm_check(release:"RHEL4", reference:"redhat-release-4AS-10.10")) flag++;
if (rpm_check(release:"RHEL4", cpu:"i386", reference:"redhat-release-4WS-10.10")) flag++;
if (rpm_check(release:"RHEL4", cpu:"i386", reference:"redhat-release-4ES-10.10")) flag++;
if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"redhat-release-4ES-10.10")) flag++;
if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"redhat-release-4WS-10.10")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"published": "2012-03-02T00:00:00", "id": "REDHAT-RHSA-2012-0349.NASL", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [{"differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:40", "bulletin": {"enchantments": {}, "published": "2012-03-02T00:00:00", "id": "REDHAT-RHSA-2012-0349.NASL", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [], "cpe": [], "hash": "b91b31db2a623ae373c8c9b010ffae3b69ddf8f704fcbc69303fddb617740c08", "description": "Red Hat Enterprise Linux 4 reaches end of Production Phase and transitions to Extended Life Phase.\n\nOn March 01, 2012, all Red Hat Enterprise Linux 4-based products listed below transition from the Production Phase to the Extended Life Phase :\n\nRed Hat Enterprise Linux AS 4 Red Hat Enterprise Linux ES 4 Red Hat Enterprise Linux WS 4 Red Hat Desktop 4 Red Hat Global File System 4 Red Hat Cluster Suite 4\n\nRed Hat offers support and services for each major release of Red Hat Enterprise Linux throughout four phases - Production 1, 2, and 3, and Extended Life Phase. For Red Hat Enterprise Linux 4, the Production Phase spans seven years, followed by a three-year Extended Life Phase. Together, these four phases constitute the 'life cycle'.\nThe specific support and services provided during each phase is described in detail at: http://redhat.com/rhel/lifecycle\n\nOn March 01, 2012, Red Hat Enterprise Linux 4 systems continue to be subscribed to Red Hat Enterprise Linux 4 channels on Red Hat Network (RHN), continue to require a Red Hat Enterprise Linux entitlement, and continue to have access to :\n\n* Limited technical support for existing Red Hat Enterprise Linux 4 deployments (for customers with Basic, Premium, or Standard support).\n\n* Previously released bug fixes (RHBAs), security errata (RHSAs), and product enhancements (RHEAs) via RHN. Software maintenance (new bug fix and security errata) are no longer provided for the Red Hat Enterprise Linux 4 product family.\n\n* Red Hat Knowledgebase and other content (white papers, reference architectures, etc.) found in the Red Hat Customer Portal.\n\n* Red Hat Enterprise Linux 4 documentation.\n\nPlease also note that new bug fix, security, or product enhancements advisories (RHBAs, RHSAs, and RHEAs) are no longer provided for the Red Hat Enterprise Linux 4 Add-Ons after March 01.\n\nAfter March 01, you have several options. Your Red Hat subscription gives you continuous access to all active versions of the Red Hat software in both binary and source form, including all security updates and bug fixes. As Red Hat Enterprise Linux 4 transitions out of the Production Phase, we strongly recommend that you take full advantage of your subscription services and upgrade to Red Hat Enterprise Linux 5 or 6, which contain compelling new features and enablement for modern hardware platforms and ISV applications.\n\nIf you must remain on Red Hat Enterprise Linux 4, we recommend that you add the Red Hat Enterprise Linux Extended Life Cycle Support (ELS) Add-On subscription to your current Red Hat Enterprise Linux subscription. The ELS Add-On complements your Red Hat Enterprise Linux subscription and provides software maintenance services not otherwise available in the Extended Life Phase. Customers who purchase the ELS Add-On continue to receive software maintenance (critical impact security and urgent priority bug fixes) and technical support as provided in the Production 3 Phase. ELS is available for up to three years and requires that you have an existing Red Hat Enterprise Linux subscription with equivalent subscription terms and support level.\n\nFor more information on the Red Hat Enterprise Linux ELS Add-On, visit: http://www.redhat.com/products/enterprise-linux-add-ons/ extended-lifecycle-support/", "type": "nessus", "pluginID": "58194", "lastseen": "2016-09-26T17:26:40", "edition": 1, "title": "RHEL 4 : redhat-release (EOL Notice) (RHSA-2012:0349)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=58194", "modified": "2016-05-26T00:00:00", "bulletinFamily": "scanner", "viewCount": 2, "cvelist": [], "references": ["http://www.redhat.com/products/enterprise-linux-add-ons/", "http://redhat.com/rhel/lifecycle", "http://rhn.redhat.com/errata/RHSA-2012-0349.html"], "naslFamily": "Red Hat Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0349. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58194);\n script_version (\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2016/05/26 16:14:07 $\");\n\n script_xref(name:\"RHSA\", value:\"2012:0349\");\n\n script_name(english:\"RHEL 4 : redhat-release (EOL Notice) (RHSA-2012:0349)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Red Hat Enterprise Linux 4 reaches end of Production Phase and\ntransitions to Extended Life Phase.\n\nOn March 01, 2012, all Red Hat Enterprise Linux 4-based products\nlisted below transition from the Production Phase to the Extended Life\nPhase :\n\nRed Hat Enterprise Linux AS 4 Red Hat Enterprise Linux ES 4 Red Hat\nEnterprise Linux WS 4 Red Hat Desktop 4 Red Hat Global File System 4\nRed Hat Cluster Suite 4\n\nRed Hat offers support and services for each major release of Red Hat\nEnterprise Linux throughout four phases - Production 1, 2, and 3,\nand Extended Life Phase. For Red Hat Enterprise Linux 4, the\nProduction Phase spans seven years, followed by a three-year Extended\nLife Phase. Together, these four phases constitute the 'life cycle'.\nThe specific support and services provided during each phase is\ndescribed in detail at: http://redhat.com/rhel/lifecycle\n\nOn March 01, 2012, Red Hat Enterprise Linux 4 systems continue to be\nsubscribed to Red Hat Enterprise Linux 4 channels on Red Hat Network\n(RHN), continue to require a Red Hat Enterprise Linux entitlement, and\ncontinue to have access to :\n\n* Limited technical support for existing Red Hat Enterprise Linux 4\ndeployments (for customers with Basic, Premium, or Standard support).\n\n* Previously released bug fixes (RHBAs), security errata (RHSAs), and\nproduct enhancements (RHEAs) via RHN. Software maintenance (new bug\nfix and security errata) are no longer provided for the Red Hat\nEnterprise Linux 4 product family.\n\n* Red Hat Knowledgebase and other content (white papers, reference\narchitectures, etc.) found in the Red Hat Customer Portal.\n\n* Red Hat Enterprise Linux 4 documentation.\n\nPlease also note that new bug fix, security, or product enhancements\nadvisories (RHBAs, RHSAs, and RHEAs) are no longer provided for the\nRed Hat Enterprise Linux 4 Add-Ons after March 01.\n\nAfter March 01, you have several options. Your Red Hat subscription\ngives you continuous access to all active versions of the Red Hat\nsoftware in both binary and source form, including all security\nupdates and bug fixes. As Red Hat Enterprise Linux 4 transitions out\nof the Production Phase, we strongly recommend that you take full\nadvantage of your subscription services and upgrade to Red Hat\nEnterprise Linux 5 or 6, which contain compelling new features and\nenablement for modern hardware platforms and ISV applications.\n\nIf you must remain on Red Hat Enterprise Linux 4, we recommend that\nyou add the Red Hat Enterprise Linux Extended Life Cycle Support (ELS)\nAdd-On subscription to your current Red Hat Enterprise Linux\nsubscription. The ELS Add-On complements your Red Hat Enterprise Linux\nsubscription and provides software maintenance services not otherwise\navailable in the Extended Life Phase. Customers who purchase the ELS\nAdd-On continue to receive software maintenance (critical impact\nsecurity and urgent priority bug fixes) and technical support as\nprovided in the Production 3 Phase. ELS is available for up to three\nyears and requires that you have an existing Red Hat Enterprise Linux\nsubscription with equivalent subscription terms and support level.\n\nFor more information on the Red Hat Enterprise Linux ELS Add-On,\nvisit: http://www.redhat.com/products/enterprise-linux-add-ons/\nextended-lifecycle-support/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.redhat.com/products/enterprise-linux-add-ons/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://redhat.com/rhel/lifecycle\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2012-0349.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected redhat-release package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-release\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL4\", reference:\"redhat-release-4AS-10.10\")) flag++;\nif (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"redhat-release-4WS-10.10\")) flag++;\nif (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"redhat-release-4ES-10.10\")) flag++;\nif (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"redhat-release-4ES-10.10\")) flag++;\nif (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"redhat-release-4WS-10.10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "51aa3ca1d7fe154284dd30fe6ba69341", "key": "pluginID"}, {"hash": "fb24155a690eb9e66956d88cf301d33a", "key": "published"}, {"hash": "e3894c38e4946d267390890dcf2755d8", "key": "title"}, {"hash": "6b29a192a1eb45d87374d0411ad5b8b3", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "89d2dea949d89358ab2196e657ea5f6d", "key": "href"}, {"hash": "c8571003312c639b09f705116ae1cd1a", "key": "sourceData"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "08d1a42fce478b38da27a967591bcfc4", "key": "description"}, {"hash": "990ef025bed13c694a12ba5936c1dffc", "key": "references"}], "objectVersion": "1.2"}}], "description": "Red Hat Enterprise Linux 4 reaches end of Production Phase and transitions to Extended Life Phase.\n\nOn March 01, 2012, all Red Hat Enterprise Linux 4-based products listed below transition from the Production Phase to the Extended Life Phase :\n\nRed Hat Enterprise Linux AS 4 Red Hat Enterprise Linux ES 4 Red Hat Enterprise Linux WS 4 Red Hat Desktop 4 Red Hat Global File System 4 Red Hat Cluster Suite 4\n\nRed Hat offers support and services for each major release of Red Hat Enterprise Linux throughout four phases - Production 1, 2, and 3, and Extended Life Phase. For Red Hat Enterprise Linux 4, the Production Phase spans seven years, followed by a three-year Extended Life Phase. Together, these four phases constitute the 'life cycle'.\nThe specific support and services provided during each phase is described in detail at: http://redhat.com/rhel/lifecycle\n\nOn March 01, 2012, Red Hat Enterprise Linux 4 systems continue to be subscribed to Red Hat Enterprise Linux 4 channels on Red Hat Network (RHN), continue to require a Red Hat Enterprise Linux entitlement, and continue to have access to :\n\n* Limited technical support for existing Red Hat Enterprise Linux 4 deployments (for customers with Basic, Premium, or Standard support).\n\n* Previously released bug fixes (RHBAs), security errata (RHSAs), and product enhancements (RHEAs) via RHN. Software maintenance (new bug fix and security errata) are no longer provided for the Red Hat Enterprise Linux 4 product family.\n\n* Red Hat Knowledgebase and other content (white papers, reference architectures, etc.) found in the Red Hat Customer Portal.\n\n* Red Hat Enterprise Linux 4 documentation.\n\nPlease also note that new bug fix, security, or product enhancements advisories (RHBAs, RHSAs, and RHEAs) are no longer provided for the Red Hat Enterprise Linux 4 Add-Ons after March 01.\n\nAfter March 01, you have several options. Your Red Hat subscription gives you continuous access to all active versions of the Red Hat software in both binary and source form, including all security updates and bug fixes. As Red Hat Enterprise Linux 4 transitions out of the Production Phase, we strongly recommend that you take full advantage of your subscription services and upgrade to Red Hat Enterprise Linux 5 or 6, which contain compelling new features and enablement for modern hardware platforms and ISV applications.\n\nIf you must remain on Red Hat Enterprise Linux 4, we recommend that you add the Red Hat Enterprise Linux Extended Life Cycle Support (ELS) Add-On subscription to your current Red Hat Enterprise Linux subscription. The ELS Add-On complements your Red Hat Enterprise Linux subscription and provides software maintenance services not otherwise available in the Extended Life Phase. Customers who purchase the ELS Add-On continue to receive software maintenance (critical impact security and urgent priority bug fixes) and technical support as provided in the Production 3 Phase. ELS is available for up to three years and requires that you have an existing Red Hat Enterprise Linux subscription with equivalent subscription terms and support level.\n\nFor more information on the Red Hat Enterprise Linux ELS Add-On, visit: http://www.redhat.com/products/enterprise-linux-add-ons/ extended-lifecycle-support/", "hash": "399ddff4e634823ee50618763e6db5128fbe3485895ea7e854f39ab5dd81a867", "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "type": "nessus", "pluginID": "58194", "lastseen": "2017-10-29T13:45:41", "edition": 2, "cpe": ["cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:redhat-release"], "title": "RHEL 4 : redhat-release (EOL Notice) (RHSA-2012:0349)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=58194", "modified": "2016-05-26T00:00:00", "bulletinFamily": "scanner", "viewCount": 2, "cvelist": [], "references": ["http://www.redhat.com/products/enterprise-linux-add-ons/", "http://redhat.com/rhel/lifecycle", "http://rhn.redhat.com/errata/RHSA-2012-0349.html"], "naslFamily": "Red Hat Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0349. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58194);\n script_version (\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2016/05/26 16:14:07 $\");\n\n script_xref(name:\"RHSA\", value:\"2012:0349\");\n\n script_name(english:\"RHEL 4 : redhat-release (EOL Notice) (RHSA-2012:0349)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Red Hat Enterprise Linux 4 reaches end of Production Phase and\ntransitions to Extended Life Phase.\n\nOn March 01, 2012, all Red Hat Enterprise Linux 4-based products\nlisted below transition from the Production Phase to the Extended Life\nPhase :\n\nRed Hat Enterprise Linux AS 4 Red Hat Enterprise Linux ES 4 Red Hat\nEnterprise Linux WS 4 Red Hat Desktop 4 Red Hat Global File System 4\nRed Hat Cluster Suite 4\n\nRed Hat offers support and services for each major release of Red Hat\nEnterprise Linux throughout four phases - Production 1, 2, and 3,\nand Extended Life Phase. For Red Hat Enterprise Linux 4, the\nProduction Phase spans seven years, followed by a three-year Extended\nLife Phase. Together, these four phases constitute the 'life cycle'.\nThe specific support and services provided during each phase is\ndescribed in detail at: http://redhat.com/rhel/lifecycle\n\nOn March 01, 2012, Red Hat Enterprise Linux 4 systems continue to be\nsubscribed to Red Hat Enterprise Linux 4 channels on Red Hat Network\n(RHN), continue to require a Red Hat Enterprise Linux entitlement, and\ncontinue to have access to :\n\n* Limited technical support for existing Red Hat Enterprise Linux 4\ndeployments (for customers with Basic, Premium, or Standard support).\n\n* Previously released bug fixes (RHBAs), security errata (RHSAs), and\nproduct enhancements (RHEAs) via RHN. Software maintenance (new bug\nfix and security errata) are no longer provided for the Red Hat\nEnterprise Linux 4 product family.\n\n* Red Hat Knowledgebase and other content (white papers, reference\narchitectures, etc.) found in the Red Hat Customer Portal.\n\n* Red Hat Enterprise Linux 4 documentation.\n\nPlease also note that new bug fix, security, or product enhancements\nadvisories (RHBAs, RHSAs, and RHEAs) are no longer provided for the\nRed Hat Enterprise Linux 4 Add-Ons after March 01.\n\nAfter March 01, you have several options. Your Red Hat subscription\ngives you continuous access to all active versions of the Red Hat\nsoftware in both binary and source form, including all security\nupdates and bug fixes. As Red Hat Enterprise Linux 4 transitions out\nof the Production Phase, we strongly recommend that you take full\nadvantage of your subscription services and upgrade to Red Hat\nEnterprise Linux 5 or 6, which contain compelling new features and\nenablement for modern hardware platforms and ISV applications.\n\nIf you must remain on Red Hat Enterprise Linux 4, we recommend that\nyou add the Red Hat Enterprise Linux Extended Life Cycle Support (ELS)\nAdd-On subscription to your current Red Hat Enterprise Linux\nsubscription. The ELS Add-On complements your Red Hat Enterprise Linux\nsubscription and provides software maintenance services not otherwise\navailable in the Extended Life Phase. Customers who purchase the ELS\nAdd-On continue to receive software maintenance (critical impact\nsecurity and urgent priority bug fixes) and technical support as\nprovided in the Production 3 Phase. ELS is available for up to three\nyears and requires that you have an existing Red Hat Enterprise Linux\nsubscription with equivalent subscription terms and support level.\n\nFor more information on the Red Hat Enterprise Linux ELS Add-On,\nvisit: http://www.redhat.com/products/enterprise-linux-add-ons/\nextended-lifecycle-support/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.redhat.com/products/enterprise-linux-add-ons/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://redhat.com/rhel/lifecycle\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2012-0349.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected redhat-release package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-release\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL4\", reference:\"redhat-release-4AS-10.10\")) flag++;\nif (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"redhat-release-4WS-10.10\")) flag++;\nif (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"redhat-release-4ES-10.10\")) flag++;\nif (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"redhat-release-4ES-10.10\")) flag++;\nif (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"redhat-release-4WS-10.10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "hashmap": [{"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "be9515b3187502c433acf2f8162e83ca", "key": "cpe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "08d1a42fce478b38da27a967591bcfc4", "key": "description"}, {"hash": "89d2dea949d89358ab2196e657ea5f6d", "key": "href"}, {"hash": "6b29a192a1eb45d87374d0411ad5b8b3", "key": "modified"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}, {"hash": "51aa3ca1d7fe154284dd30fe6ba69341", "key": "pluginID"}, {"hash": "fb24155a690eb9e66956d88cf301d33a", "key": "published"}, {"hash": "990ef025bed13c694a12ba5936c1dffc", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "c8571003312c639b09f705116ae1cd1a", "key": "sourceData"}, {"hash": "e3894c38e4946d267390890dcf2755d8", "key": "title"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "objectVersion": "1.3"}
{"nessus": [{"lastseen": "2018-09-02T00:10:29", "references": ["https://oss.oracle.com/pipermail/el-errata/2013-April/003431.html"], "pluginID": "68807", "description": "From Red Hat Security Advisory 2013:0744 :\n\nUpdated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSecurity :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the Intel i915 driver in the Linux kernel handled the allocation of the buffer used for relocation copies. A local user with console access could use this flaw to cause a denial of service or escalate their privileges. (CVE-2013-0913, Important)\n\n* A buffer overflow flaw was found in the way UTF-8 characters were converted to UTF-16 in the utf8s_to_utf16s() function of the Linux kernel's FAT file system implementation. A local user able to mount a FAT file system with the 'utf8=1' option could use this flaw to crash the system or, potentially, to escalate their privileges.\n(CVE-2013-1773, Important)\n\n* A flaw was found in the way KVM handled guest time updates when the buffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine state register (MSR) crossed a page boundary. A privileged guest user could use this flaw to crash the host or, potentially, escalate their privileges, allowing them to execute arbitrary code at the host kernel level. (CVE-2013-1796, Important)\n\n* A potential use-after-free flaw was found in the way KVM handled guest time updates when the GPA (guest physical address) the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine state register (MSR) fell into a movable or removable memory region of the hosting user-space process (by default, QEMU-KVM) on the host. If that memory region is deregistered from KVM using KVM_SET_USER_MEMORY_REGION and the allocated virtual memory reused, a privileged guest user could potentially use this flaw to escalate their privileges on the host. (CVE-2013-1797, Important)\n\n* A flaw was found in the way KVM emulated IOAPIC (I/O Advanced Programmable Interrupt Controller). A missing validation check in the ioapic_read_indirect() function could allow a privileged guest user to crash the host, or read a substantial portion of host kernel memory.\n(CVE-2013-1798, Important)\n\n* A race condition in install_user_keyrings(), leading to a NULL pointer dereference, was found in the key management facility. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2013-1792, Moderate)\n\n* A NULL pointer dereference in the XFRM implementation could allow a local user who has the CAP_NET_ADMIN capability to cause a denial of service. (CVE-2013-1826, Moderate)\n\n* A NULL pointer dereference in the Datagram Congestion Control Protocol (DCCP) implementation could allow a local user to cause a denial of service. (CVE-2013-1827, Moderate)\n\n* Information leak flaws in the XFRM implementation could allow a local user who has the CAP_NET_ADMIN capability to leak kernel stack memory to user-space. (CVE-2012-6537, Low)\n\n* Two information leak flaws in the Asynchronous Transfer Mode (ATM) subsystem could allow a local, unprivileged user to leak kernel stack memory to user-space. (CVE-2012-6546, Low)\n\n* An information leak was found in the TUN/TAP device driver in the networking implementation. A local user with access to a TUN/TAP virtual interface could use this flaw to leak kernel stack memory to user-space. (CVE-2012-6547, Low)\n\n* An information leak in the Bluetooth implementation could allow a local user who has the CAP_NET_ADMIN capability to leak kernel stack memory to user-space. (CVE-2013-0349, Low)\n\n* A use-after-free flaw was found in the tmpfs implementation. A local user able to mount and unmount a tmpfs file system could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1767, Low)\n\n* A NULL pointer dereference was found in the Linux kernel's USB Inside Out Edgeport Serial Driver implementation. An attacker with physical access to a system could use this flaw to cause a denial of service. (CVE-2013-1774, Low)\n\nRed Hat would like to thank Andrew Honig of Google for reporting CVE-2013-1796, CVE-2013-1797, and CVE-2013-1798. CVE-2013-1792 was discovered by Mateusz Guzik of Red Hat EMEA GSS SEG Team.", "edition": 5, "reporter": "Tenable", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : kernel (ELSA-2013-0744)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6546", "CVE-2013-1797", "CVE-2013-1767", "CVE-2012-6537", "CVE-2013-1827", "CVE-2013-1792", "CVE-2013-1826", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6547", "CVE-2013-1773", "CVE-2013-0913", "CVE-2012-6538", "CVE-2013-1796", "CVE-2013-1798"], "modified": "2018-07-18T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2013-0744.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=68807", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0744 and \n# Oracle Linux Security Advisory ELSA-2013-0744 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68807);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2012-6537\", \"CVE-2012-6538\", \"CVE-2012-6546\", \"CVE-2012-6547\", \"CVE-2013-0349\", \"CVE-2013-0913\", \"CVE-2013-1767\", \"CVE-2013-1773\", \"CVE-2013-1774\", \"CVE-2013-1792\", \"CVE-2013-1796\", \"CVE-2013-1797\", \"CVE-2013-1798\", \"CVE-2013-1826\", \"CVE-2013-1827\");\n script_bugtraq_id(58112, 58177, 58200, 58202, 58368, 58381, 58383, 58427, 58604, 58605, 58607, 58977, 58992, 58996);\n script_xref(name:\"RHSA\", value:\"2013:0744\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2013-0744)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0744 :\n\nUpdated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSecurity :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow,\nwas found in the way the Intel i915 driver in the Linux kernel handled\nthe allocation of the buffer used for relocation copies. A local user\nwith console access could use this flaw to cause a denial of service\nor escalate their privileges. (CVE-2013-0913, Important)\n\n* A buffer overflow flaw was found in the way UTF-8 characters were\nconverted to UTF-16 in the utf8s_to_utf16s() function of the Linux\nkernel's FAT file system implementation. A local user able to mount a\nFAT file system with the 'utf8=1' option could use this flaw to crash\nthe system or, potentially, to escalate their privileges.\n(CVE-2013-1773, Important)\n\n* A flaw was found in the way KVM handled guest time updates when the\nbuffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME\nmachine state register (MSR) crossed a page boundary. A privileged\nguest user could use this flaw to crash the host or, potentially,\nescalate their privileges, allowing them to execute arbitrary code at\nthe host kernel level. (CVE-2013-1796, Important)\n\n* A potential use-after-free flaw was found in the way KVM handled\nguest time updates when the GPA (guest physical address) the guest\nregistered by writing to the MSR_KVM_SYSTEM_TIME machine state\nregister (MSR) fell into a movable or removable memory region of the\nhosting user-space process (by default, QEMU-KVM) on the host. If that\nmemory region is deregistered from KVM using\nKVM_SET_USER_MEMORY_REGION and the allocated virtual memory reused, a\nprivileged guest user could potentially use this flaw to escalate\ntheir privileges on the host. (CVE-2013-1797, Important)\n\n* A flaw was found in the way KVM emulated IOAPIC (I/O Advanced\nProgrammable Interrupt Controller). A missing validation check in the\nioapic_read_indirect() function could allow a privileged guest user to\ncrash the host, or read a substantial portion of host kernel memory.\n(CVE-2013-1798, Important)\n\n* A race condition in install_user_keyrings(), leading to a NULL\npointer dereference, was found in the key management facility. A\nlocal, unprivileged user could use this flaw to cause a denial of\nservice. (CVE-2013-1792, Moderate)\n\n* A NULL pointer dereference in the XFRM implementation could allow a\nlocal user who has the CAP_NET_ADMIN capability to cause a denial of\nservice. (CVE-2013-1826, Moderate)\n\n* A NULL pointer dereference in the Datagram Congestion Control\nProtocol (DCCP) implementation could allow a local user to cause a\ndenial of service. (CVE-2013-1827, Moderate)\n\n* Information leak flaws in the XFRM implementation could allow a\nlocal user who has the CAP_NET_ADMIN capability to leak kernel stack\nmemory to user-space. (CVE-2012-6537, Low)\n\n* Two information leak flaws in the Asynchronous Transfer Mode (ATM)\nsubsystem could allow a local, unprivileged user to leak kernel stack\nmemory to user-space. (CVE-2012-6546, Low)\n\n* An information leak was found in the TUN/TAP device driver in the\nnetworking implementation. A local user with access to a TUN/TAP\nvirtual interface could use this flaw to leak kernel stack memory to\nuser-space. (CVE-2012-6547, Low)\n\n* An information leak in the Bluetooth implementation could allow a\nlocal user who has the CAP_NET_ADMIN capability to leak kernel stack\nmemory to user-space. (CVE-2013-0349, Low)\n\n* A use-after-free flaw was found in the tmpfs implementation. A local\nuser able to mount and unmount a tmpfs file system could use this flaw\nto cause a denial of service or, potentially, escalate their\nprivileges. (CVE-2013-1767, Low)\n\n* A NULL pointer dereference was found in the Linux kernel's USB\nInside Out Edgeport Serial Driver implementation. An attacker with\nphysical access to a system could use this flaw to cause a denial of\nservice. (CVE-2013-1774, Low)\n\nRed Hat would like to thank Andrew Honig of Google for reporting\nCVE-2013-1796, CVE-2013-1797, and CVE-2013-1798. CVE-2013-1792 was\ndiscovered by Mateusz Guzik of Red Hat EMEA GSS SEG Team.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-April/003431.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-358.6.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-358.6.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-358.6.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-358.6.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-358.6.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-358.6.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-358.6.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-358.6.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-358.6.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-13T17:11:13", "references": ["https://access.redhat.com/security/cve/cve-2012-6537", "https://access.redhat.com/errata/RHSA-2013:0744", "https://access.redhat.com/security/cve/cve-2013-0913", "https://access.redhat.com/security/cve/cve-2012-6546", "https://access.redhat.com/security/cve/cve-2013-1774", "https://access.redhat.com/security/cve/cve-2013-1827", "https://access.redhat.com/security/cve/cve-2013-1767", "https://access.redhat.com/security/cve/cve-2013-1826", "https://access.redhat.com/security/cve/cve-2013-0349", "https://access.redhat.com/security/cve/cve-2013-1798", "https://access.redhat.com/security/cve/cve-2013-1773", "https://access.redhat.com/security/cve/cve-2013-1796", "https://access.redhat.com/security/cve/cve-2012-6547", "https://access.redhat.com/security/cve/cve-2012-6538", "https://access.redhat.com/security/cve/cve-2013-1792", "http://www.nessus.org/u?c6b506c4", "https://access.redhat.com/security/cve/cve-2013-1797"], "pluginID": "66192", "description": "Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSecurity :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the Intel i915 driver in the Linux kernel handled the allocation of the buffer used for relocation copies. A local user with console access could use this flaw to cause a denial of service or escalate their privileges. (CVE-2013-0913, Important)\n\n* A buffer overflow flaw was found in the way UTF-8 characters were converted to UTF-16 in the utf8s_to_utf16s() function of the Linux kernel's FAT file system implementation. A local user able to mount a FAT file system with the 'utf8=1' option could use this flaw to crash the system or, potentially, to escalate their privileges.\n(CVE-2013-1773, Important)\n\n* A flaw was found in the way KVM handled guest time updates when the buffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine state register (MSR) crossed a page boundary. A privileged guest user could use this flaw to crash the host or, potentially, escalate their privileges, allowing them to execute arbitrary code at the host kernel level. (CVE-2013-1796, Important)\n\n* A potential use-after-free flaw was found in the way KVM handled guest time updates when the GPA (guest physical address) the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine state register (MSR) fell into a movable or removable memory region of the hosting user-space process (by default, QEMU-KVM) on the host. If that memory region is deregistered from KVM using KVM_SET_USER_MEMORY_REGION and the allocated virtual memory reused, a privileged guest user could potentially use this flaw to escalate their privileges on the host. (CVE-2013-1797, Important)\n\n* A flaw was found in the way KVM emulated IOAPIC (I/O Advanced Programmable Interrupt Controller). A missing validation check in the ioapic_read_indirect() function could allow a privileged guest user to crash the host, or read a substantial portion of host kernel memory.\n(CVE-2013-1798, Important)\n\n* A race condition in install_user_keyrings(), leading to a NULL pointer dereference, was found in the key management facility. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2013-1792, Moderate)\n\n* A NULL pointer dereference in the XFRM implementation could allow a local user who has the CAP_NET_ADMIN capability to cause a denial of service. (CVE-2013-1826, Moderate)\n\n* A NULL pointer dereference in the Datagram Congestion Control Protocol (DCCP) implementation could allow a local user to cause a denial of service. (CVE-2013-1827, Moderate)\n\n* Information leak flaws in the XFRM implementation could allow a local user who has the CAP_NET_ADMIN capability to leak kernel stack memory to user-space. (CVE-2012-6537, Low)\n\n* Two information leak flaws in the Asynchronous Transfer Mode (ATM) subsystem could allow a local, unprivileged user to leak kernel stack memory to user-space. (CVE-2012-6546, Low)\n\n* An information leak was found in the TUN/TAP device driver in the networking implementation. A local user with access to a TUN/TAP virtual interface could use this flaw to leak kernel stack memory to user-space. (CVE-2012-6547, Low)\n\n* An information leak in the Bluetooth implementation could allow a local user who has the CAP_NET_ADMIN capability to leak kernel stack memory to user-space. (CVE-2013-0349, Low)\n\n* A use-after-free flaw was found in the tmpfs implementation. A local user able to mount and unmount a tmpfs file system could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1767, Low)\n\n* A NULL pointer dereference was found in the Linux kernel's USB Inside Out Edgeport Serial Driver implementation. An attacker with physical access to a system could use this flaw to cause a denial of service. (CVE-2013-1774, Low)\n\nRed Hat would like to thank Andrew Honig of Google for reporting CVE-2013-1796, CVE-2013-1797, and CVE-2013-1798. CVE-2013-1792 was discovered by Mateusz Guzik of Red Hat EMEA GSS SEG Team.", "edition": 8, "reporter": "Tenable", "published": "2013-04-24T00:00:00", "title": "RHEL 6 : kernel (RHSA-2013:0744)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6546", "CVE-2013-1797", "CVE-2013-1767", "CVE-2012-6537", "CVE-2013-1827", "CVE-2013-1792", "CVE-2013-1826", "CVE-2013-0349", "CVE-2013-1774", "CVE-2012-6547", "CVE-2013-1773", "CVE-2013-0913", "CVE-2012-6538", "CVE-2013-1796", "CVE-2013-1798"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "cpe:/o:redhat:enterprise_linux:6.4", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:python-perf", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686"], "id": "REDHAT-RHSA-2013-0744.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=66192", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0744. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66192);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/11/10 11:49:52\");\n\n script_cve_id(\"CVE-2012-6537\", \"CVE-2012-6538\", \"CVE-2012-6546\", \"CVE-2012-6547\", \"CVE-2013-0349\", \"CVE-2013-0913\", \"CVE-2013-1767\", \"CVE-2013-1773\", \"CVE-2013-1774\", \"CVE-2013-1792\", \"CVE-2013-1796\", \"CVE-2013-1797\", \"CVE-2013-1798\", \"CVE-2013-1826\", \"CVE-2013-1827\");\n script_bugtraq_id(58112, 58177, 58200, 58202, 58368, 58381, 58383, 58427, 58604, 58605, 58607, 58977, 58992, 58996);\n script_xref(name:\"RHSA\", value:\"2013:0744\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2013:0744)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSecurity :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow,\nwas found in the way the Intel i915 driver in the Linux kernel handled\nthe allocation of the buffer used for relocation copies. A local user\nwith console access could use this flaw to cause a denial of service\nor escalate their privileges. (CVE-2013-0913, Important)\n\n* A buffer overflow flaw was found in the way UTF-8 characters were\nconverted to UTF-16 in the utf8s_to_utf16s() function of the Linux\nkernel's FAT file system implementation. A local user able to mount a\nFAT file system with the 'utf8=1' option could use this flaw to crash\nthe system or, potentially, to escalate their privileges.\n(CVE-2013-1773, Important)\n\n* A flaw was found in the way KVM handled guest time updates when the\nbuffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME\nmachine state register (MSR) crossed a page boundary. A privileged\nguest user could use this flaw to crash the host or, potentially,\nescalate their privileges, allowing them to execute arbitrary code at\nthe host kernel level. (CVE-2013-1796, Important)\n\n* A potential use-after-free flaw was found in the way KVM handled\nguest time updates when the GPA (guest physical address) the guest\nregistered by writing to the MSR_KVM_SYSTEM_TIME machine state\nregister (MSR) fell into a movable or removable memory region of the\nhosting user-space process (by default, QEMU-KVM) on the host. If that\nmemory region is deregistered from KVM using\nKVM_SET_USER_MEMORY_REGION and the allocated virtual memory reused, a\nprivileged guest user could potentially use this flaw to escalate\ntheir privileges on the host. (CVE-2013-1797, Important)\n\n* A flaw was found in the way KVM emulated IOAPIC (I/O Advanced\nProgrammable Interrupt Controller). A missing validation check in the\nioapic_read_indirect() function could allow a privileged guest user to\ncrash the host, or read a substantial portion of host kernel memory.\n(CVE-2013-1798, Important)\n\n* A race condition in install_user_keyrings(), leading to a NULL\npointer dereference, was found in the key management facility. A\nlocal, unprivileged user could use this flaw to cause a denial of\nservice. (CVE-2013-1792, Moderate)\n\n* A NULL pointer dereference in the XFRM implementation could allow a\nlocal user who has the CAP_NET_ADMIN capability to cause a denial of\nservice. (CVE-2013-1826, Moderate)\n\n* A NULL pointer dereference in the Datagram Congestion Control\nProtocol (DCCP) implementation could allow a local user to cause a\ndenial of service. (CVE-2013-1827, Moderate)\n\n* Information leak flaws in the XFRM implementation could allow a\nlocal user who has the CAP_NET_ADMIN capability to leak kernel stack\nmemory to user-space. (CVE-2012-6537, Low)\n\n* Two information leak flaws in the Asynchronous Transfer Mode (ATM)\nsubsystem could allow a local, unprivileged user to leak kernel stack\nmemory to user-space. (CVE-2012-6546, Low)\n\n* An information leak was found in the TUN/TAP device driver in the\nnetworking implementation. A local user with access to a TUN/TAP\nvirtual interface could use this flaw to leak kernel stack memory to\nuser-space. (CVE-2012-6547, Low)\n\n* An information leak in the Bluetooth implementation could allow a\nlocal user who has the CAP_NET_ADMIN capability to leak kernel stack\nmemory to user-space. (CVE-2013-0349, Low)\n\n* A use-after-free flaw was found in the tmpfs implementation. A local\nuser able to mount and unmount a tmpfs file system could use this flaw\nto cause a denial of service or, potentially, escalate their\nprivileges. (CVE-2013-1767, Low)\n\n* A NULL pointer dereference was found in the Linux kernel's USB\nInside Out Edgeport Serial Driver implementation. An attacker with\nphysical access to a system could use this flaw to cause a denial of\nservice. (CVE-2013-1774, Low)\n\nRed Hat would like to thank Andrew Honig of Google for reporting\nCVE-2013-1796, CVE-2013-1797, and CVE-2013-1798. CVE-2013-1792 was\ndiscovered by Mateusz Guzik of Red Hat EMEA GSS SEG Team.\"\n );\n # https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6b506c4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1773\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1796\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1797\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-6547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-6546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-6537\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1767\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0913\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1774\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-6538\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0744\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-358.6.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-358.6.1.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
