Scientific Linux Security Update : kernel on SL4.x i386/x86_64

2012-08-01T00:00:00

Description

This update addresses the following security - the sendmsg() function in the Linux kernel did not block (CVE-2008-5300, Important) - when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make (CVE-2008-5029, Important) - a deficiency was found in the Linux kernel virtual file - a buffer underflow flaw was found in the Linux kernel - the hfs and hfsplus file systems code failed to properly (CVE-2008-4933, CVE-2008-5025, Low) - a flaw was found in the hfsplus file system (CVE-2008-4934, Low) This update also fixes the following bugs : - when running Red Hat Enterprise Linux 4.6 and 4.7 on - mmap() could be used to gain access to beyond the first - attempting to turn keyboard LEDs on and off rapidly on - after migrating a hypervisor guest, the MAC address - writing crash dumps with diskdump may have caused a - on big-endian systems, such as PowerPC, the getsockopt() - a problem in the kernel packages provided by the - a divide-by-zero bug in the Linux kernel process - the netconsole kernel module caused the Linux kernel to - the '/proc/xen/' directory existed even if systems were This updated kernel-utils package adds an enhancement issues : during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. indirect recursive calls to itself. This could, potentially, lead to a local denial of service. system (VFS) implementation. This could allow a local, unprivileged user to make a series of file creations within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate) IB700 SBC watchdog timer driver. This deficiency could lead to a possible information leak. By default, the '/dev/watchdog' device is accessible only to the root user. (CVE-2008-5702, Low) handle corrupted data structures. This could, potentially, lead to a local denial of service. implementation. This could, potentially, lead to a local denial of service when write operations were performed. some systems running Intel® CPUs, the cpuspeed daemon did not run, preventing the CPU speed from being changed, such as not being reduced to an idle state when not in use. megabyte of RAM, due to insufficient checks in the Linux kernel code. Checks have been added to prevent this. keyboards with slow keyboard controllers, may have caused key presses to fail. table was not updated, causing packet loss and preventing network connections to the guest. Now, a gratuitous ARP request is sent after migration. This refreshes the ARP caches, minimizing network downtime. kernel panic on Non-Uniform Memory Access (NUMA) systems with certain memory configurations. function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255, possibly causing memory corruption and application crashes. RHSA-2008:0508 advisory caused the Linux kernel's built-in memory copy procedure to return the wrong error code after recovering from a page fault on AMD64 and Intel 64 systems. This may have caused other Linux kernel functions to return wrong error codes. scheduler, which may have caused kernel panics on certain systems, has been resolved. hang when slave interfaces of bonded network interfaces were started, resulting in a system hang or kernel panic when restarting the network. not running Red Hat Virtualization. This may have caused problems for third-party software that checks virtualization-ability based on the existence of '/proc/xen/'. Note: this update will remove the '/proc/xen/' directory on systems not running Red Hat Virtualization. in the way of proper support for user-space frequency-scaling on multi-core systems.

{"id": "SL_20090114_KERNEL_ON_SL4_X.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Scientific Linux Security Update : kernel on SL4.x i386/x86_64", "description": "This update addresses the following security issues :\n\n - the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service.\n (CVE-2008-5300, Important)\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a local denial of service.\n (CVE-2008-5029, Important)\n\n - a deficiency was found in the Linux kernel virtual file system (VFS) implementation. This could allow a local, unprivileged user to make a series of file creations within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n - a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog timer driver. This deficiency could lead to a possible information leak. By default, the '/dev/watchdog' device is accessible only to the root user. (CVE-2008-5702, Low)\n\n - the hfs and hfsplus file systems code failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service.\n (CVE-2008-4933, CVE-2008-5025, Low)\n\n - a flaw was found in the hfsplus file system implementation. This could, potentially, lead to a local denial of service when write operations were performed.\n (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n - when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running Intel® CPUs, the cpuspeed daemon did not run, preventing the CPU speed from being changed, such as not being reduced to an idle state when not in use.\n\n - mmap() could be used to gain access to beyond the first megabyte of RAM, due to insufficient checks in the Linux kernel code. Checks have been added to prevent this.\n\n - attempting to turn keyboard LEDs on and off rapidly on keyboards with slow keyboard controllers, may have caused key presses to fail.\n\n - after migrating a hypervisor guest, the MAC address table was not updated, causing packet loss and preventing network connections to the guest. Now, a gratuitous ARP request is sent after migration. This refreshes the ARP caches, minimizing network downtime.\n\n - writing crash dumps with diskdump may have caused a kernel panic on Non-Uniform Memory Access (NUMA) systems with certain memory configurations.\n\n - on big-endian systems, such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255, possibly causing memory corruption and application crashes.\n\n - a problem in the kernel packages provided by the RHSA-2008:0508 advisory caused the Linux kernel's built-in memory copy procedure to return the wrong error code after recovering from a page fault on AMD64 and Intel 64 systems. This may have caused other Linux kernel functions to return wrong error codes.\n\n - a divide-by-zero bug in the Linux kernel process scheduler, which may have caused kernel panics on certain systems, has been resolved.\n\n - the netconsole kernel module caused the Linux kernel to hang when slave interfaces of bonded network interfaces were started, resulting in a system hang or kernel panic when restarting the network.\n\n - the '/proc/xen/' directory existed even if systems were not running Red Hat Virtualization. This may have caused problems for third-party software that checks virtualization-ability based on the existence of '/proc/xen/'. Note: this update will remove the '/proc/xen/' directory on systems not running Red Hat Virtualization.\n\nThis updated kernel-utils package adds an enhancement in the way of proper support for user-space frequency-scaling on multi-core systems.", "published": "2012-08-01T00:00:00", "modified": "2021-01-14T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/60520", "reporter": "This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5025", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5300", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3275", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5702", "http://www.nessus.org/u?630aef0c", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5029", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4934", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4933"], "cvelist": ["CVE-2008-3275", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5300", "CVE-2008-5702"], "immutableFields": [], "lastseen": "2023-05-18T14:25:09", "viewCount": 18, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2008:0885", "CESA-2008:0973", "CESA-2009:0001-01", "CESA-2009:0014", "CESA-2009:1550"]}, {"type": "cve", "idList": ["CVE-2008-3275", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5300", "CVE-2008-5702"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1630-1:8E4BC", "DEBIAN:DSA-1636-1:2F315", "DEBIAN:DSA-1681-1:67CE4", "DEBIAN:DSA-1687-1:1BA38", "DEBIAN:DSA-1787-1:1654D", "DEBIAN:DSA-1794-1:CF19C"]}, {"type": "fedora", "idList": ["FEDORA:2A46A208DA7", "FEDORA:BB6D9208DB1"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2008-0885.NASL", "CENTOS_RHSA-2008-0973.NASL", "CENTOS_RHSA-2009-0014.NASL", "CENTOS_RHSA-2009-1550.NASL", "DEBIAN_DSA-1630.NASL", "DEBIAN_DSA-1636.NASL", "DEBIAN_DSA-1681.NASL", "DEBIAN_DSA-1687.NASL", "DEBIAN_DSA-1787.NASL", "DEBIAN_DSA-1794.NASL", "FEDORA_2008-11593.NASL", "FEDORA_2008-11618.NASL", "MANDRIVA_MDVSA-2008-234.NASL", "MANDRIVA_MDVSA-2008-246.NASL", "MANDRIVA_MDVSA-2009-032.NASL", "ORACLELINUX_ELSA-2008-0885.NASL", "ORACLELINUX_ELSA-2008-0973.NASL", "ORACLELINUX_ELSA-2009-0014.NASL", "ORACLELINUX_ELSA-2009-0264.NASL", "ORACLELINUX_ELSA-2009-1550.NASL", "ORACLEVM_OVMSA-2008-2006.NASL", "REDHAT-RHSA-2008-0885.NASL", "REDHAT-RHSA-2008-0973.NASL", "REDHAT-RHSA-2009-0001.NASL", "REDHAT-RHSA-2009-0014.NASL", "REDHAT-RHSA-2009-0021.NASL", "REDHAT-RHSA-2009-0225.NASL", "REDHAT-RHSA-2009-0264.NASL", "REDHAT-RHSA-2009-1550.NASL", "SL_20080924_KERNEL_ON_SL5_X.NASL", "SL_20081216_KERNEL_ON_SL3_X.NASL", "SL_20090210_KERNEL_ON_SL5_X.NASL", "SL_20091103_KERNEL_ON_SL3_X.NASL", "SUSE9_12636.NASL", "SUSE_11_0_KERNEL-080822.NASL", "SUSE_11_0_KERNEL-090114.NASL", "SUSE_KERNEL-5565.NASL", "SUSE_KERNEL-5566.NASL", "SUSE_KERNEL-5605.NASL", "SUSE_KERNEL-5608.NASL", "SUSE_KERNEL-5920.NASL", "SUSE_KERNEL-5924.NASL", "SUSE_KERNEL-5927.NASL", "SUSE_KERNEL-6274.NASL", "UBUNTU_USN-637-1.NASL", "UBUNTU_USN-679-1.NASL", "UBUNTU_USN-714-1.NASL", "UBUNTU_USN-715-1.NASL", "VMWARE_VMSA-2009-0014.NASL", "VMWARE_VMSA-2009-0014_REMOTE.NASL", "VMWARE_VMSA-2010-0010.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122516", "OPENVAS:1361412562310122525", "OPENVAS:1361412562310122555", "OPENVAS:136141256231063097", "OPENVAS:136141256231063132", "OPENVAS:136141256231063191", "OPENVAS:136141256231063224", "OPENVAS:136141256231063245", "OPENVAS:136141256231063249", "OPENVAS:136141256231063250", "OPENVAS:136141256231063273", "OPENVAS:136141256231063285", "OPENVAS:136141256231063317", "OPENVAS:136141256231063344", "OPENVAS:136141256231063367", "OPENVAS:136141256231063433", "OPENVAS:136141256231063467", "OPENVAS:136141256231063939", "OPENVAS:136141256231063959", "OPENVAS:136141256231064187", "OPENVAS:136141256231065259", "OPENVAS:136141256231065887", "OPENVAS:136141256231065920", "OPENVAS:136141256231066178", "OPENVAS:136141256231066217", "OPENVAS:1361412562310830503", "OPENVAS:1361412562310830770", "OPENVAS:1361412562310850140", "OPENVAS:1361412562310870022", "OPENVAS:1361412562310870087", "OPENVAS:1361412562310880079", "OPENVAS:1361412562310880082", "OPENVAS:1361412562310880838", "OPENVAS:1361412562310880928", "OPENVAS:1361412562310880937", "OPENVAS:61436", "OPENVAS:61594", "OPENVAS:62843", "OPENVAS:62957", "OPENVAS:63097", "OPENVAS:63132", "OPENVAS:63191", "OPENVAS:63224", "OPENVAS:63245", "OPENVAS:63249", "OPENVAS:63250", "OPENVAS:63273", "OPENVAS:63285", "OPENVAS:63309", "OPENVAS:63317", "OPENVAS:63344", "OPENVAS:63367", "OPENVAS:63433", "OPENVAS:63467", "OPENVAS:63939", "OPENVAS:63959", "OPENVAS:64164", "OPENVAS:64187", "OPENVAS:65259", "OPENVAS:65887", "OPENVAS:65920", "OPENVAS:66178", "OPENVAS:66217", "OPENVAS:830503", "OPENVAS:830770", "OPENVAS:840288", "OPENVAS:840325", "OPENVAS:850019", "OPENVAS:850037", "OPENVAS:850140", "OPENVAS:860465", "OPENVAS:860598", "OPENVAS:870022", "OPENVAS:870087", "OPENVAS:880079", "OPENVAS:880082", "OPENVAS:880838", "OPENVAS:880928", "OPENVAS:880937"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0885", "ELSA-2008-0973", "ELSA-2009-0014", "ELSA-2009-0225", "ELSA-2009-0264", "ELSA-2009-1243", "ELSA-2009-1550"]}, {"type": "osv", "idList": ["OSV:DSA-1630-1", "OSV:DSA-1636-1", "OSV:DSA-1681-1", "OSV:DSA-1687-1", "OSV:DSA-1787-1", "OSV:DSA-1794-1"]}, {"type": "redhat", "idList": ["RHSA-2008:0787", "RHSA-2008:0857", "RHSA-2008:0885", "RHSA-2008:0973", "RHSA-2009:0001", "RHSA-2009:0009", "RHSA-2009:0014", "RHSA-2009:0021", "RHSA-2009:0053", "RHSA-2009:0225", "RHSA-2009:0264", "RHSA-2009:1550"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:20387", "SECURITYVULNS:DOC:20515", "SECURITYVULNS:DOC:20907", "SECURITYVULNS:DOC:21097", "SECURITYVULNS:DOC:21767", "SECURITYVULNS:VULN:9235", "SECURITYVULNS:VULN:9285", "SECURITYVULNS:VULN:9453", "SECURITYVULNS:VULN:9488", "SECURITYVULNS:VULN:9555", "SECURITYVULNS:VULN:9633"]}, {"type": "seebug", "idList": ["SSV:4139", "SSV:4428", "SSV:4459", "SSV:4610"]}, {"type": "suse", "idList": ["SUSE-SA:2008:044", "SUSE-SA:2008:048", "SUSE-SA:2008:049", "SUSE-SA:2008:057", "SUSE-SA:2009:003", "SUSE-SA:2009:004", "SUSE-SA:2009:008", "SUSE-SA:2009:010", "SUSE-SA:2009:030", "SUSE-SA:2010:036"]}, {"type": "ubuntu", "idList": ["USN-637-1", "USN-679-1", "USN-714-1", "USN-715-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-3275", "UB:CVE-2008-4933", "UB:CVE-2008-4934", "UB:CVE-2008-5025", "UB:CVE-2008-5029", "UB:CVE-2008-5300", "UB:CVE-2008-5702"]}, {"type": "veracode", "idList": ["VERACODE:23414", "VERACODE:23512", "VERACODE:23524", "VERACODE:23571", "VERACODE:23572", "VERACODE:23573"]}, {"type": "vmware", "idList": ["VMSA-2009-0014", "VMSA-2009-0014.3", "VMSA-2010-0010"]}]}, "score": {"value": 0.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2008:0885", "CESA-2008:0973", "CESA-2009:0001-01", "CESA-2009:0014", "CESA-2009:1550"]}, {"type": "cve", "idList": ["CVE-2008-3275", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5300", "CVE-2008-5702"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1630-1:8E4BC"]}, {"type": "fedora", "idList": ["FEDORA:2A46A208DA7"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2008-5300/"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-1681.NASL", "DEBIAN_DSA-1794.NASL", "SUSE_KERNEL-5924.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063132", "OPENVAS:136141256231063317", "OPENVAS:136141256231065259", "OPENVAS:136141256231066178", "OPENVAS:1361412562310880838", "OPENVAS:64164", "OPENVAS:830770", "OPENVAS:850019"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0885", "ELSA-2008-0973", "ELSA-2009-0014", "ELSA-2009-0225", "ELSA-2009-0264", "ELSA-2009-1550"]}, {"type": "redhat", "idList": ["RHSA-2008:0508", "RHSA-2008:0787", "RHSA-2008:0885", "RHSA-2008:0973", "RHSA-2009:0014", "RHSA-2009:0264"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:20907"]}, {"type": "seebug", "idList": ["SSV:4428"]}, {"type": "suse", "idList": ["SUSE-SA:2009:003", "SUSE-SA:2009:030"]}, {"type": "ubuntu", "idList": ["USN-714-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-5025"]}, {"type": "vmware", "idList": ["VMSA-2010-0010"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2008-3275", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-07"}, {"cve": "CVE-2008-4933", "epss": 0.00256, "percentile": 0.61952, "modified": "2023-05-07"}, {"cve": "CVE-2008-4934", "epss": 0.00231, "percentile": 0.59734, "modified": "2023-05-07"}, {"cve": "CVE-2008-5025", "epss": 0.00251, "percentile": 0.61539, "modified": "2023-05-07"}, {"cve": "CVE-2008-5029", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-07"}, {"cve": "CVE-2008-5300", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-07"}, {"cve": "CVE-2008-5702", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-07"}], "vulnersScore": 0.0}, "_state": {"dependencies": 1684423147, "score": 1684420145, "epss": 0}, "_internal": {"score_hash": "00efea90037042587da827215ecb7e5a"}, "pluginID": "60520", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60520);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses the following security issues :\n\n - the sendmsg() function in the Linux kernel did not block\n during UNIX socket garbage collection. This could,\n potentially, lead to a local denial of service.\n (CVE-2008-5300, Important)\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make\n indirect recursive calls to itself. This could,\n potentially, lead to a local denial of service.\n (CVE-2008-5029, Important)\n\n - a deficiency was found in the Linux kernel virtual file\n system (VFS) implementation. This could allow a local,\n unprivileged user to make a series of file creations\n within deleted directories, possibly causing a denial of\n service. (CVE-2008-3275, Moderate)\n\n - a buffer underflow flaw was found in the Linux kernel\n IB700 SBC watchdog timer driver. This deficiency could\n lead to a possible information leak. By default, the\n '/dev/watchdog' device is accessible only to the root\n user. (CVE-2008-5702, Low)\n\n - the hfs and hfsplus file systems code failed to properly\n handle corrupted data structures. This could,\n potentially, lead to a local denial of service.\n (CVE-2008-4933, CVE-2008-5025, Low)\n\n - a flaw was found in the hfsplus file system\n implementation. This could, potentially, lead to a local\n denial of service when write operations were performed.\n (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n - when running Red Hat Enterprise Linux 4.6 and 4.7 on\n some systems running Intel® CPUs, the cpuspeed\n daemon did not run, preventing the CPU speed from being\n changed, such as not being reduced to an idle state when\n not in use.\n\n - mmap() could be used to gain access to beyond the first\n megabyte of RAM, due to insufficient checks in the Linux\n kernel code. Checks have been added to prevent this.\n\n - attempting to turn keyboard LEDs on and off rapidly on\n keyboards with slow keyboard controllers, may have\n caused key presses to fail.\n\n - after migrating a hypervisor guest, the MAC address\n table was not updated, causing packet loss and\n preventing network connections to the guest. Now, a\n gratuitous ARP request is sent after migration. This\n refreshes the ARP caches, minimizing network downtime.\n\n - writing crash dumps with diskdump may have caused a\n kernel panic on Non-Uniform Memory Access (NUMA) systems\n with certain memory configurations.\n\n - on big-endian systems, such as PowerPC, the getsockopt()\n function incorrectly returned 0 depending on the\n parameters passed to it when the time to live (TTL)\n value equaled 255, possibly causing memory corruption\n and application crashes.\n\n - a problem in the kernel packages provided by the\n RHSA-2008:0508 advisory caused the Linux kernel's\n built-in memory copy procedure to return the wrong error\n code after recovering from a page fault on AMD64 and\n Intel 64 systems. This may have caused other Linux\n kernel functions to return wrong error codes.\n\n - a divide-by-zero bug in the Linux kernel process\n scheduler, which may have caused kernel panics on\n certain systems, has been resolved.\n\n - the netconsole kernel module caused the Linux kernel to\n hang when slave interfaces of bonded network interfaces\n were started, resulting in a system hang or kernel panic\n when restarting the network.\n\n - the '/proc/xen/' directory existed even if systems were\n not running Red Hat Virtualization. This may have caused\n problems for third-party software that checks\n virtualization-ability based on the existence of\n '/proc/xen/'. Note: this update will remove the\n '/proc/xen/' directory on systems not running Red Hat\n Virtualization.\n\nThis updated kernel-utils package adds an enhancement in the way of\nproper support for user-space frequency-scaling on multi-core systems.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0901&L=scientific-linux-errata&T=0&P=1314\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?630aef0c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"kernel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-doc-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-utils-2.4-14.1.117.2.1\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Scientific Linux Local Security Checks", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "", "vendor_cvss2": {"score": 7.8, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": "2009-01-14T00:00:00", "vulnerabilityPublicationDate": "2008-08-12T00:00:00", "exploitableWith": []}

{"nessus": [{"lastseen": "2023-05-17T15:44:30", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS) implementation. This could allow a local, unprivileged user to make a series of file creations within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog timer driver. This deficiency could lead to a possible information leak. By default, the '/dev/watchdog' device is accessible only to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This could, potentially, lead to a local denial of service when write operations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running Intel(r) CPUs, the cpuspeed daemon did not run, preventing the CPU speed from being changed, such as not being reduced to an idle state when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of RAM, due to insufficient checks in the Linux kernel code. Checks have been added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards with slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not updated, causing packet loss and preventing network connections to the guest. Now, a gratuitous ARP request is sent after migration. This refreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on Non-Uniform Memory Access (NUMA) systems with certain memory configurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255, possibly causing memory corruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508 advisory caused the Linux kernel's built-in memory copy procedure to return the wrong error code after recovering from a page fault on AMD64 and Intel 64 systems. This may have caused other Linux kernel functions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which may have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when slave interfaces of bonded network interfaces were started, resulting in a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running Red Hat Virtualization. This may have caused problems for third-party software that checks virtualization-ability based on the existence of '/proc/xen/'. Note: this update will remove the '/proc/xen/' directory on systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 4 : kernel (CESA-2009:0014)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3275", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5300", "CVE-2008-5702"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-hugemem-devel", "p-cpe:/a:centos:centos:kernel-largesmp", "p-cpe:/a:centos:centos:kernel-largesmp-devel", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-smp-devel", "p-cpe:/a:centos:centos:kernel-xenu", "p-cpe:/a:centos:centos:kernel-xenu-devel", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2009-0014.NASL", "href": "https://www.tenable.com/plugins/nessus/43727", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0014 and \n# CentOS Errata and Security Advisory 2009:0014 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43727);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_bugtraq_id(30647, 32093, 32154, 32289);\n script_xref(name:\"RHSA\", value:\"2009:0014\");\n\n script_name(english:\"CentOS 4 : kernel (CESA-2009:0014)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local\ndenial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to make a\nseries of file creations within deleted directories, possibly causing\na denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC\nwatchdog timer driver. This deficiency could lead to a possible\ninformation leak. By default, the '/dev/watchdog' device is accessible\nonly to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle\ncorrupted data structures. This could, potentially, lead to a local\ndenial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This\ncould, potentially, lead to a local denial of service when write\noperations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems\nrunning Intel(r) CPUs, the cpuspeed daemon did not run, preventing the\nCPU speed from being changed, such as not being reduced to an idle\nstate when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of\nRAM, due to insufficient checks in the Linux kernel code. Checks have\nbeen added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards\nwith slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not\nupdated, causing packet loss and preventing network connections to the\nguest. Now, a gratuitous ARP request is sent after migration. This\nrefreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on\nNon-Uniform Memory Access (NUMA) systems with certain memory\nconfigurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function\nincorrectly returned 0 depending on the parameters passed to it when\nthe time to live (TTL) value equaled 255, possibly causing memory\ncorruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508\nadvisory caused the Linux kernel's built-in memory copy procedure to\nreturn the wrong error code after recovering from a page fault on\nAMD64 and Intel 64 systems. This may have caused other Linux kernel\nfunctions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which\nmay have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when\nslave interfaces of bonded network interfaces were started, resulting\nin a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running\nRed Hat Virtualization. This may have caused problems for third-party\nsoftware that checks virtualization-ability based on the existence of\n'/proc/xen/'. Note: this update will remove the '/proc/xen/' directory\non systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015556.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9713ddeb\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015557.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?84bc83a7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-doc-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-doc-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:38:57", "description": "From Red Hat Security Advisory 2009:0014 :\n\nUpdated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS) implementation. This could allow a local, unprivileged user to make a series of file creations within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog timer driver. This deficiency could lead to a possible information leak. By default, the '/dev/watchdog' device is accessible only to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This could, potentially, lead to a local denial of service when write operations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running Intel(r) CPUs, the cpuspeed daemon did not run, preventing the CPU speed from being changed, such as not being reduced to an idle state when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of RAM, due to insufficient checks in the Linux kernel code. Checks have been added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards with slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not updated, causing packet loss and preventing network connections to the guest. Now, a gratuitous ARP request is sent after migration. This refreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on Non-Uniform Memory Access (NUMA) systems with certain memory configurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255, possibly causing memory corruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508 advisory caused the Linux kernel's built-in memory copy procedure to return the wrong error code after recovering from a page fault on AMD64 and Intel 64 systems. This may have caused other Linux kernel functions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which may have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when slave interfaces of bonded network interfaces were started, resulting in a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running Red Hat Virtualization. This may have caused problems for third-party software that checks virtualization-ability based on the existence of '/proc/xen/'. Note: this update will remove the '/proc/xen/' directory on systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : kernel (ELSA-2009-0014)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3275", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5300", "CVE-2008-5702"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-hugemem-devel", "p-cpe:/a:oracle:linux:kernel-largesmp", "p-cpe:/a:oracle:linux:kernel-largesmp-devel", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-smp-devel", "p-cpe:/a:oracle:linux:kernel-xenu", "p-cpe:/a:oracle:linux:kernel-xenu-devel", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-0014.NASL", "href": "https://www.tenable.com/plugins/nessus/67790", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0014 and \n# Oracle Linux Security Advisory ELSA-2009-0014 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67790);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_bugtraq_id(30647, 32093, 32154, 32289);\n script_xref(name:\"RHSA\", value:\"2009:0014\");\n\n script_name(english:\"Oracle Linux 4 : kernel (ELSA-2009-0014)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0014 :\n\nUpdated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local\ndenial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to make a\nseries of file creations within deleted directories, possibly causing\na denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC\nwatchdog timer driver. This deficiency could lead to a possible\ninformation leak. By default, the '/dev/watchdog' device is accessible\nonly to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle\ncorrupted data structures. This could, potentially, lead to a local\ndenial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This\ncould, potentially, lead to a local denial of service when write\noperations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems\nrunning Intel(r) CPUs, the cpuspeed daemon did not run, preventing the\nCPU speed from being changed, such as not being reduced to an idle\nstate when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of\nRAM, due to insufficient checks in the Linux kernel code. Checks have\nbeen added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards\nwith slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not\nupdated, causing packet loss and preventing network connections to the\nguest. Now, a gratuitous ARP request is sent after migration. This\nrefreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on\nNon-Uniform Memory Access (NUMA) systems with certain memory\nconfigurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function\nincorrectly returned 0 depending on the parameters passed to it when\nthe time to live (TTL) value equaled 255, possibly causing memory\ncorruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508\nadvisory caused the Linux kernel's built-in memory copy procedure to\nreturn the wrong error code after recovering from a page fault on\nAMD64 and Intel 64 systems. This may have caused other Linux kernel\nfunctions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which\nmay have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when\nslave interfaces of bonded network interfaces were started, resulting\nin a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running\nRed Hat Virtualization. This may have caused problems for third-party\nsoftware that checks virtualization-ability based on the existence of\n'/proc/xen/'. Note: this update will remove the '/proc/xen/' directory\non systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-January/000864.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-0014\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-devel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-doc-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-doc-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:19", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS) implementation. This could allow a local, unprivileged user to make a series of file creations within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog timer driver. This deficiency could lead to a possible information leak. By default, the '/dev/watchdog' device is accessible only to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This could, potentially, lead to a local denial of service when write operations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running Intel(r) CPUs, the cpuspeed daemon did not run, preventing the CPU speed from being changed, such as not being reduced to an idle state when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of RAM, due to insufficient checks in the Linux kernel code. Checks have been added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards with slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not updated, causing packet loss and preventing network connections to the guest. Now, a gratuitous ARP request is sent after migration. This refreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on Non-Uniform Memory Access (NUMA) systems with certain memory configurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function incorrectly returned 0 depending on the parameters passed to it when the time to live (TTL) value equaled 255, possibly causing memory corruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508 advisory caused the Linux kernel's built-in memory copy procedure to return the wrong error code after recovering from a page fault on AMD64 and Intel 64 systems. This may have caused other Linux kernel functions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which may have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when slave interfaces of bonded network interfaces were started, resulting in a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running Red Hat Virtualization. This may have caused problems for third-party software that checks virtualization-ability based on the existence of '/proc/xen/'. Note: this update will remove the '/proc/xen/' directory on systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2009-01-15T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2009:0014)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3275", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5300", "CVE-2008-5702"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu-devel", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2009-0014.NASL", "href": "https://www.tenable.com/plugins/nessus/35381", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0014. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35381);\n script_version(\"1.32\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n script_bugtraq_id(30647, 32093, 32154, 32289);\n script_xref(name:\"RHSA\", value:\"2009:0014\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2009:0014)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local\ndenial of service. (CVE-2008-5300, Important)\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a local denial of service.\n(CVE-2008-5029, Important)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to make a\nseries of file creations within deleted directories, possibly causing\na denial of service. (CVE-2008-3275, Moderate)\n\n* a buffer underflow flaw was found in the Linux kernel IB700 SBC\nwatchdog timer driver. This deficiency could lead to a possible\ninformation leak. By default, the '/dev/watchdog' device is accessible\nonly to the root user. (CVE-2008-5702, Low)\n\n* the hfs and hfsplus file systems code failed to properly handle\ncorrupted data structures. This could, potentially, lead to a local\ndenial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the hfsplus file system implementation. This\ncould, potentially, lead to a local denial of service when write\noperations were performed. (CVE-2008-4934, Low)\n\nThis update also fixes the following bugs :\n\n* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems\nrunning Intel(r) CPUs, the cpuspeed daemon did not run, preventing the\nCPU speed from being changed, such as not being reduced to an idle\nstate when not in use.\n\n* mmap() could be used to gain access to beyond the first megabyte of\nRAM, due to insufficient checks in the Linux kernel code. Checks have\nbeen added to prevent this.\n\n* attempting to turn keyboard LEDs on and off rapidly on keyboards\nwith slow keyboard controllers, may have caused key presses to fail.\n\n* after migrating a hypervisor guest, the MAC address table was not\nupdated, causing packet loss and preventing network connections to the\nguest. Now, a gratuitous ARP request is sent after migration. This\nrefreshes the ARP caches, minimizing network downtime.\n\n* writing crash dumps with diskdump may have caused a kernel panic on\nNon-Uniform Memory Access (NUMA) systems with certain memory\nconfigurations.\n\n* on big-endian systems, such as PowerPC, the getsockopt() function\nincorrectly returned 0 depending on the parameters passed to it when\nthe time to live (TTL) value equaled 255, possibly causing memory\ncorruption and application crashes.\n\n* a problem in the kernel packages provided by the RHSA-2008:0508\nadvisory caused the Linux kernel's built-in memory copy procedure to\nreturn the wrong error code after recovering from a page fault on\nAMD64 and Intel 64 systems. This may have caused other Linux kernel\nfunctions to return wrong error codes.\n\n* a divide-by-zero bug in the Linux kernel process scheduler, which\nmay have caused kernel panics on certain systems, has been resolved.\n\n* the netconsole kernel module caused the Linux kernel to hang when\nslave interfaces of bonded network interfaces were started, resulting\nin a system hang or kernel panic when restarting the network.\n\n* the '/proc/xen/' directory existed even if systems were not running\nRed Hat Virtualization. This may have caused problems for third-party\nsoftware that checks virtualization-ability based on the existence of\n'/proc/xen/'. Note: this update will remove the '/proc/xen/' directory\non systems not running Red Hat Virtualization.\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0014\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-3275\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2008-5702\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:0014\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0014\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.13.EL\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:35", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nBuffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function.\n(CVE-2008-4933)\n\nThe hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the Linux kernel before 2.6.28-rc1 does not check a certain return value from the read_mapping_page function before calling kmap, which allows attackers to cause a denial of service (system crash) via a crafted hfsplus filesystem image. (CVE-2008-4934)\n\nThe __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors. (CVE-2008-5029)\n\nAdditionaly, support for a broadcom bluetooth dongle was added to btusb driver, an eeepc shutdown hang caused by snd-hda-intel was fixed, a Realtek auto-mute bug was fixed, the pcspkr driver was reenabled, an acpi brightness setting issue on some laptops was fixed, sata_nv (NVidia) driver bugs were fixed, horizontal mousewheel scrolling with Logitech V150 mouse was fixed, and more. Check the changelog and related bugs for more details.\n\nThis kernel also fixes the driver for Intel G45/GM45 video chipsets, in a way requiring also an updated Xorg driver, which is also being provided in this update.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2008:234)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5029"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hso-kernel-server-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-server-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.27.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.5-server-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "p-cpe:/a:mandriva:linux:x11-driver-video-intel", "p-cpe:/a:mandriva:linux:x11-driver-video-intel-fast-i830", "cpe:/o:mandriva:linux:2009.0"], "id": "MANDRIVA_MDVSA-2008-234.NASL", "href": "https://www.tenable.com/plugins/nessus/38027", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:234. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38027);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5029\");\n script_xref(name:\"MDVSA\", value:\"2008:234\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2008:234)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nBuffer overflow in the hfsplus_find_cat function in\nfs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows\nattackers to cause a denial of service (memory corruption or system\ncrash) via an hfsplus filesystem image with an invalid catalog\nnamelength field, related to the hfsplus_cat_build_key_uni function.\n(CVE-2008-4933)\n\nThe hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the\nLinux kernel before 2.6.28-rc1 does not check a certain return value\nfrom the read_mapping_page function before calling kmap, which allows\nattackers to cause a denial of service (system crash) via a crafted\nhfsplus filesystem image. (CVE-2008-4934)\n\nThe __scm_destroy function in net/core/scm.c in the Linux kernel\n2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself\nthrough calls to the fput function, which allows local users to cause\na denial of service (panic) via vectors related to sending an\nSCM_RIGHTS message through a UNIX domain socket and closing file\ndescriptors. (CVE-2008-5029)\n\nAdditionaly, support for a broadcom bluetooth dongle was added to\nbtusb driver, an eeepc shutdown hang caused by snd-hda-intel was\nfixed, a Realtek auto-mute bug was fixed, the pcspkr driver was\nreenabled, an acpi brightness setting issue on some laptops was fixed,\nsata_nv (NVidia) driver bugs were fixed, horizontal mousewheel\nscrolling with Logitech V150 mouse was fixed, and more. Check the\nchangelog and related bugs for more details.\n\nThis kernel also fixes the driver for Intel G45/GM45 video chipsets,\nin a way requiring also an updated Xorg driver, which is also being\nprovided in this update.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44752\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/45319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/45618\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.27.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:x11-driver-video-intel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:x11-driver-video-intel-fast-i830\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.5-desktop-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-2.6.27.5-desktop586-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.5-server-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20081121.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20081121.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-server-latest-0.5.1-1.20081121.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.5-desktop-2mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-2.6.27.5-desktop586-2mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.5-server-2mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-desktop-latest-2.3.0-1.20081121.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-desktop586-latest-2.3.0-1.20081121.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-server-latest-2.3.0-1.20081121.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.5-desktop-2mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-2.6.27.5-desktop586-2mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.5-server-2mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-desktop-latest-1.2.3-1.20081121.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-desktop586-latest-1.2.3-1.20081121.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-server-latest-1.2.3-1.20081121.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.5-desktop-2mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.5-desktop586-2mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.5-server-2mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20081121.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20081121.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20081121.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.5-desktop-2mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.27.5-desktop586-2mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.5-server-2mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-desktop-latest-8.522-1.20081121.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.522-1.20081121.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-server-latest-8.522-1.20081121.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.5-desktop-2mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-2.6.27.5-desktop586-2mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.5-server-2mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-desktop-latest-2.03.07-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-desktop586-latest-2.03.07-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-server-latest-2.03.07-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.5-desktop-2mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.5-desktop586-2mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.5-server-2mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop-latest-1.17-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop586-latest-1.17-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-server-latest-1.17-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.5-desktop-2mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.27.5-desktop586-2mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.5-server-2mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-desktop-latest-7.68.00.13-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.68.00.13-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-server-latest-7.68.00.13-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.5-desktop-2mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-2.6.27.5-desktop586-2mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.5-server-2mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-desktop-latest-1.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-desktop586-latest-1.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-server-latest-1.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.5-desktop-2mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-2.6.27.5-desktop586-2mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.5-server-2mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-desktop-latest-0.4.16-1.20081121.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-desktop586-latest-0.4.16-1.20081121.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-server-latest-0.4.16-1.20081121.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-latest-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-latest-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-doc-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-latest-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-latest-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-2.6.27.5-2mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-latest-2.6.27.5-2mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.5-desktop-2mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-2.6.27.5-desktop586-2mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.5-server-2mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-desktop-latest-1.4.0pre1-1.20081121.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-desktop586-latest-1.4.0pre1-1.20081121.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-server-latest-1.4.0pre1-1.20081121.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.5-desktop-2mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-2.6.27.5-desktop586-2mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.5-server-2mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-desktop-latest-0.8.3-1.20081121.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.3-1.20081121.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-server-latest-0.8.3-1.20081121.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.5-desktop-2mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-2.6.27.5-desktop586-2mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.5-server-2mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-desktop-latest-4.43-1.20081121.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20081121.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-server-latest-4.43-1.20081121.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.5-desktop-2mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.27.5-desktop586-2mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.5-server-2mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-desktop-latest-0.9.4-1.20081121.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.4-1.20081121.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-server-latest-0.9.4-1.20081121.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.5-desktop-2mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.27.5-desktop586-2mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.5-server-2mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-desktop-latest-177.70-1.20081121.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-177.70-1.20081121.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-server-latest-177.70-1.20081121.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-2.6.27.5-desktop-2mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-2.6.27.5-desktop586-2mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-2.6.27.5-server-2mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-desktop-latest-173.14.12-1.20081121.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-desktop586-latest-173.14.12-1.20081121.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-server-latest-173.14.12-1.20081121.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.5-desktop-2mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-2.6.27.5-desktop586-2mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.5-server-2mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-desktop-latest-71.86.06-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-desktop586-latest-71.86.06-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-server-latest-71.86.06-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.5-desktop-2mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.27.5-desktop586-2mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.5-server-2mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.07-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.07-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-server-latest-96.43.07-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.5-desktop-2mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-2.6.27.5-desktop586-2mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.5-server-2mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-desktop-latest-0.8.0-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-desktop586-latest-0.8.0-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-server-latest-0.8.0-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.5-desktop-2mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-2.6.27.5-desktop586-2mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.5-server-2mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-desktop-latest-20080513-1.20081121.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-desktop586-latest-20080513-1.20081121.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-server-latest-20080513-1.20081121.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.5-desktop-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-2.6.27.5-desktop586-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.5-server-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-desktop-latest-0.4.2a-1.20081121.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-desktop586-latest-0.4.2a-1.20081121.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-server-latest-0.4.2a-1.20081121.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.5-desktop-2mnb-1.5.8-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-2.6.27.5-desktop586-2mnb-1.5.8-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.5-server-2mnb-1.5.8-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-desktop-latest-1.5.8-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-desktop586-latest-1.5.8-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-server-latest-1.5.8-1.20081121.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.5-desktop-2mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-2.6.27.5-desktop586-2mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.5-server-2mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-desktop-latest-0.6.6-1.20081121.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-desktop586-latest-0.6.6-1.20081121.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-server-latest-0.6.6-1.20081121.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.5-desktop-2mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-2.6.27.5-desktop586-2mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.5-server-2mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-desktop-latest-1.7.0.0-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-desktop586-latest-1.7.0.0-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-server-latest-1.7.0.0-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.5-desktop-2mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-2.6.27.5-desktop586-2mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.5-server-2mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-desktop-latest-1.3.1.0-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-desktop586-latest-1.3.1.0-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-server-latest-1.3.1.0-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.5-desktop-2mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-2.6.27.5-desktop586-2mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.5-server-2mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-desktop-latest-1016.20080716-1.20081121.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-desktop586-latest-1016.20080716-1.20081121.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-server-latest-1016.20080716-1.20081121.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.5-desktop-2mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.5-desktop586-2mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.5-server-2mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20081121.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20081121.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20081121.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.5-desktop-2mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.27.5-desktop586-2mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.5-server-2mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20081121.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.5-desktop-2mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-2.6.27.5-desktop586-2mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.5-server-2mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-desktop-latest-0.37-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-desktop586-latest-0.37-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-server-latest-0.37-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.5-desktop-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.27.5-desktop586-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.5-server-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-desktop-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-desktop586-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-server-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.5-desktop-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.27.5-desktop586-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.5-server-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-desktop-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-desktop586-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-server-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.5-desktop-2mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-2.6.27.5-desktop586-2mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.5-server-2mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-desktop-latest-1.0.0-1.20081121.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-desktop586-latest-1.0.0-1.20081121.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-server-latest-1.0.0-1.20081121.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.5-desktop-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.27.5-desktop586-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.5-server-2mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-desktop-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-server-latest-2.0.2-1.20081121.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.5-desktop-2mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.27.5-desktop586-2mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.5-server-2mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20081121.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20081121.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20081121.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"x11-driver-video-intel-2.4.2-7.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"x11-driver-video-intel-fast-i830-2.4.2-7.4mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:11", "description": "The openSUSE 10.3 kernel was updated to fix various security problems and bugs. Following security bugs were fixed :\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.\n\nCVE-2008-5029: The __scm_destroy function in net/core/scm.c makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.\n\nCVE-2008-5134: Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem allowed remote attackers to have an unknown impact via an 'invalid beacon/probe response.'\n\nCVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function.\n\nCVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.\n\nCVE-2008-5182: The inotify functionality might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.", "cvss3": {}, "published": "2009-01-22T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : kernel (kernel-5920)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5134", "CVE-2008-5182", "CVE-2008-5702"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-bigsmp", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xenpae", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_KERNEL-5920.NASL", "href": "https://www.tenable.com/plugins/nessus/35446", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-5920.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35446);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5134\", \"CVE-2008-5182\", \"CVE-2008-5702\");\n\n script_name(english:\"openSUSE 10 Security Update : kernel (kernel-5920)\");\n script_summary(english:\"Check for the kernel-5920 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE 10.3 kernel was updated to fix various security problems\nand bugs. Following security bugs were fixed :\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in\ndrivers/watchdog/ib700wdt.c might allow local users to have an unknown\nimpact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users\nto cause a denial of service (kernel infinite loop) by making two\ncalls to svc_listen for the same socket, and then reading a\n/proc/net/atm/*vc file, related to corruption of the vcc table.\n\nCVE-2008-5029: The __scm_destroy function in net/core/scm.c makes\nindirect recursive calls to itself through calls to the fput function,\nwhich allows local users to cause a denial of service (panic) via\nvectors related to sending an SCM_RIGHTS message through a UNIX domain\nsocket and closing file descriptors.\n\nCVE-2008-5134: Buffer overflow in the lbs_process_bss function in\ndrivers/net/wireless/libertas/scan.c in the libertas subsystem allowed\nremote attackers to have an unknown impact via an 'invalid\nbeacon/probe response.'\n\nCVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in\nfs/hfsplus/catalog.c allowed attackers to cause a denial of service\n(memory corruption or system crash) via an hfsplus filesystem image\nwith an invalid catalog namelength field, related to the\nhfsplus_cat_build_key_uni function.\n\nCVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec\nfunction in fs/hfs/catalog.c allowed attackers to cause a denial of\nservice (memory corruption or system crash) via an hfs filesystem\nimage with an invalid catalog namelength field, a related issue to\nCVE-2008-4933.\n\nCVE-2008-5182: The inotify functionality might allow local users to\ngain privileges via unknown vectors related to race conditions in\ninotify watch removal and umount.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xenpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-bigsmp-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-debug-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-default-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-source-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-syms-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xen-2.6.22.19-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xenpae-2.6.22.19-0.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-bigsmp / kernel-debug / kernel-default / kernel-source / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:24", "description": "This update fixes various security issues and several bugs in the openSUSE 11.0 kernel. It was also updated to the stable version 2.6.25.20.\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-5700: libata did not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.\n\nCVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.\n\nCVE-2008-5300: Linux kernel 2.6.28 allows local users to cause a denial of service ('soft lockup' and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.\n\nCVE-2008-5029: The __scm_destroy function in net/core/scm.c makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors.\n\nCVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function.\n\nCVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.\n\nCVE-2008-5182: The inotify functionality might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.\n\nCVE-2008-3831: The i915 driver in drivers/char/drm/i915_dma.c does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.\n\nCVE-2008-4554: The do_splice_from function in fs/splice.c did not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-423)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3831", "CVE-2008-4554", "CVE-2008-4933", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300", "CVE-2008-5700", "CVE-2008-5702"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-rt", "p-cpe:/a:novell:opensuse:kernel-rt_debug", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_KERNEL-090114.NASL", "href": "https://www.tenable.com/plugins/nessus/40011", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-423.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40011);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3831\", \"CVE-2008-4554\", \"CVE-2008-4933\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5700\", \"CVE-2008-5702\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-423)\");\n script_summary(english:\"Check for the kernel-423 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various security issues and several bugs in the\nopenSUSE 11.0 kernel. It was also updated to the stable version\n2.6.25.20.\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in\ndrivers/watchdog/ib700wdt.c might allow local users to have an unknown\nimpact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-5700: libata did not set minimum timeouts for SG_IO requests,\nwhich allows local users to cause a denial of service (Programmed I/O\nmode on drives) via multiple simultaneous invocations of an\nunspecified test program.\n\nCVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users\nto cause a denial of service (kernel infinite loop) by making two\ncalls to svc_listen for the same socket, and then reading a\n/proc/net/atm/*vc file, related to corruption of the vcc table.\n\nCVE-2008-5300: Linux kernel 2.6.28 allows local users to cause a\ndenial of service ('soft lockup' and process loss) via a large number\nof sendmsg function calls, which does not block during AF_UNIX garbage\ncollection and triggers an OOM condition, a different vulnerability\nthan CVE-2008-5029.\n\nCVE-2008-5029: The __scm_destroy function in net/core/scm.c makes\nindirect recursive calls to itself through calls to the fput function,\nwhich allows local users to cause a denial of service (panic) via\nvectors related to sending an SCM_RIGHTS message through a UNIX domain\nsocket and closing file descriptors.\n\nCVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in\nfs/hfsplus/catalog.c allowed attackers to cause a denial of service\n(memory corruption or system crash) via an hfsplus filesystem image\nwith an invalid catalog namelength field, related to the\nhfsplus_cat_build_key_uni function.\n\nCVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec\nfunction in fs/hfs/catalog.c allowed attackers to cause a denial of\nservice (memory corruption or system crash) via an hfs filesystem\nimage with an invalid catalog namelength field, a related issue to\nCVE-2008-4933.\n\nCVE-2008-5182: The inotify functionality might allow local users to\ngain privileges via unknown vectors related to race conditions in\ninotify watch removal and umount.\n\nCVE-2008-3831: The i915 driver in drivers/char/drm/i915_dma.c does not\nrestrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager\n(DRM) master, which allows local users to cause a denial of service\n(memory corruption) via a crafted ioctl call, related to absence of\nthe DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.\n\nCVE-2008-4554: The do_splice_from function in fs/splice.c did not\nreject file descriptors that have the O_APPEND flag set, which allows\nlocal users to bypass append mode and make arbitrary changes to other\nlocations in the file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=362850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=371657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=399966\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=405546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=419250\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=429919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=439461\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=442364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=442594\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=443640\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=443661\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=445569\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=446973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=447241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=447406\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=450417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=457896\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=457897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=457898\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-debug-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-default-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-pae-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt_debug-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-source-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-syms-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-vanilla-2.6.25.20-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-xen-2.6.25.20-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-default / kernel-pae / kernel-rt / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:08", "description": "The SUSE Linux Enterprise 10 Service Pack 2 kernel was updated to fix some security issues and various bugs.\n\nThe following security problems have been fixed :\n\n - net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/ *vc file, related to corruption of the vcc table. (CVE-2008-5079)\n\n - The __scm_destroy function in net/core/scm.c makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors. (CVE-2008-5029)\n\n - Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function. (CVE-2008-4933)\n\n - Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.\n (CVE-2008-5025)\n\n - The inotify functionality might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.\n (CVE-2008-5182)\n\nA lot of other bugs were fixed, a detailed list can be found in the RPM changelog.", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5927)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5927.NASL", "href": "https://www.tenable.com/plugins/nessus/59135", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59135);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5927)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 10 Service Pack 2 kernel was updated to fix\nsome security issues and various bugs.\n\nThe following security problems have been fixed :\n\n - net/atm/svc.c in the ATM subsystem allowed local users\n to cause a denial of service (kernel infinite loop) by\n making two calls to svc_listen for the same socket, and\n then reading a /proc/net/atm/ *vc file, related to\n corruption of the vcc table. (CVE-2008-5079)\n\n - The __scm_destroy function in net/core/scm.c makes\n indirect recursive calls to itself through calls to the\n fput function, which allows local users to cause a\n denial of service (panic) via vectors related to sending\n an SCM_RIGHTS message through a UNIX domain socket and\n closing file descriptors. (CVE-2008-5029)\n\n - Buffer overflow in the hfsplus_find_cat function in\n fs/hfsplus/catalog.c allowed attackers to cause a denial\n of service (memory corruption or system crash) via an\n hfsplus filesystem image with an invalid catalog\n namelength field, related to the\n hfsplus_cat_build_key_uni function. (CVE-2008-4933)\n\n - Stack-based buffer overflow in the hfs_cat_find_brec\n function in fs/hfs/catalog.c allowed attackers to cause\n a denial of service (memory corruption or system crash)\n via an hfs filesystem image with an invalid catalog\n namelength field, a related issue to CVE-2008-4933.\n (CVE-2008-5025)\n\n - The inotify functionality might allow local users to\n gain privileges via unknown vectors related to race\n conditions in inotify watch removal and umount.\n (CVE-2008-5182)\n\nA lot of other bugs were fixed, a detailed list can be found in the\nRPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4933.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5025.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5079.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5182.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5927.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.34\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:53", "description": "The SUSE Linux Enterprise 10 Service Pack 2 kernel was updated to fix some security issues and various bugs.\n\nThe following security problems have been fixed :\n\n - net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/ *vc file, related to corruption of the vcc table. (CVE-2008-5079)\n\n - The __scm_destroy function in net/core/scm.c makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors. (CVE-2008-5029)\n\n - Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function. (CVE-2008-4933)\n\n - Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c allowed attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.\n (CVE-2008-5025)\n\n - The inotify functionality might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.\n (CVE-2008-5182)\n\nA lot of other bugs were fixed, a detailed list can be found in the RPM changelog.", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5924)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5924.NASL", "href": "https://www.tenable.com/plugins/nessus/41537", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41537);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5924)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 10 Service Pack 2 kernel was updated to fix\nsome security issues and various bugs.\n\nThe following security problems have been fixed :\n\n - net/atm/svc.c in the ATM subsystem allowed local users\n to cause a denial of service (kernel infinite loop) by\n making two calls to svc_listen for the same socket, and\n then reading a /proc/net/atm/ *vc file, related to\n corruption of the vcc table. (CVE-2008-5079)\n\n - The __scm_destroy function in net/core/scm.c makes\n indirect recursive calls to itself through calls to the\n fput function, which allows local users to cause a\n denial of service (panic) via vectors related to sending\n an SCM_RIGHTS message through a UNIX domain socket and\n closing file descriptors. (CVE-2008-5029)\n\n - Buffer overflow in the hfsplus_find_cat function in\n fs/hfsplus/catalog.c allowed attackers to cause a denial\n of service (memory corruption or system crash) via an\n hfsplus filesystem image with an invalid catalog\n namelength field, related to the\n hfsplus_cat_build_key_uni function. (CVE-2008-4933)\n\n - Stack-based buffer overflow in the hfs_cat_find_brec\n function in fs/hfs/catalog.c allowed attackers to cause\n a denial of service (memory corruption or system crash)\n via an hfs filesystem image with an invalid catalog\n namelength field, a related issue to CVE-2008-4933.\n (CVE-2008-5025)\n\n - The inotify functionality might allow local users to\n gain privileges via unknown vectors related to race\n conditions in inotify watch removal and umount.\n (CVE-2008-5182)\n\nA lot of other bugs were fixed, a detailed list can be found in the\nRPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4933.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5025.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5079.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5182.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5924.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.34\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.34\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:47:09", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-3527 Tavis Ormandy reported a local DoS and potential privilege escalation in the Virtual Dynamic Shared Objects (vDSO) implementation.\n\n - CVE-2008-3528 Eugene Teo reported a local DoS issue in the ext2 and ext3 filesystems. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to output error messages in an infinite loop.\n\n - CVE-2008-4554 Milos Szeredi reported that the usage of splice() on files opened with O_APPEND allows users to write to the file at arbitrary offsets, enabling a bypass of possible assumed semantics of the O_APPEND flag.\n\n - CVE-2008-4576 Vlad Yasevich reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel oops.\n\n - CVE-2008-4933 Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to overrun a buffer, resulting in a system oops or memory corruption.\n\n - CVE-2008-4934 Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that results in a kernel oops due to an unchecked return value.\n\n - CVE-2008-5025 Eric Sesterhenn reported a local DoS issue in the hfs filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a filesystem with a corrupted catalog name length, resulting in a system oops or memory corruption.\n\n - CVE-2008-5029 Andrea Bittau reported a DoS issue in the unix socket subsystem that allows a local user to cause memory corruption, resulting in a kernel panic.\n\n - CVE-2008-5079 Hugo Dias reported a DoS condition in the ATM subsystem that can be triggered by a local user by calling the svc_listen function twice on the same socket and reading /proc/net/atm/*vc.\n\n - CVE-2008-5182 Al Viro reported race conditions in the inotify subsystem that may allow local users to acquire elevated privileges.\n\n - CVE-2008-5300 Dann Frazier reported a DoS condition that allows local users to cause the out of memory handler to kill off privileged processes or trigger soft lockups due to a starvation issue in the unix socket subsystem.", "cvss3": {}, "published": "2008-12-16T00:00:00", "type": "nessus", "title": "Debian DSA-1687-1 : linux-2.6 - denial of service/privilege escalation", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3527", "CVE-2008-3528", "CVE-2008-4554", "CVE-2008-4576", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1687.NASL", "href": "https://www.tenable.com/plugins/nessus/35174", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1687. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35174);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-3527\", \"CVE-2008-3528\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\");\n script_bugtraq_id(31634, 31903, 32093, 32154, 32289, 32676);\n script_xref(name:\"DSA\", value:\"1687\");\n\n script_name(english:\"Debian DSA-1687-1 : linux-2.6 - denial of service/privilege escalation\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2008-3527\n Tavis Ormandy reported a local DoS and potential\n privilege escalation in the Virtual Dynamic Shared\n Objects (vDSO) implementation.\n\n - CVE-2008-3528\n Eugene Teo reported a local DoS issue in the ext2 and\n ext3 filesystems. Local users who have been granted the\n privileges necessary to mount a filesystem would be able\n to craft a corrupted filesystem that causes the kernel\n to output error messages in an infinite loop.\n\n - CVE-2008-4554\n Milos Szeredi reported that the usage of splice() on\n files opened with O_APPEND allows users to write to the\n file at arbitrary offsets, enabling a bypass of possible\n assumed semantics of the O_APPEND flag.\n\n - CVE-2008-4576\n Vlad Yasevich reported an issue in the SCTP subsystem\n that may allow remote users to cause a local DoS by\n triggering a kernel oops.\n\n - CVE-2008-4933\n Eric Sesterhenn reported a local DoS issue in the\n hfsplus filesystem. Local users who have been granted\n the privileges necessary to mount a filesystem would be\n able to craft a corrupted filesystem that causes the\n kernel to overrun a buffer, resulting in a system oops\n or memory corruption.\n\n - CVE-2008-4934\n Eric Sesterhenn reported a local DoS issue in the\n hfsplus filesystem. Local users who have been granted\n the privileges necessary to mount a filesystem would be\n able to craft a corrupted filesystem that results in a\n kernel oops due to an unchecked return value.\n\n - CVE-2008-5025\n Eric Sesterhenn reported a local DoS issue in the hfs\n filesystem. Local users who have been granted the\n privileges necessary to mount a filesystem would be able\n to craft a filesystem with a corrupted catalog name\n length, resulting in a system oops or memory corruption.\n\n - CVE-2008-5029\n Andrea Bittau reported a DoS issue in the unix socket\n subsystem that allows a local user to cause memory\n corruption, resulting in a kernel panic.\n\n - CVE-2008-5079\n Hugo Dias reported a DoS condition in the ATM subsystem\n that can be triggered by a local user by calling the\n svc_listen function twice on the same socket and reading\n /proc/net/atm/*vc.\n\n - CVE-2008-5182\n Al Viro reported race conditions in the inotify\n subsystem that may allow local users to acquire elevated\n privileges.\n\n - CVE-2008-5300\n Dann Frazier reported a DoS condition that allows local\n users to cause the out of memory handler to kill off\n privileged processes or trigger soft lockups due to a\n starvation issue in the unix socket subsystem.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4576\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5079\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1687\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6, fai-kernels, and user-mode-linux packages.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-23etch1.\n\nNote: Debian 'etch' includes linux kernel packages based upon both the\n2.6.18 and 2.6.24 linux releases. All known security issues are\ncarefully tracked against both packages and both packages will receive\nsecurity updates until security support for Debian 'etch' concludes.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, lower severity 2.6.18 and 2.6.24 updates will\ntypically release in a staggered or 'leap-frog' fashion.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 264, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/09/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"fai-kernels\", reference:\"1.17+etch.23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.18\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-alpha\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-arm\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-hppa\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-i386\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-ia64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mips\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mipsel\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-powerpc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-s390\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-sparc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390-tape\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.18\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.18\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.18\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.18-6\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.18\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"user-mode-linux\", reference:\"2.6.18-1um-2etch.23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-23etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:47:00", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-3528 Eugene Teo reported a local DoS issue in the ext2 and ext3 filesystems. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to output error messages in an infinite loop.\n\n - CVE-2008-4554 Milos Szeredi reported that the usage of splice() on files opened with O_APPEND allows users to write to the file at arbitrary offsets, enabling a bypass of possible assumed semantics of the O_APPEND flag.\n\n - CVE-2008-4576 Vlad Yasevich reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel oops.\n\n - CVE-2008-4618 Wei Yongjun reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel panic.\n\n - CVE-2008-4933 Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to overrun a buffer, resulting in a system oops or memory corruption.\n\n - CVE-2008-4934 Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that results in a kernel oops due to an unchecked return value.\n\n - CVE-2008-5025 Eric Sesterhenn reported a local DoS issue in the hfs filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a filesystem with a corrupted catalog name length, resulting in a system oops or memory corruption.\n\n - CVE-2008-5029 Andrea Bittau reported a DoS issue in the unix socket subsystem that allows a local user to cause memory corruption, resulting in a kernel panic.\n\n - CVE-2008-5134 Johannes Berg reported a remote DoS issue in the libertas wireless driver, which can be triggered by a specially crafted beacon/probe response.\n\n - CVE-2008-5182 Al Viro reported race conditions in the inotify subsystem that may allow local users to acquire elevated privileges.\n\n - CVE-2008-5300 Dann Frazier reported a DoS condition that allows local users to cause the out of memory handler to kill off privileged processes or trigger soft lockups due to a starvation issue in the unix socket subsystem.", "cvss3": {}, "published": "2008-12-05T00:00:00", "type": "nessus", "title": "Debian DSA-1681-1 : linux-2.6.24 - denial of service/privilege escalation", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-4554", "CVE-2008-4576", "CVE-2008-4618", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5134", "CVE-2008-5182", "CVE-2008-5300"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6.24", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1681.NASL", "href": "https://www.tenable.com/plugins/nessus/35036", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1681. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35036);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4618\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5134\", \"CVE-2008-5182\", \"CVE-2008-5300\");\n script_bugtraq_id(31634, 31903, 32093, 32154, 32289);\n script_xref(name:\"DSA\", value:\"1681\");\n\n script_name(english:\"Debian DSA-1681-1 : linux-2.6.24 - denial of service/privilege escalation\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2008-3528\n Eugene Teo reported a local DoS issue in the ext2 and\n ext3 filesystems. Local users who have been granted the\n privileges necessary to mount a filesystem would be able\n to craft a corrupted filesystem that causes the kernel\n to output error messages in an infinite loop.\n\n - CVE-2008-4554\n Milos Szeredi reported that the usage of splice() on\n files opened with O_APPEND allows users to write to the\n file at arbitrary offsets, enabling a bypass of possible\n assumed semantics of the O_APPEND flag.\n\n - CVE-2008-4576\n Vlad Yasevich reported an issue in the SCTP subsystem\n that may allow remote users to cause a local DoS by\n triggering a kernel oops.\n\n - CVE-2008-4618\n Wei Yongjun reported an issue in the SCTP subsystem that\n may allow remote users to cause a local DoS by\n triggering a kernel panic.\n\n - CVE-2008-4933\n Eric Sesterhenn reported a local DoS issue in the\n hfsplus filesystem. Local users who have been granted\n the privileges necessary to mount a filesystem would be\n able to craft a corrupted filesystem that causes the\n kernel to overrun a buffer, resulting in a system oops\n or memory corruption.\n\n - CVE-2008-4934\n Eric Sesterhenn reported a local DoS issue in the\n hfsplus filesystem. Local users who have been granted\n the privileges necessary to mount a filesystem would be\n able to craft a corrupted filesystem that results in a\n kernel oops due to an unchecked return value.\n\n - CVE-2008-5025\n Eric Sesterhenn reported a local DoS issue in the hfs\n filesystem. Local users who have been granted the\n privileges necessary to mount a filesystem would be able\n to craft a filesystem with a corrupted catalog name\n length, resulting in a system oops or memory corruption.\n\n - CVE-2008-5029\n Andrea Bittau reported a DoS issue in the unix socket\n subsystem that allows a local user to cause memory\n corruption, resulting in a kernel panic.\n\n - CVE-2008-5134\n Johannes Berg reported a remote DoS issue in the\n libertas wireless driver, which can be triggered by a\n specially crafted beacon/probe response.\n\n - CVE-2008-5182\n Al Viro reported race conditions in the inotify\n subsystem that may allow local users to acquire elevated\n privileges.\n\n - CVE-2008-5300\n Dann Frazier reported a DoS condition that allows local\n users to cause the out of memory handler to kill off\n privileged processes or trigger soft lockups due to a\n starvation issue in the unix socket subsystem.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4576\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4618\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1681\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6.24 packages.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 2.6.24-6~etchnhalf.7.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 264, 287, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/09/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.24\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-alpha\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-amd64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-arm\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-hppa\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-i386\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-ia64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mips\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mipsel\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-powerpc\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-s390\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-sparc\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-common\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r4k-ip22\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-ip32\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r4k-ip22\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-ip32\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390-tape\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.24\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.24\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.24\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.24-etchnhalf.1\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.24\", reference:\"2.6.24-6~etchnhalf.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:39:50", "description": "From Red Hat Security Advisory 2009:0264 :\n\nUpdated kernel packages that resolve several security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* a memory leak in keyctl handling. A local user could use this flaw to deplete kernel memory, eventually leading to a denial of service.\n(CVE-2009-0031, Important)\n\n* a buffer overflow in the Linux kernel Partial Reliable Stream Control Transmission Protocol (PR-SCTP) implementation. This could, potentially, lead to a denial of service if a Forward-TSN chunk is received with a large stream ID. (CVE-2009-0065, Important)\n\n* a flaw when handling heavy network traffic on an SMP system with many cores. An attacker who could send a large amount of network traffic could create a denial of service. (CVE-2008-5713, Important)\n\n* the code for the HFS and HFS Plus (HFS+) file systems failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the HFS Plus (HFS+) file system implementation.\nThis could, potentially, lead to a local denial of service when write operations are performed. (CVE-2008-4934, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* when using the nfsd daemon in a clustered setup, kernel panics appeared seemingly at random. These panics were caused by a race condition in the device-mapper mirror target.\n\n* the clock_gettime(CLOCK_THREAD_CPUTIME_ID, ) syscall returned a smaller timespec value than the result of previous clock_gettime() function execution, which resulted in a negative, and nonsensical, elapsed time value.\n\n* nfs_create_rpc_client was called with a 'flavor' parameter which was usually ignored and ended up unconditionally creating the RPC client with an AUTH_UNIX flavor. This caused problems on AUTH_GSS mounts when the credentials needed to be refreshed. The credops did not match the authorization type, which resulted in the credops dereferencing an incorrect part of the AUTH_UNIX rpc_auth struct.\n\n* when copy_user_c terminated prematurely due to reading beyond the end of the user buffer and the kernel jumped to the exception table entry, the rsi register was not cleared. This resulted in exiting back to user code with garbage in the rsi register.\n\n* the hexdump data in s390dbf traces was incomplete. The length of the data traced was incorrect and the SAN payload was read from a different place then it was written to.\n\n* when using connected mode (CM) in IPoIB on ehca2 hardware, it was not possible to transmit any data.\n\n* when an application called fork() and pthread_create() many times and, at some point, a thread forked a child and then attempted to call the setpgid() function, then this function failed and returned and ESRCH error value.\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. Note: for this update to take effect, the system must be rebooted.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2009-0264)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5713", "CVE-2009-0031", "CVE-2009-0065"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-pae", "p-cpe:/a:oracle:linux:kernel-pae-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-0264.NASL", "href": "https://www.tenable.com/plugins/nessus/67800", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0264 and \n# Oracle Linux Security Advisory ELSA-2009-0264 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67800);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5713\", \"CVE-2009-0031\", \"CVE-2009-0065\");\n script_bugtraq_id(32093, 32289, 33113);\n script_xref(name:\"RHSA\", value:\"2009:0264\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2009-0264)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0264 :\n\nUpdated kernel packages that resolve several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* a memory leak in keyctl handling. A local user could use this flaw\nto deplete kernel memory, eventually leading to a denial of service.\n(CVE-2009-0031, Important)\n\n* a buffer overflow in the Linux kernel Partial Reliable Stream\nControl Transmission Protocol (PR-SCTP) implementation. This could,\npotentially, lead to a denial of service if a Forward-TSN chunk is\nreceived with a large stream ID. (CVE-2009-0065, Important)\n\n* a flaw when handling heavy network traffic on an SMP system with\nmany cores. An attacker who could send a large amount of network\ntraffic could create a denial of service. (CVE-2008-5713, Important)\n\n* the code for the HFS and HFS Plus (HFS+) file systems failed to\nproperly handle corrupted data structures. This could, potentially,\nlead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the HFS Plus (HFS+) file system implementation.\nThis could, potentially, lead to a local denial of service when write\noperations are performed. (CVE-2008-4934, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* when using the nfsd daemon in a clustered setup, kernel panics\nappeared seemingly at random. These panics were caused by a race\ncondition in the device-mapper mirror target.\n\n* the clock_gettime(CLOCK_THREAD_CPUTIME_ID, ) syscall returned a\nsmaller timespec value than the result of previous clock_gettime()\nfunction execution, which resulted in a negative, and nonsensical,\nelapsed time value.\n\n* nfs_create_rpc_client was called with a 'flavor' parameter which was\nusually ignored and ended up unconditionally creating the RPC client\nwith an AUTH_UNIX flavor. This caused problems on AUTH_GSS mounts when\nthe credentials needed to be refreshed. The credops did not match the\nauthorization type, which resulted in the credops dereferencing an\nincorrect part of the AUTH_UNIX rpc_auth struct.\n\n* when copy_user_c terminated prematurely due to reading beyond the\nend of the user buffer and the kernel jumped to the exception table\nentry, the rsi register was not cleared. This resulted in exiting back\nto user code with garbage in the rsi register.\n\n* the hexdump data in s390dbf traces was incomplete. The length of the\ndata traced was incorrect and the SAN payload was read from a\ndifferent place then it was written to.\n\n* when using connected mode (CM) in IPoIB on ehca2 hardware, it was\nnot possible to transmit any data.\n\n* when an application called fork() and pthread_create() many times\nand, at some point, a thread forked a child and then attempted to call\nthe setpgid() function, then this function failed and returned and\nESRCH error value.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Note: for this update to\ntake effect, the system must be rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-February/000886.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5713\", \"CVE-2009-0031\", \"CVE-2009-0065\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-0264\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-128.1.1.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-128.1.1.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:32", "description": "This update addresses the following security issues :\n\n - a memory leak in keyctl handling. A local user could use this flaw to deplete kernel memory, eventually leading to a denial of service. (CVE-2009-0031, Important)\n\n - a buffer overflow in the Linux kernel Partial Reliable Stream Control Transmission Protocol (PR-SCTP) implementation. This could, potentially, lead to a denial of service if a Forward-TSN chunk is received with a large stream ID. (CVE-2009-0065, Important)\n\n - a flaw when handling heavy network traffic on an SMP system with many cores. An attacker who could send a large amount of network traffic could create a denial of service. (CVE-2008-5713, Important)\n\n - the code for the HFS and HFS Plus (HFS+) file systems failed to properly handle corrupted data structures.\n This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n - a flaw was found in the HFS Plus (HFS+) file system implementation. This could, potentially, lead to a local denial of service when write operations are performed.\n (CVE-2008-4934, Low)\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a denial of service issue.\n (CVE-2008-5029, Important)\n\n - a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem. A local, unprivileged user could use the flaw to listen on the same socket more than once, possibly causing a denial of service. (CVE-2008-5079, Important)\n\n - a race condition was found in the Linux kernel 'inotify' watch removal and umount implementation. This could allow a local, unprivileged user to cause a privilege escalation or a denial of service. (CVE-2008-5182, Important)\n\n** Bug fixes and enhancements are provided for :\n\n - support for specific NICs, including products from the following manufacturers: Broadcom Chelsio Cisco Intel Marvell NetXen Realtek Sun\n\n - Fiber Channel support, including support for Qlogic qla2xxx, qla4xxx, and qla84xx HBAs and the FCoE, FCP, and zFCP protocols.\n\n - support for various CPUs, including: AMD Opteron processors with 45 nm SOI ('Shanghai') AMD Turion Ultra processors Cell processors Intel Core i7 processors\n\n - Xen support, including issues specific to the IA64 platform, systems using AMD processors, and Dell Optiplex GX280 systems\n\n - ext3, ext4, GFS2, NFS, and SPUFS\n\n - Infiniband (including eHCA, eHEA, and IPoIB) support\n\n - common I/O (CIO), direct I/O (DIO), and queued direct I/O (qdio) support\n\n - the kernel distributed lock manager (DLM)\n\n - hardware issues with: SCSI, IEEE 1394 (FireWire), RAID (including issues specific to Adaptec controllers), SATA (including NCQ), PCI, audio, serial connections, tape-drives, and USB\n\n - ACPI, some of a general nature and some related to specific hardware including: certain Lenovo Thinkpad notebooks, HP DC7700 systems, and certain machines based on Intel Centrino processor technology.\n\n - CIFS, including Kerberos support and a tech-preview of DFS support\n\n - networking support, including IPv6, PPPoE, and IPSec\n\n - support for Intel chipsets, including: Intel Cantiga chipsets Intel Eagle Lake chipsets Intel i915 chipsets Intel i965 chipsets Intel Ibex Peak chipsets Intel chipsets offering QuickPath Interconnects (QPI)\n\n - device mapping issues, including some in device mapper itself\n\n - various issues specific to IA64 and PPC\n\n - CCISS, including support for Compaq SMART Array controllers P711m and P712m and other new hardware\n\n - various issues affecting specific HP systems, including:\n DL785G5 XW4800 XW8600 XW8600 XW9400\n\n - IOMMU support, including specific issues with AMD and IBM Calgary hardware\n\n - the audit subsystem\n\n - DASD support\n\n - iSCSI support, including issues specific to Chelsio T3 adapters\n\n - LVM issues\n\n - SCTP management information base (MIB) support\n\n - issues with: autofs, kdump, kobject_add, libata, lpar, ptrace, and utrace\n\n - platforms using Intel Enhanced Error Handling (EEH)\n\n - EDAC issues for AMD K8 and Intel i5000\n\n - ALSA, including support for new hardware\n\n - futex support\n\n - hugepage support\n\n - Intelligent Platform Management Interface (IPMI) support\n\n - issues affecting NEC/Stratus servers\n\n - OFED support\n\n - SELinux\n\n - various Virtio issues\n\n - when using the nfsd daemon in a clustered setup, kernel panics appeared seemingly at random. These panics were caused by a race condition in the device-mapper mirror target.\n\n - the clock_gettime(CLOCK_THREAD_CPUTIME_ID, ) syscall returned a smaller timespec value than the result of previous clock_gettime() function execution, which resulted in a negative, and nonsensical, elapsed time value.\n\n - nfs_create_rpc_client was called with a 'flavor' parameter which was usually ignored and ended up unconditionally creating the RPC client with an AUTH_UNIX flavor. This caused problems on AUTH_GSS mounts when the credentials needed to be refreshed. The credops did not match the authorization type, which resulted in the credops dereferencing an incorrect part of the AUTH_UNIX rpc_auth struct.\n\n - when copy_user_c terminated prematurely due to reading beyond the end of the user buffer and the kernel jumped to the exception table entry, the rsi register was not cleared. This resulted in exiting back to user code with garbage in the rsi register.\n\n - the hexdump data in s390dbf traces was incomplete. The length of the data traced was incorrect and the SAN payload was read from a different place then it was written to.\n\n - when using connected mode (CM) in IPoIB on ehca2 hardware, it was not possible to transmit any data.\n\n - when an application called fork() and pthread_create() many times and, at some point, a thread forked a child and then attempted to call the setpgid() function, then this function failed and returned and ESRCH error value.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5713", "CVE-2009-0031", "CVE-2009-0065"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090210_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60532", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60532);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5713\", \"CVE-2009-0031\", \"CVE-2009-0065\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses the following security issues :\n\n - a memory leak in keyctl handling. A local user could use\n this flaw to deplete kernel memory, eventually leading\n to a denial of service. (CVE-2009-0031, Important)\n\n - a buffer overflow in the Linux kernel Partial Reliable\n Stream Control Transmission Protocol (PR-SCTP)\n implementation. This could, potentially, lead to a\n denial of service if a Forward-TSN chunk is received\n with a large stream ID. (CVE-2009-0065, Important)\n\n - a flaw when handling heavy network traffic on an SMP\n system with many cores. An attacker who could send a\n large amount of network traffic could create a denial of\n service. (CVE-2008-5713, Important)\n\n - the code for the HFS and HFS Plus (HFS+) file systems\n failed to properly handle corrupted data structures.\n This could, potentially, lead to a local denial of\n service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n - a flaw was found in the HFS Plus (HFS+) file system\n implementation. This could, potentially, lead to a local\n denial of service when write operations are performed.\n (CVE-2008-4934, Low)\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make\n indirect recursive calls to itself. This could,\n potentially, lead to a denial of service issue.\n (CVE-2008-5029, Important)\n\n - a flaw was found in the Asynchronous Transfer Mode (ATM)\n subsystem. A local, unprivileged user could use the flaw\n to listen on the same socket more than once, possibly\n causing a denial of service. (CVE-2008-5079, Important)\n\n - a race condition was found in the Linux kernel 'inotify'\n watch removal and umount implementation. This could\n allow a local, unprivileged user to cause a privilege\n escalation or a denial of service. (CVE-2008-5182,\n Important)\n\n** Bug fixes and enhancements are provided for :\n\n - support for specific NICs, including products from the\n following manufacturers: Broadcom Chelsio Cisco Intel\n Marvell NetXen Realtek Sun\n\n - Fiber Channel support, including support for Qlogic\n qla2xxx, qla4xxx, and qla84xx HBAs and the FCoE, FCP,\n and zFCP protocols.\n\n - support for various CPUs, including: AMD Opteron\n processors with 45 nm SOI ('Shanghai') AMD Turion Ultra\n processors Cell processors Intel Core i7 processors\n\n - Xen support, including issues specific to the IA64\n platform, systems using AMD processors, and Dell\n Optiplex GX280 systems\n\n - ext3, ext4, GFS2, NFS, and SPUFS\n\n - Infiniband (including eHCA, eHEA, and IPoIB) support\n\n - common I/O (CIO), direct I/O (DIO), and queued direct\n I/O (qdio) support\n\n - the kernel distributed lock manager (DLM)\n\n - hardware issues with: SCSI, IEEE 1394 (FireWire), RAID\n (including issues specific to Adaptec controllers), SATA\n (including NCQ), PCI, audio, serial connections,\n tape-drives, and USB\n\n - ACPI, some of a general nature and some related to\n specific hardware including: certain Lenovo Thinkpad\n notebooks, HP DC7700 systems, and certain machines based\n on Intel Centrino processor technology.\n\n - CIFS, including Kerberos support and a tech-preview of\n DFS support\n\n - networking support, including IPv6, PPPoE, and IPSec\n\n - support for Intel chipsets, including: Intel Cantiga\n chipsets Intel Eagle Lake chipsets Intel i915 chipsets\n Intel i965 chipsets Intel Ibex Peak chipsets Intel\n chipsets offering QuickPath Interconnects (QPI)\n\n - device mapping issues, including some in device mapper\n itself\n\n - various issues specific to IA64 and PPC\n\n - CCISS, including support for Compaq SMART Array\n controllers P711m and P712m and other new hardware\n\n - various issues affecting specific HP systems, including:\n DL785G5 XW4800 XW8600 XW8600 XW9400\n\n - IOMMU support, including specific issues with AMD and\n IBM Calgary hardware\n\n - the audit subsystem\n\n - DASD support\n\n - iSCSI support, including issues specific to Chelsio T3\n adapters\n\n - LVM issues\n\n - SCTP management information base (MIB) support\n\n - issues with: autofs, kdump, kobject_add, libata, lpar,\n ptrace, and utrace\n\n - platforms using Intel Enhanced Error Handling (EEH)\n\n - EDAC issues for AMD K8 and Intel i5000\n\n - ALSA, including support for new hardware\n\n - futex support\n\n - hugepage support\n\n - Intelligent Platform Management Interface (IPMI) support\n\n - issues affecting NEC/Stratus servers\n\n - OFED support\n\n - SELinux\n\n - various Virtio issues\n\n - when using the nfsd daemon in a clustered setup, kernel\n panics appeared seemingly at random. These panics were\n caused by a race condition in the device-mapper mirror\n target.\n\n - the clock_gettime(CLOCK_THREAD_CPUTIME_ID, ) syscall\n returned a smaller timespec value than the result of\n previous clock_gettime() function execution, which\n resulted in a negative, and nonsensical, elapsed time\n value.\n\n - nfs_create_rpc_client was called with a 'flavor'\n parameter which was usually ignored and ended up\n unconditionally creating the RPC client with an\n AUTH_UNIX flavor. This caused problems on AUTH_GSS\n mounts when the credentials needed to be refreshed. The\n credops did not match the authorization type, which\n resulted in the credops dereferencing an incorrect part\n of the AUTH_UNIX rpc_auth struct.\n\n - when copy_user_c terminated prematurely due to reading\n beyond the end of the user buffer and the kernel jumped\n to the exception table entry, the rsi register was not\n cleared. This resulted in exiting back to user code with\n garbage in the rsi register.\n\n - the hexdump data in s390dbf traces was incomplete. The\n length of the data traced was incorrect and the SAN\n payload was read from a different place then it was\n written to.\n\n - when using connected mode (CM) in IPoIB on ehca2\n hardware, it was not possible to transmit any data.\n\n - when an application called fork() and pthread_create()\n many times and, at some point, a thread forked a child\n and then attempted to call the setpgid() function, then\n this function failed and returned and ESRCH error value.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0902&L=scientific-linux-errata&T=0&P=2076\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d4528f07\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-headers-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-128.1.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-128.1.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:55", "description": "Updated kernel packages that resolve several security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* a memory leak in keyctl handling. A local user could use this flaw to deplete kernel memory, eventually leading to a denial of service.\n(CVE-2009-0031, Important)\n\n* a buffer overflow in the Linux kernel Partial Reliable Stream Control Transmission Protocol (PR-SCTP) implementation. This could, potentially, lead to a denial of service if a Forward-TSN chunk is received with a large stream ID. (CVE-2009-0065, Important)\n\n* a flaw when handling heavy network traffic on an SMP system with many cores. An attacker who could send a large amount of network traffic could create a denial of service. (CVE-2008-5713, Important)\n\n* the code for the HFS and HFS Plus (HFS+) file systems failed to properly handle corrupted data structures. This could, potentially, lead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the HFS Plus (HFS+) file system implementation.\nThis could, potentially, lead to a local denial of service when write operations are performed. (CVE-2008-4934, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* when using the nfsd daemon in a clustered setup, kernel panics appeared seemingly at random. These panics were caused by a race condition in the device-mapper mirror target.\n\n* the clock_gettime(CLOCK_THREAD_CPUTIME_ID, ) syscall returned a smaller timespec value than the result of previous clock_gettime() function execution, which resulted in a negative, and nonsensical, elapsed time value.\n\n* nfs_create_rpc_client was called with a 'flavor' parameter which was usually ignored and ended up unconditionally creating the RPC client with an AUTH_UNIX flavor. This caused problems on AUTH_GSS mounts when the credentials needed to be refreshed. The credops did not match the authorization type, which resulted in the credops dereferencing an incorrect part of the AUTH_UNIX rpc_auth struct.\n\n* when copy_user_c terminated prematurely due to reading beyond the end of the user buffer and the kernel jumped to the exception table entry, the rsi register was not cleared. This resulted in exiting back to user code with garbage in the rsi register.\n\n* the hexdump data in s390dbf traces was incomplete. The length of the data traced was incorrect and the SAN payload was read from a different place then it was written to.\n\n* when using connected mode (CM) in IPoIB on ehca2 hardware, it was not possible to transmit any data.\n\n* when an application called fork() and pthread_create() many times and, at some point, a thread forked a child and then attempted to call the setpgid() function, then this function failed and returned and ESRCH error value.\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. Note: for this update to take effect, the system must be rebooted.", "cvss3": {}, "published": "2009-02-12T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2009:0264)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5713", "CVE-2009-0031", "CVE-2009-0065"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3"], "id": "REDHAT-RHSA-2009-0264.NASL", "href": "https://www.tenable.com/plugins/nessus/35645", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0264. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35645);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5713\", \"CVE-2009-0031\", \"CVE-2009-0065\");\n script_bugtraq_id(32093, 32289, 33113);\n script_xref(name:\"RHSA\", value:\"2009:0264\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2009:0264)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* a memory leak in keyctl handling. A local user could use this flaw\nto deplete kernel memory, eventually leading to a denial of service.\n(CVE-2009-0031, Important)\n\n* a buffer overflow in the Linux kernel Partial Reliable Stream\nControl Transmission Protocol (PR-SCTP) implementation. This could,\npotentially, lead to a denial of service if a Forward-TSN chunk is\nreceived with a large stream ID. (CVE-2009-0065, Important)\n\n* a flaw when handling heavy network traffic on an SMP system with\nmany cores. An attacker who could send a large amount of network\ntraffic could create a denial of service. (CVE-2008-5713, Important)\n\n* the code for the HFS and HFS Plus (HFS+) file systems failed to\nproperly handle corrupted data structures. This could, potentially,\nlead to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)\n\n* a flaw was found in the HFS Plus (HFS+) file system implementation.\nThis could, potentially, lead to a local denial of service when write\noperations are performed. (CVE-2008-4934, Low)\n\nIn addition, these updated packages fix the following bugs :\n\n* when using the nfsd daemon in a clustered setup, kernel panics\nappeared seemingly at random. These panics were caused by a race\ncondition in the device-mapper mirror target.\n\n* the clock_gettime(CLOCK_THREAD_CPUTIME_ID, ) syscall returned a\nsmaller timespec value than the result of previous clock_gettime()\nfunction execution, which resulted in a negative, and nonsensical,\nelapsed time value.\n\n* nfs_create_rpc_client was called with a 'flavor' parameter which was\nusually ignored and ended up unconditionally creating the RPC client\nwith an AUTH_UNIX flavor. This caused problems on AUTH_GSS mounts when\nthe credentials needed to be refreshed. The credops did not match the\nauthorization type, which resulted in the credops dereferencing an\nincorrect part of the AUTH_UNIX rpc_auth struct.\n\n* when copy_user_c terminated prematurely due to reading beyond the\nend of the user buffer and the kernel jumped to the exception table\nentry, the rsi register was not cleared. This resulted in exiting back\nto user code with garbage in the rsi register.\n\n* the hexdump data in s390dbf traces was incomplete. The length of the\ndata traced was incorrect and the SAN payload was read from a\ndifferent place then it was written to.\n\n* when using connected mode (CM) in IPoIB on ehca2 hardware, it was\nnot possible to transmit any data.\n\n* when an application called fork() and pthread_create() many times\nand, at some point, a thread forked a child and then attempted to call\nthe setpgid() function, then this function failed and returned and\nESRCH error value.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Note: for this update to\ntake effect, the system must be rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0264\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/02/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5713\", \"CVE-2009-0031\", \"CVE-2009-0065\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:0264\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0264\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-128.1.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-128.1.1.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:09", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nThe chip_command function in drivers/media/video/tvaudio.c in the Linux kernel 2.6.25.x before 2.6.25.19, 2.6.26.x before 2.6.26.7, and 2.6.27.x before 2.6.27.3 allows attackers to cause a denial of service (NULL function pointer dereference and OOPS) via unknown vectors.\n(CVE-2008-5033)\n\nStack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933. (CVE-2008-5025)\n\nAdditionally, added enhancements for a newer revision of Nokia models 6300, XpressMusic 5200, 5610 and 7610, the support for the ub USB module was disabled, added fixes for the Wake On LAN feature of the r8169 module, added fixes for suspend and resume on the i915 module, added ALSA fixes for Intel HDA, added workaround for a bug on iwlagn, added the m5602 driver, fixed a crash on the ppscsi module, added fixes to the uvcvideo module.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2008:246)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4933", "CVE-2008-5025", "CVE-2008-5033"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:et131x-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hso-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-server-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.7-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.7-desktop-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.7-desktop586-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.7-server-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest"], "id": "MANDRIVA_MDVSA-2008-246.NASL", "href": "https://www.tenable.com/plugins/nessus/37874", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:246. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37874);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-5025\", \"CVE-2008-5033\");\n script_bugtraq_id(32094, 32289);\n script_xref(name:\"MDVSA\", value:\"2008:246\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2008:246)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nThe chip_command function in drivers/media/video/tvaudio.c in the\nLinux kernel 2.6.25.x before 2.6.25.19, 2.6.26.x before 2.6.26.7, and\n2.6.27.x before 2.6.27.3 allows attackers to cause a denial of service\n(NULL function pointer dereference and OOPS) via unknown vectors.\n(CVE-2008-5033)\n\nStack-based buffer overflow in the hfs_cat_find_brec function in\nfs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows\nattackers to cause a denial of service (memory corruption or system\ncrash) via an hfs filesystem image with an invalid catalog namelength\nfield, a related issue to CVE-2008-4933. (CVE-2008-5025)\n\nAdditionally, added enhancements for a newer revision of Nokia models\n6300, XpressMusic 5200, 5610 and 7610, the support for the ub USB\nmodule was disabled, added fixes for the Wake On LAN feature of the\nr8169 module, added fixes for suspend and resume on the i915 module,\nadded ALSA fixes for Intel HDA, added workaround for a bug on iwlagn,\nadded the m5602 driver, fixed a crash on the ppscsi module, added\nfixes to the uvcvideo module.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/41782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/45393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/45599\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.27.7-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.7-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.7-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.7-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.7-desktop-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-2.6.27.7-desktop586-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.7-server-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20081219.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20081219.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-server-latest-0.5.1-1.20081219.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.7-desktop-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-2.6.27.7-desktop586-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.7-server-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-desktop-latest-2.3.0-1.20081219.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-desktop586-latest-2.3.0-1.20081219.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-server-latest-2.3.0-1.20081219.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.7-desktop-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-2.6.27.7-desktop586-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.7-server-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-desktop-latest-1.2.3-1.20081219.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-desktop586-latest-1.2.3-1.20081219.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-server-latest-1.2.3-1.20081219.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.7-desktop-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.7-desktop586-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.7-server-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20081219.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20081219.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20081219.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.7-desktop-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.27.7-desktop586-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.7-server-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-desktop-latest-8.522-1.20081219.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.522-1.20081219.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-server-latest-8.522-1.20081219.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.7-desktop-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-2.6.27.7-desktop586-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.7-server-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-desktop-latest-2.03.07-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-desktop586-latest-2.03.07-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-server-latest-2.03.07-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.7-desktop-1mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.7-desktop586-1mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.7-server-1mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop-latest-1.17-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop586-latest-1.17-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-server-latest-1.17-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.7-desktop-1mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.27.7-desktop586-1mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.7-server-1mnb-7.68.00.13-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-desktop-latest-7.68.00.13-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.68.00.13-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-server-latest-7.68.00.13-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.7-desktop-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-2.6.27.7-desktop586-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.7-server-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-desktop-latest-1.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-desktop586-latest-1.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-server-latest-1.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.7-desktop-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-2.6.27.7-desktop586-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.7-server-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-desktop-latest-0.4.16-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-desktop586-latest-0.4.16-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-server-latest-0.4.16-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-latest-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-latest-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-doc-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-latest-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-latest-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-2.6.27.7-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-latest-2.6.27.7-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.7-desktop-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-2.6.27.7-desktop586-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.7-server-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-desktop-latest-1.4.0pre1-1.20081219.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-desktop586-latest-1.4.0pre1-1.20081219.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-server-latest-1.4.0pre1-1.20081219.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.7-desktop-1mnb-0.8.3-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-2.6.27.7-desktop586-1mnb-0.8.3-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.7-server-1mnb-0.8.3-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-desktop-latest-0.8.3-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.3-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-server-latest-0.8.3-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.7-desktop-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-2.6.27.7-desktop586-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.7-server-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-desktop-latest-4.43-1.20081219.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20081219.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-server-latest-4.43-1.20081219.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.7-desktop-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.27.7-desktop586-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.7-server-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-desktop-latest-0.9.4-1.20081219.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.4-1.20081219.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-server-latest-0.9.4-1.20081219.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.7-desktop-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.27.7-desktop586-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.7-server-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-desktop-latest-177.70-1.20081219.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-177.70-1.20081219.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-server-latest-177.70-1.20081219.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-2.6.27.7-desktop-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-2.6.27.7-desktop586-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-2.6.27.7-server-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-desktop-latest-173.14.12-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-desktop586-latest-173.14.12-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-server-latest-173.14.12-1.20081219.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.7-desktop-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-2.6.27.7-desktop586-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.7-server-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-desktop-latest-71.86.06-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-desktop586-latest-71.86.06-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-server-latest-71.86.06-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.7-desktop-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.27.7-desktop586-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.7-server-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.07-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.07-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-server-latest-96.43.07-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.7-desktop-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-2.6.27.7-desktop586-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.7-server-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-desktop-latest-0.8.0-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-desktop586-latest-0.8.0-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-server-latest-0.8.0-1.20081219.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.7-desktop-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-2.6.27.7-desktop586-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.7-server-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-desktop-latest-20080513-1.20081219.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-desktop586-latest-20080513-1.20081219.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-server-latest-20080513-1.20081219.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.7-desktop-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-2.6.27.7-desktop586-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.7-server-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-desktop-latest-0.4.2a-1.20081219.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-desktop586-latest-0.4.2a-1.20081219.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-server-latest-0.4.2a-1.20081219.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.7-desktop-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-2.6.27.7-desktop586-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.7-server-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-desktop-latest-1.5.9-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-desktop586-latest-1.5.9-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-server-latest-1.5.9-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.7-desktop-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-2.6.27.7-desktop586-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.7-server-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-desktop-latest-0.6.6-1.20081219.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-desktop586-latest-0.6.6-1.20081219.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-server-latest-0.6.6-1.20081219.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.7-desktop-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-2.6.27.7-desktop586-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.7-server-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-desktop-latest-1.7.0.0-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-desktop586-latest-1.7.0.0-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-server-latest-1.7.0.0-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.7-desktop-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-2.6.27.7-desktop586-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.7-server-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-desktop-latest-1.3.1.0-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-desktop586-latest-1.3.1.0-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-server-latest-1.3.1.0-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.7-desktop-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-2.6.27.7-desktop586-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.7-server-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-desktop-latest-1016.20080716-1.20081219.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-desktop586-latest-1016.20080716-1.20081219.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-server-latest-1016.20080716-1.20081219.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.7-desktop-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.7-desktop586-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.7-server-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20081219.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20081219.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20081219.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.7-desktop-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.27.7-desktop586-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.7-server-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20081219.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.7-desktop-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-2.6.27.7-desktop586-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.7-server-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-desktop-latest-0.37-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-desktop586-latest-0.37-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-server-latest-0.37-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.7-desktop-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.27.7-desktop586-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.7-server-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-desktop-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-desktop586-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-server-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.7-desktop-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.27.7-desktop586-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.7-server-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-desktop-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-desktop586-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-server-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.7-desktop-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-2.6.27.7-desktop586-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.7-server-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-desktop-latest-1.0.0-1.20081219.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-desktop586-latest-1.0.0-1.20081219.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-server-latest-1.0.0-1.20081219.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.7-desktop-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.27.7-desktop586-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.7-server-1mnb-2.0.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-desktop-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-server-latest-2.0.2-1.20081219.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.7-desktop-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.27.7-desktop586-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.7-server-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20081219.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20081219.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20081219.3mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:54", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nnet/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table. (CVE-2008-5079)\n\nLinux kernel 2.6.28 allows local users to cause a denial of service (soft lockup and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029. (CVE-2008-5300)\n\nAdditionaly, wireless and hotkeys support for Asus EEE were fixed, systems with HDA sound needing MSI support were added to the quirks list to be autodetected, STAC92HD71Bx and STAC92HD75Bx based HDA support was enhanced and fixed, support for HDA sound on Acer Aspire 8930 was added, Dell Inspiron Mini 9 HDA sound support was added, CIFS filesystem should now work with Kerberos, and a few more things. Check the package changelog for details.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2009:032)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5300"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:kernel-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hso-kernel-server-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-server-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.27.10-1mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.10-desktop-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.10-desktop586-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.10-server-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest"], "id": "MANDRIVA_MDVSA-2009-032.NASL", "href": "https://www.tenable.com/plugins/nessus/37078", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:032. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37078);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5300\");\n script_bugtraq_id(32676);\n script_xref(name:\"MDVSA\", value:\"2009:032\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2009:032)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nnet/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and\nearlier allows local users to cause a denial of service (kernel\ninfinite loop) by making two calls to svc_listen for the same socket,\nand then reading a /proc/net/atm/*vc file, related to corruption of\nthe vcc table. (CVE-2008-5079)\n\nLinux kernel 2.6.28 allows local users to cause a denial of service\n(soft lockup and process loss) via a large number of sendmsg function\ncalls, which does not block during AF_UNIX garbage collection and\ntriggers an OOM condition, a different vulnerability than\nCVE-2008-5029. (CVE-2008-5300)\n\nAdditionaly, wireless and hotkeys support for Asus EEE were fixed,\nsystems with HDA sound needing MSI support were added to the quirks\nlist to be autodetected, STAC92HD71Bx and STAC92HD75Bx based HDA\nsupport was enhanced and fixed, support for HDA sound on Acer Aspire\n8930 was added, Dell Inspiron Mini 9 HDA sound support was added, CIFS\nfilesystem should now work with Kerberos, and a few more things. Check\nthe package changelog for details.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/43332\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44855\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/44988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/45136\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/45838\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/46164\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.27.10-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.10-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.10-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.10-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.10-desktop-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-2.6.27.10-desktop586-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.10-server-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20090130.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20090130.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-server-latest-0.5.1-1.20090130.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.10-desktop-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-2.6.27.10-desktop586-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.10-server-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-desktop-latest-2.3.0-1.20090130.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-desktop586-latest-2.3.0-1.20090130.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-server-latest-2.3.0-1.20090130.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.10-desktop-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-2.6.27.10-desktop586-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.10-server-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-desktop-latest-1.2.3-1.20090130.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-desktop586-latest-1.2.3-1.20090130.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-server-latest-1.2.3-1.20090130.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.10-desktop-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.10-desktop586-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.10-server-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20090130.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20090130.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20090130.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.10-desktop-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.27.10-desktop586-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.10-server-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-desktop-latest-8.522-1.20090130.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.522-1.20090130.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-server-latest-8.522-1.20090130.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.10-desktop-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-2.6.27.10-desktop586-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.10-server-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-desktop-latest-2.03.07-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-desktop586-latest-2.03.07-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-server-latest-2.03.07-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.10-desktop-1mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.10-desktop586-1mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.10-server-1mnb-1.17-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop-latest-1.17-1.20090130.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop586-latest-1.17-1.20090130.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-server-latest-1.17-1.20090130.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.10-desktop-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.27.10-desktop586-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.10-server-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-desktop-latest-7.68.00.13-1.20090130.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.68.00.13-1.20090130.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-server-latest-7.68.00.13-1.20090130.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.10-desktop-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-2.6.27.10-desktop586-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.10-server-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-desktop-latest-1.2-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-desktop586-latest-1.2-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-server-latest-1.2-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.10-desktop-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-2.6.27.10-desktop586-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.10-server-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-desktop-latest-0.4.16-1.20090130.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-desktop586-latest-0.4.16-1.20090130.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-server-latest-0.4.16-1.20090130.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-latest-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-latest-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-doc-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-latest-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-latest-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-2.6.27.10-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-latest-2.6.27.10-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.10-desktop-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-2.6.27.10-desktop586-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.10-server-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-desktop-latest-1.4.0pre1-1.20090130.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-desktop586-latest-1.4.0pre1-1.20090130.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-server-latest-1.4.0pre1-1.20090130.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.10-desktop-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-2.6.27.10-desktop586-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.10-server-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-desktop-latest-0.8.3-1.20090130.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.3-1.20090130.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-server-latest-0.8.3-1.20090130.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.10-desktop-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-2.6.27.10-desktop586-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.10-server-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-desktop-latest-4.43-1.20090130.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20090130.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-server-latest-4.43-1.20090130.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.10-desktop-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.27.10-desktop586-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.10-server-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-desktop-latest-0.9.4-1.20090130.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.4-1.20090130.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-server-latest-0.9.4-1.20090130.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.10-desktop-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.27.10-desktop586-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.10-server-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-desktop-latest-177.70-1.20090130.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-177.70-1.20090130.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-server-latest-177.70-1.20090130.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-2.6.27.10-desktop-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-2.6.27.10-desktop586-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-2.6.27.10-server-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-desktop-latest-173.14.12-1.20090130.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-desktop586-latest-173.14.12-1.20090130.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-server-latest-173.14.12-1.20090130.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.10-desktop-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-2.6.27.10-desktop586-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.10-server-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-desktop-latest-71.86.06-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-desktop586-latest-71.86.06-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-server-latest-71.86.06-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.10-desktop-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.27.10-desktop586-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.10-server-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.07-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.07-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-server-latest-96.43.07-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.10-desktop-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-2.6.27.10-desktop586-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.10-server-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-desktop-latest-0.8.0-1.20090130.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-desktop586-latest-0.8.0-1.20090130.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-server-latest-0.8.0-1.20090130.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.10-desktop-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-2.6.27.10-desktop586-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.10-server-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-desktop-latest-20080513-1.20090130.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-desktop586-latest-20080513-1.20090130.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-server-latest-20080513-1.20090130.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.10-desktop-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-2.6.27.10-desktop586-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.10-server-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-desktop-latest-0.4.2a-1.20090130.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-desktop586-latest-0.4.2a-1.20090130.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-server-latest-0.4.2a-1.20090130.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.10-desktop-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-2.6.27.10-desktop586-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.10-server-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-desktop-latest-1.5.9-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-desktop586-latest-1.5.9-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-server-latest-1.5.9-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.10-desktop-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-2.6.27.10-desktop586-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.10-server-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-desktop-latest-0.6.6-1.20090130.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-desktop586-latest-0.6.6-1.20090130.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-server-latest-0.6.6-1.20090130.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.10-desktop-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-2.6.27.10-desktop586-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.10-server-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-desktop-latest-1.7.0.0-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-desktop586-latest-1.7.0.0-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-server-latest-1.7.0.0-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.10-desktop-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-2.6.27.10-desktop586-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.10-server-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-desktop-latest-1.3.1.0-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-desktop586-latest-1.3.1.0-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-server-latest-1.3.1.0-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.10-desktop-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-2.6.27.10-desktop586-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.10-server-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-desktop-latest-1016.20080716-1.20090130.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-desktop586-latest-1016.20080716-1.20090130.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-server-latest-1016.20080716-1.20090130.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.10-desktop-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.10-desktop586-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.10-server-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20090130.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20090130.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20090130.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.10-desktop-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.27.10-desktop586-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.10-server-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20090130.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.10-desktop-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-2.6.27.10-desktop586-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.10-server-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-desktop-latest-0.37-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-desktop586-latest-0.37-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-server-latest-0.37-1.20090130.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.10-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.27.10-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.10-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-desktop-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-desktop586-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-server-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.10-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.27.10-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.10-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-desktop-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-desktop586-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-server-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.10-desktop-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-2.6.27.10-desktop586-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.10-server-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-desktop-latest-1.0.0-1.20090130.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-desktop586-latest-1.0.0-1.20090130.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-server-latest-1.0.0-1.20090130.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.10-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.27.10-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.10-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-desktop-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-server-latest-2.0.2-1.20090130.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.10-desktop-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.27.10-desktop586-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.10-server-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20090130.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20090130.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20090130.3mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:05", "description": "It was discovered that the Xen hypervisor block driver did not correctly validate requests. A user with root privileges in a guest OS could make a malicious IO request with a large number of blocks that would crash the host OS, leading to a denial of service. This only affected Ubuntu 7.10. (CVE-2007-5498)\n\nIt was discovered the the i915 video driver did not correctly validate memory addresses. A local attacker could exploit this to remap memory that could cause a system crash, leading to a denial of service. This issue did not affect Ubuntu 6.06 and was previous fixed for Ubuntu 7.10 and 8.04 in USN-659-1. Ubuntu 8.10 has now been corrected as well. (CVE-2008-3831)\n\nDavid Watson discovered that the kernel did not correctly strip permissions when creating files in setgid directories. A local user could exploit this to gain additional group privileges. This issue only affected Ubuntu 6.06. (CVE-2008-4210)\n\nOlaf Kirch and Miklos Szeredi discovered that the Linux kernel did not correctly reject the 'append' flag when handling file splice requests.\nA local attacker could bypass append mode and make changes to arbitrary locations in a file. This issue only affected Ubuntu 7.10 and 8.04. (CVE-2008-4554)\n\nIt was discovered that the SCTP stack did not correctly handle INIT-ACK. A remote user could exploit this by sending specially crafted SCTP traffic which would trigger a crash in the system, leading to a denial of service. This issue did not affect Ubuntu 8.10.\n(CVE-2008-4576)\n\nIt was discovered that the SCTP stack did not correctly handle bad packet lengths. A remote user could exploit this by sending specially crafted SCTP traffic which would trigger a crash in the system, leading to a denial of service. This issue did not affect Ubuntu 8.10.\n(CVE-2008-4618)\n\nEric Sesterhenn discovered multiple flaws in the HFS+ filesystem. If a local user or automated system were tricked into mounting a malicious HFS+ filesystem, the system could crash, leading to a denial of service. (CVE-2008-4933, CVE-2008-4934, CVE-2008-5025)\n\nIt was discovered that the Unix Socket handler did not correctly process the SCM_RIGHTS message. A local attacker could make a malicious socket request that would crash the system, leading to a denial of service. (CVE-2008-5029)\n\nIt was discovered that the driver for simple i2c audio interfaces did not correctly validate certain function pointers. A local user could exploit this to gain root privileges or crash the system, leading to a denial of service. (CVE-2008-5033).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.15/22 vulnerabilities (USN-679-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5498", "CVE-2008-3831", "CVE-2008-4210", "CVE-2008-4554", "CVE-2008-4576", "CVE-2008-4618", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5033"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.15-53", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.22-16", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.24-22", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:fglrx-amdcccle", "p-cpe:/a:canonical:ubuntu_linux:fglrx-control", "p-cpe:/a:canonical:ubuntu_linux:fglrx-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-common", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:nvidia-legacy-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:nvidia-new-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx", "p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx-dev", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10"], "id": "UBUNTU_USN-679-1.NASL", "href": "https://www.tenable.com/plugins/nessus/37683", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-679-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37683);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-5498\", \"CVE-2008-3831\", \"CVE-2008-4210\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4618\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5033\");\n script_bugtraq_id(31368, 31634, 31792, 31903, 32093, 32094, 32154, 32289);\n script_xref(name:\"USN\", value:\"679-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.15/22 vulnerabilities (USN-679-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Xen hypervisor block driver did not\ncorrectly validate requests. A user with root privileges in a guest OS\ncould make a malicious IO request with a large number of blocks that\nwould crash the host OS, leading to a denial of service. This only\naffected Ubuntu 7.10. (CVE-2007-5498)\n\nIt was discovered the the i915 video driver did not correctly validate\nmemory addresses. A local attacker could exploit this to remap memory\nthat could cause a system crash, leading to a denial of service. This\nissue did not affect Ubuntu 6.06 and was previous fixed for Ubuntu\n7.10 and 8.04 in USN-659-1. Ubuntu 8.10 has now been corrected as\nwell. (CVE-2008-3831)\n\nDavid Watson discovered that the kernel did not correctly strip\npermissions when creating files in setgid directories. A local user\ncould exploit this to gain additional group privileges. This issue\nonly affected Ubuntu 6.06. (CVE-2008-4210)\n\nOlaf Kirch and Miklos Szeredi discovered that the Linux kernel did not\ncorrectly reject the 'append' flag when handling file splice requests.\nA local attacker could bypass append mode and make changes to\narbitrary locations in a file. This issue only affected Ubuntu 7.10\nand 8.04. (CVE-2008-4554)\n\nIt was discovered that the SCTP stack did not correctly handle\nINIT-ACK. A remote user could exploit this by sending specially\ncrafted SCTP traffic which would trigger a crash in the system,\nleading to a denial of service. This issue did not affect Ubuntu 8.10.\n(CVE-2008-4576)\n\nIt was discovered that the SCTP stack did not correctly handle bad\npacket lengths. A remote user could exploit this by sending specially\ncrafted SCTP traffic which would trigger a crash in the system,\nleading to a denial of service. This issue did not affect Ubuntu 8.10.\n(CVE-2008-4618)\n\nEric Sesterhenn discovered multiple flaws in the HFS+ filesystem. If a\nlocal user or automated system were tricked into mounting a malicious\nHFS+ filesystem, the system could crash, leading to a denial of\nservice. (CVE-2008-4933, CVE-2008-4934, CVE-2008-5025)\n\nIt was discovered that the Unix Socket handler did not correctly\nprocess the SCM_RIGHTS message. A local attacker could make a\nmalicious socket request that would crash the system, leading to a\ndenial of service. (CVE-2008-5029)\n\nIt was discovered that the driver for simple i2c audio interfaces did\nnot correctly validate certain function pointers. A local user could\nexploit this to gain root privileges or crash the system, leading to a\ndenial of service. (CVE-2008-5033).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/679-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.15-53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.22-16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.24-22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-amdcccle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-control\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lbm-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lum-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ubuntu-modules-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-new-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-legacy-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-new-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/05/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|7\\.10|8\\.04|8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 7.10 / 8.04 / 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2007-5498\", \"CVE-2008-3831\", \"CVE-2008-4210\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4618\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5033\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-679-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avm-fritz-firmware-2.6.15-53\", pkgver:\"3.11+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avm-fritz-kernel-source\", pkgver:\"3.11+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"fglrx-control\", pkgver:\"8.25.18+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"fglrx-kernel-source\", pkgver:\"8.25.18+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-386\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-686\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-53-server\", pkgver:\"2.6.15-53.11\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-386\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-686\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-server\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-386\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-686\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-server\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-386\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-686\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-amd64-generic\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-amd64-k8\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-53.74\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx\", pkgver:\"1.0.8776+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-dev\", pkgver:\"1.0.8776+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-legacy\", pkgver:\"1.0.7174+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-legacy-dev\", pkgver:\"1.0.7174+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-kernel-source\", pkgver:\"1.0.8776+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-legacy-kernel-source\", pkgver:\"1.0.7174+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"xorg-driver-fglrx\", pkgver:\"7.0.0-8.25.18+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"xorg-driver-fglrx-dev\", pkgver:\"7.0.0-8.25.18+2.6.15.12-53.4\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"avm-fritz-firmware-2.6.22-16\", pkgver:\"3.11+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"avm-fritz-kernel-source\", pkgver:\"3.11+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"fglrx-control\", pkgver:\"8.37.6+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"fglrx-kernel-source\", pkgver:\"8.37.6+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-386\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-generic\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-rt\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-server\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-ume\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-backports-modules-2.6.22-16-xen\", pkgver:\"2.6.22-16.17\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-doc-2.6.22\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-386\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-generic\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-rt\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-server\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-ume\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-virtual\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-xen\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-386\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-cell\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-generic\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpia\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpiacompat\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-rt\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-server\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-ume\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-virtual\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-xen\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-386\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-generic\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-server\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-virtual\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-2.6.22-16-386\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-2.6.22-16-generic\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-2.6.22-16-rt\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-2.6.22-16-xen\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-source-2.6.22\", pkgver:\"2.6.22-16.60\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-386\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-generic\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-rt\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-server\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-ume\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-virtual\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-ubuntu-modules-2.6.22-16-xen\", pkgver:\"2.6.22-16.41\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx\", pkgver:\"1.0.9639+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-dev\", pkgver:\"1.0.9639+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-legacy\", pkgver:\"1.0.7185+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-legacy-dev\", pkgver:\"1.0.7185+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-new\", pkgver:\"100.14.19+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-glx-new-dev\", pkgver:\"100.14.19+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-kernel-source\", pkgver:\"1.0.9639+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-legacy-kernel-source\", pkgver:\"1.0.7185+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"nvidia-new-kernel-source\", pkgver:\"100.14.19+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"xorg-driver-fglrx\", pkgver:\"7.1.0-8.37.6+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"xorg-driver-fglrx-dev\", pkgver:\"7.1.0-8.37.6+2.6.22.4-16.12\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"avm-fritz-firmware-2.6.24-22\", pkgver:\"3.11+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"avm-fritz-kernel-source\", pkgver:\"3.11+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"fglrx-amdcccle\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"fglrx-control\", pkgver:\"8-3+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"fglrx-kernel-source\", pkgver:\"8-3+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-386\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-generic\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-openvz\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-rt\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-server\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-virtual\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-backports-modules-2.6.24-22-xen\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-386\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-generic\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-openvz\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-rt\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-server\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-virtual\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-22-xen\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-386\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-generic\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-openvz\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-rt\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-server\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-virtual\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lbm-2.6.24-22-xen\", pkgver:\"2.6.24-22.29\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-386\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-generic\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-openvz\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-rt\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-server\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-virtual\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-lum-2.6.24-22-xen\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-386\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-generic\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-lpia\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-lpiacompat\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-openvz\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-rt\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-server\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-virtual\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-22-xen\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-22-386\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-22-generic\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-22-server\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-22-virtual\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-386\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-generic\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-openvz\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-rt\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-server\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-2.6.24-22-xen\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-22.45\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-386\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-generic\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-openvz\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-rt\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-server\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-virtual\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-ubuntu-modules-2.6.24-22-xen\", pkgver:\"2.6.24-22.35\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx\", pkgver:\"96.43.05+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-dev\", pkgver:\"96.43.05+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-legacy\", pkgver:\"71.86.04+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-legacy-dev\", pkgver:\"71.86.04+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-new\", pkgver:\"169.12+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-glx-new-dev\", pkgver:\"169.12+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-kernel-source\", pkgver:\"96.43.05+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-legacy-kernel-source\", pkgver:\"71.86.04+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"nvidia-new-kernel-source\", pkgver:\"169.12+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xorg-driver-fglrx\", pkgver:\"7.1.0-8-3+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xorg-driver-fglrx-dev\", pkgver:\"7.1.0-8-3+2.6.24.14-22.53\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-backports-modules-2.6.27-9-generic\", pkgver:\"2.6.27-9.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-backports-modules-2.6.27-9-server\", pkgver:\"2.6.27-9.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-doc-2.6.27\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-9\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-9-generic\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-9-server\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-lbm-2.6.27-9-generic\", pkgver:\"2.6.27-9.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-lbm-2.6.27-9-server\", pkgver:\"2.6.27-9.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-9-generic\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-9-server\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-9-virtual\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.27-9.19\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-restricted-modules-2.6.27-9-generic\", pkgver:\"2.6.27-9.13\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-restricted-modules-2.6.27-9-server\", pkgver:\"2.6.27-9.13\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.27-9.13\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-source-2.6.27\", pkgver:\"2.6.27-9.19\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avm-fritz-firmware-2.6.15-53 / avm-fritz-firmware-2.6.22-16 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-10T18:03:55", "description": "The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-0225 advisory.\n\n - The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors. (CVE-2008-5029)\n\n - net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table. (CVE-2008-5079)\n\n - The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount. (CVE-2008-5182)\n\n - Linux kernel 2.6.28 allows local users to cause a denial of service (soft lockup and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029. (CVE-2008-5300)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-09-07T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : Oracle / Enterprise / Linux / 5.3 / kernel (ELSA-2009-0225)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300"], "modified": "2023-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-pae", "p-cpe:/a:oracle:linux:kernel-pae-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "p-cpe:/a:oracle:linux:ocfs2-2.6.18-128.el5", "p-cpe:/a:oracle:linux:ocfs2-2.6.18-128.el5pae", "p-cpe:/a:oracle:linux:ocfs2-2.6.18-128.el5debug", "p-cpe:/a:oracle:linux:ocfs2-2.6.18-128.el5xen", "p-cpe:/a:oracle:linux:oracleasm-2.6.18-128.el5", "p-cpe:/a:oracle:linux:oracleasm-2.6.18-128.el5pae", "p-cpe:/a:oracle:linux:oracleasm-2.6.18-128.el5debug", "p-cpe:/a:oracle:linux:oracleasm-2.6.18-128.el5xen"], "id": "ORACLELINUX_ELSA-2009-0225.NASL", "href": "https://www.tenable.com/plugins/nessus/180612", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2009-0225.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(180612);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/08\");\n\n script_cve_id(\n \"CVE-2008-5029\",\n \"CVE-2008-5079\",\n \"CVE-2008-5182\",\n \"CVE-2008-5300\"\n );\n\n script_name(english:\"Oracle Linux 5 : Oracle / Enterprise / Linux / 5.3 / kernel (ELSA-2009-0225)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2009-0225 advisory.\n\n - The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes\n indirect recursive calls to itself through calls to the fput function, which allows local users to cause a\n denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain\n socket and closing file descriptors. (CVE-2008-5029)\n\n - net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a\n denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then\n reading a /proc/net/atm/*vc file, related to corruption of the vcc table. (CVE-2008-5079)\n\n - The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges\n via unknown vectors related to race conditions in inotify watch removal and umount. (CVE-2008-5182)\n\n - Linux kernel 2.6.28 allows local users to cause a denial of service (soft lockup and process loss) via a\n large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and\n triggers an OOM condition, a different vulnerability than CVE-2008-5029. (CVE-2008-5300)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2009-0225.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2008-5182\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2008-5300\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/09/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocfs2-2.6.18-128.el5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocfs2-2.6.18-128.el5PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocfs2-2.6.18-128.el5debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ocfs2-2.6.18-128.el5xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:oracleasm-2.6.18-128.el5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:oracleasm-2.6.18-128.el5PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:oracleasm-2.6.18-128.el5debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:oracleasm-2.6.18-128.el5xen\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 5', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['2.6.18-128.el5'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2009-0225');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '2.6';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-headers-2.6.18-128.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-2.6.18'},\n {'reference':'kernel-2.6.18-128.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-2.6.18'},\n {'reference':'kernel-PAE-2.6.18-128.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-PAE-2.6.18'},\n {'reference':'kernel-PAE-devel-2.6.18-128.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-PAE-devel-2.6.18'},\n {'reference':'kernel-debug-2.6.18-128.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-2.6.18'},\n {'reference':'kernel-debug-devel-2.6.18-128.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-2.6.18'},\n {'reference':'kernel-devel-2.6.18-128.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-2.6.18'},\n {'reference':'kernel-xen-2.6.18-128.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-xen-2.6.18'},\n {'reference':'kernel-xen-devel-2.6.18-128.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-xen-devel-2.6.18'},\n {'reference':'ocfs2-2.6.18-128.el5-1.2.9-1.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocfs2-2.6.18-128.el5PAE-1.2.9-1.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocfs2-2.6.18-128.el5debug-1.2.9-1.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocfs2-2.6.18-128.el5xen-1.2.9-1.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oracleasm-2.6.18-128.el5-2.0.5-1.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oracleasm-2.6.18-128.el5PAE-2.0.5-1.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oracleasm-2.6.18-128.el5debug-2.0.5-1.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oracleasm-2.6.18-128.el5xen-2.0.5-1.el5', 'cpu':'i686', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-2.6.18-128.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-2.6.18'},\n {'reference':'kernel-debug-2.6.18-128.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-2.6.18'},\n {'reference':'kernel-debug-devel-2.6.18-128.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-2.6.18'},\n {'reference':'kernel-devel-2.6.18-128.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-2.6.18'},\n {'reference':'kernel-headers-2.6.18-128.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-2.6.18'},\n {'reference':'kernel-xen-2.6.18-128.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-xen-2.6.18'},\n {'reference':'kernel-xen-devel-2.6.18-128.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-xen-devel-2.6.18'},\n {'reference':'ocfs2-2.6.18-128.el5-1.2.9-1.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocfs2-2.6.18-128.el5debug-1.2.9-1.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocfs2-2.6.18-128.el5xen-1.2.9-1.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oracleasm-2.6.18-128.el5-2.0.5-1.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oracleasm-2.6.18-128.el5debug-2.0.5-1.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oracleasm-2.6.18-128.el5xen-2.0.5-1.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-PAE / kernel-PAE-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:31", "description": "Updated kernel packages that fix three security issues, address several hundred bugs and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 5. This is the third regular update.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe Linux kernel (the core of the Linux operating system)\n\nThese updated packages contain 730 bug fixes and enhancements for the Linux kernel. Space precludes a detailed description of each of these changes in this advisory and users are therefore directed to the release notes for Red Hat Enterprise Linux 5.3 for information on 97 of the most significant of these changes.\n\nDetails of three security-related bug fixes are set out below, along with notes on other broad categories of change not covered in the release notes. For more detailed information on specific bug fixes or enhancements, please consult the Bugzilla numbers listed in this advisory.\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a denial of service issue.\n(CVE-2008-5029, Important)\n\n* a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem.\nA local, unprivileged user could use the flaw to listen on the same socket more than once, possibly causing a denial of service.\n(CVE-2008-5079, Important)\n\n* a race condition was found in the Linux kernel 'inotify' watch removal and umount implementation. This could allow a local, unprivileged user to cause a privilege escalation or a denial of service. (CVE-2008-5182, Important)\n\n* Bug fixes and enhancements are provided for :\n\n* support for specific NICs, including products from the following manufacturers: Broadcom Chelsio Cisco Intel Marvell NetXen Realtek Sun\n\n* Fiber Channel support, including support for Qlogic qla2xxx, qla4xxx, and qla84xx HBAs and the FCoE, FCP, and zFCP protocols.\n\n* support for various CPUs, including: AMD Opteron processors with 45 nm SOI ('Shanghai') AMD Turion Ultra processors Cell processors Intel Core i7 processors\n\n* Xen support, including issues specific to the IA64 platform, systems using AMD processors, and Dell Optiplex GX280 systems\n\n* ext3, ext4, GFS2, NFS, and SPUFS\n\n* Infiniband (including eHCA, eHEA, and IPoIB) support\n\n* common I/O (CIO), direct I/O (DIO), and queued direct I/O (qdio) support\n\n* the kernel distributed lock manager (DLM)\n\n* hardware issues with: SCSI, IEEE 1394 (FireWire), RAID (including issues specific to Adaptec controllers), SATA (including NCQ), PCI, audio, serial connections, tape-drives, and USB\n\n* ACPI, some of a general nature and some related to specific hardware including: certain Lenovo Thinkpad notebooks, HP DC7700 systems, and certain machines based on Intel Centrino processor technology.\n\n* CIFS, including Kerberos support and a tech-preview of DFS support\n\n* networking support, including IPv6, PPPoE, and IPSec\n\n* support for Intel chipsets, including: Intel Cantiga chipsets Intel Eagle Lake chipsets Intel i915 chipsets Intel i965 chipsets Intel Ibex Peak chipsets Intel chipsets offering QuickPath Interconnects (QPI)\n\n* device mapping issues, including some in device mapper itself\n\n* various issues specific to IA64 and PPC\n\n* CCISS, including support for Compaq SMART Array controllers P711m and P712m and other new hardware\n\n* various issues affecting specific HP systems, including: DL785G5 XW4800 XW8600 XW8600 XW9400\n\n* IOMMU support, including specific issues with AMD and IBM Calgary hardware\n\n* the audit subsystem\n\n* DASD support\n\n* iSCSI support, including issues specific to Chelsio T3 adapters\n\n* LVM issues\n\n* SCTP management information base (MIB) support\n\n* issues with: autofs, kdump, kobject_add, libata, lpar, ptrace, and utrace\n\n* IBM Power platforms using Enhanced I/O Error Handling (EEH)\n\n* EDAC issues for AMD K8 and Intel i5000\n\n* ALSA, including support for new hardware\n\n* futex support\n\n* hugepage support\n\n* Intelligent Platform Management Interface (IPMI) support\n\n* issues affecting NEC/Stratus servers\n\n* OFED support\n\n* SELinux\n\n* various Virtio issues\n\nAll users are advised to upgrade to these updated packages, which resolve these issues and add these enhancements.", "cvss3": {}, "published": "2009-01-21T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2009:0225)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2009-0225.NASL", "href": "https://www.tenable.com/plugins/nessus/35434", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0225. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35434);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\");\n script_bugtraq_id(32154, 32676, 33503);\n script_xref(name:\"RHSA\", value:\"2009:0225\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2009:0225)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix three security issues, address\nseveral hundred bugs and add numerous enhancements are now available\nas part of the ongoing support and maintenance of Red Hat Enterprise\nLinux version 5. This is the third regular update.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Linux kernel (the core of the Linux operating system)\n\nThese updated packages contain 730 bug fixes and enhancements for the\nLinux kernel. Space precludes a detailed description of each of these\nchanges in this advisory and users are therefore directed to the\nrelease notes for Red Hat Enterprise Linux 5.3 for information on 97\nof the most significant of these changes.\n\nDetails of three security-related bug fixes are set out below, along\nwith notes on other broad categories of change not covered in the\nrelease notes. For more detailed information on specific bug fixes or\nenhancements, please consult the Bugzilla numbers listed in this\nadvisory.\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a denial of service issue.\n(CVE-2008-5029, Important)\n\n* a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem.\nA local, unprivileged user could use the flaw to listen on the same\nsocket more than once, possibly causing a denial of service.\n(CVE-2008-5079, Important)\n\n* a race condition was found in the Linux kernel 'inotify' watch\nremoval and umount implementation. This could allow a local,\nunprivileged user to cause a privilege escalation or a denial of\nservice. (CVE-2008-5182, Important)\n\n* Bug fixes and enhancements are provided for :\n\n* support for specific NICs, including products from the following\nmanufacturers: Broadcom Chelsio Cisco Intel Marvell NetXen Realtek Sun\n\n* Fiber Channel support, including support for Qlogic qla2xxx,\nqla4xxx, and qla84xx HBAs and the FCoE, FCP, and zFCP protocols.\n\n* support for various CPUs, including: AMD Opteron processors with 45\nnm SOI ('Shanghai') AMD Turion Ultra processors Cell processors Intel\nCore i7 processors\n\n* Xen support, including issues specific to the IA64 platform, systems\nusing AMD processors, and Dell Optiplex GX280 systems\n\n* ext3, ext4, GFS2, NFS, and SPUFS\n\n* Infiniband (including eHCA, eHEA, and IPoIB) support\n\n* common I/O (CIO), direct I/O (DIO), and queued direct I/O (qdio)\nsupport\n\n* the kernel distributed lock manager (DLM)\n\n* hardware issues with: SCSI, IEEE 1394 (FireWire), RAID (including\nissues specific to Adaptec controllers), SATA (including NCQ), PCI,\naudio, serial connections, tape-drives, and USB\n\n* ACPI, some of a general nature and some related to specific hardware\nincluding: certain Lenovo Thinkpad notebooks, HP DC7700 systems, and\ncertain machines based on Intel Centrino processor technology.\n\n* CIFS, including Kerberos support and a tech-preview of DFS support\n\n* networking support, including IPv6, PPPoE, and IPSec\n\n* support for Intel chipsets, including: Intel Cantiga chipsets Intel\nEagle Lake chipsets Intel i915 chipsets Intel i965 chipsets Intel Ibex\nPeak chipsets Intel chipsets offering QuickPath Interconnects (QPI)\n\n* device mapping issues, including some in device mapper itself\n\n* various issues specific to IA64 and PPC\n\n* CCISS, including support for Compaq SMART Array controllers P711m\nand P712m and other new hardware\n\n* various issues affecting specific HP systems, including: DL785G5\nXW4800 XW8600 XW8600 XW9400\n\n* IOMMU support, including specific issues with AMD and IBM Calgary\nhardware\n\n* the audit subsystem\n\n* DASD support\n\n* iSCSI support, including issues specific to Chelsio T3 adapters\n\n* LVM issues\n\n* SCTP management information base (MIB) support\n\n* issues with: autofs, kdump, kobject_add, libata, lpar, ptrace, and\nutrace\n\n* IBM Power platforms using Enhanced I/O Error Handling (EEH)\n\n* EDAC issues for AMD K8 and Intel i5000\n\n* ALSA, including support for new hardware\n\n* futex support\n\n* hugepage support\n\n* Intelligent Platform Management Interface (IPMI) support\n\n* issues affecting NEC/Stratus servers\n\n* OFED support\n\n* SELinux\n\n* various Virtio issues\n\nAll users are advised to upgrade to these updated packages, which\nresolve these issues and add these enhancements.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5079\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0225\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:0225\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0225\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-128.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-128.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:32:34", "description": "Updated kernel packages that resolve several security issues are now available for Red Hat Enterprise Linux 5.2 Extended Update Support.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update includes backported fixes for four security issues. These issues only affected users of Red Hat Enterprise Linux 5.2 Extended Update Support as they have already been addressed for users of Red Hat Enterprise Linux 5 in the 5.3 update, RHSA-2009:0225.\n\nIn accordance with the support policy, future security updates to Red Hat Enterprise Linux 5.2 Extended Update Support will only include issues of critical security impact.\n\n* when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a denial of service issue.\n(CVE-2008-5029, Important)\n\n* the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important)\n\n* a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem.\nA local, unprivileged user could use the flaw to listen on the same socket more than once, possibly causing a denial of service.\n(CVE-2008-5079, Important)\n\n* a race condition was found in the Linux kernel 'inotify' watch removal and umount implementation. This could allow a local, unprivileged user to cause a privilege escalation or a denial of service. (CVE-2008-5182, Important)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. Note: for this update to take effect, the system must be rebooted.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2009:0021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5.2"], "id": "REDHAT-RHSA-2009-0021.NASL", "href": "https://www.tenable.com/plugins/nessus/63871", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0021. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63871);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\");\n script_xref(name:\"RHSA\", value:\"2009:0021\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2009:0021)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues are now\navailable for Red Hat Enterprise Linux 5.2 Extended Update Support.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update includes backported fixes for four security issues. These\nissues only affected users of Red Hat Enterprise Linux 5.2 Extended\nUpdate Support as they have already been addressed for users of Red\nHat Enterprise Linux 5 in the 5.3 update, RHSA-2009:0225.\n\nIn accordance with the support policy, future security updates to Red\nHat Enterprise Linux 5.2 Extended Update Support will only include\nissues of critical security impact.\n\n* when fput() was called to close a socket, the __scm_destroy()\nfunction in the Linux kernel could make indirect recursive calls to\nitself. This could, potentially, lead to a denial of service issue.\n(CVE-2008-5029, Important)\n\n* the sendmsg() function in the Linux kernel did not block during UNIX\nsocket garbage collection. This could, potentially, lead to a local\ndenial of service. (CVE-2008-5300, Important)\n\n* a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem.\nA local, unprivileged user could use the flaw to listen on the same\nsocket more than once, possibly causing a denial of service.\n(CVE-2008-5079, Important)\n\n* a race condition was found in the Linux kernel 'inotify' watch\nremoval and umount implementation. This could allow a local,\nunprivileged user to cause a privilege escalation or a denial of\nservice. (CVE-2008-5182, Important)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Note: for this update to\ntake effect, the system must be rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5079.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5182.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2008-5300.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2009-0021.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", reference:\"kernel-doc-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-92.1.24.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-92.1.24.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:07", "description": "Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the inotify subsystem contained watch removal race conditions. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. A local attacker could exploit this to force the system to run out of free memory, leading to a denial of service. (CVE-2008-5300)\n\nHelge Deller discovered that PA-RISC stack unwinding was not handled correctly. A local attacker could exploit this to crash the system, leading do a denial of service. This did not affect official Ubuntu kernels, but was fixed in the source for anyone performing HPPA kernel builds. (CVE-2008-5395)\n\nIt was discovered that the ATA subsystem did not correctly set timeouts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly check buffer sizes. A local attacker could send a specially crafted ioctl to the device to cause a system crash, leading to a denial of service. (CVE-2008-5702).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 8.10 : linux vulnerabilities (USN-715-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300", "CVE-2008-5395", "CVE-2008-5700", "CVE-2008-5702"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27", "cpe:/o:canonical:ubuntu_linux:8.10"], "id": "UBUNTU_USN-715-1.NASL", "href": "https://www.tenable.com/plugins/nessus/36279", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-715-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36279);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5395\", \"CVE-2008-5700\", \"CVE-2008-5702\");\n script_bugtraq_id(32676, 33503);\n script_xref(name:\"USN\", value:\"715-1\");\n\n script_name(english:\"Ubuntu 8.10 : linux vulnerabilities (USN-715-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Hugo Dias discovered that the ATM subsystem did not correctly manage\nsocket counts. A local attacker could exploit this to cause a system\nhang, leading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the inotify subsystem contained watch removal\nrace conditions. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not\ncorrectly release allocated memory. A local attacker could exploit\nthis to force the system to run out of free memory, leading to a\ndenial of service. (CVE-2008-5300)\n\nHelge Deller discovered that PA-RISC stack unwinding was not handled\ncorrectly. A local attacker could exploit this to crash the system,\nleading do a denial of service. This did not affect official Ubuntu\nkernels, but was fixed in the source for anyone performing HPPA kernel\nbuilds. (CVE-2008-5395)\n\nIt was discovered that the ATA subsystem did not correctly set\ntimeouts. A local attacker could exploit this to cause a system hang,\nleading to a denial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly\ncheck buffer sizes. A local attacker could send a specially crafted\nioctl to the device to cause a system crash, leading to a denial of\nservice. (CVE-2008-5702).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/715-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5395\", \"CVE-2008-5700\", \"CVE-2008-5702\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-715-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-doc-2.6.27\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11-generic\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11-server\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-generic\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-server\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-virtual\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.27-11.27\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-source-2.6.27\", pkgver:\"2.6.27-11.27\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.27 / linux-headers-2.6 / linux-headers-2.6-generic / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:14:15", "description": "Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the libertas wireless driver did not correctly handle beacon and probe responses. A physically near-by attacker could generate specially crafted wireless network traffic and cause a denial of service. Ubuntu 6.06 was not affected. (CVE-2008-5134)\n\nIt was discovered that the inotify subsystem contained watch removal race conditions. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. A local attacker could exploit this to force the system to run out of free memory, leading to a denial of service. Ubuntu 6.06 was not affected. (CVE-2008-5300)\n\nIt was discovered that the ATA subsystem did not correctly set timeouts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly check buffer sizes. A local attacker could send a specially crafted ioctl to the device to cause a system crash, leading to a denial of service. (CVE-2008-5702)\n\nIt was discovered that in certain situations the network scheduler did not correctly handle very large levels of traffic. A local attacker could produce a high volume of UDP traffic resulting in a system hang, leading to a denial of service. Ubuntu 8.04 was not affected.\n(CVE-2008-5713).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : linux-source-2.6.15/22, linux vulnerabilities (USN-714-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5079", "CVE-2008-5134", "CVE-2008-5182", "CVE-2008-5300", "CVE-2008-5700", "CVE-2008-5702", "CVE-2008-5713"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-714-1.NASL", "href": "https://www.tenable.com/plugins/nessus/36454", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-714-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36454);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5134\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5700\", \"CVE-2008-5702\", \"CVE-2008-5713\");\n script_bugtraq_id(32676);\n script_xref(name:\"USN\", value:\"714-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 7.10 / 8.04 LTS : linux-source-2.6.15/22, linux vulnerabilities (USN-714-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Hugo Dias discovered that the ATM subsystem did not correctly manage\nsocket counts. A local attacker could exploit this to cause a system\nhang, leading to a denial of service. (CVE-2008-5079)\n\nIt was discovered that the libertas wireless driver did not correctly\nhandle beacon and probe responses. A physically near-by attacker could\ngenerate specially crafted wireless network traffic and cause a denial\nof service. Ubuntu 6.06 was not affected. (CVE-2008-5134)\n\nIt was discovered that the inotify subsystem contained watch removal\nrace conditions. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2008-5182)\n\nDann Frazier discovered that in certain situations sendmsg did not\ncorrectly release allocated memory. A local attacker could exploit\nthis to force the system to run out of free memory, leading to a\ndenial of service. Ubuntu 6.06 was not affected. (CVE-2008-5300)\n\nIt was discovered that the ATA subsystem did not correctly set\ntimeouts. A local attacker could exploit this to cause a system hang,\nleading to a denial of service. (CVE-2008-5700)\n\nIt was discovered that the ib700 watchdog timer did not correctly\ncheck buffer sizes. A local attacker could send a specially crafted\nioctl to the device to cause a system crash, leading to a denial of\nservice. (CVE-2008-5702)\n\nIt was discovered that in certain situations the network scheduler did\nnot correctly handle very large levels of traffic. A local attacker\ncould produce a high volume of UDP traffic resulting in a system hang,\nleading to a denial of service. Ubuntu 8.04 was not affected.\n(CVE-2008-5713).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/714-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|7\\.10|8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 7.10 / 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-5079\", \"CVE-2008-5134\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-5700\", \"CVE-2008-5702\", \"CVE-2008-5713\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-714-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-386\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-686\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-53-server\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-386\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-686\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-generic\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-k8\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-server\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-amd64-xeon\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-53-server\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-53.75\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-doc-2.6.22\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-386\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-generic\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-rt\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-server\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-ume\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-virtual\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-xen\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-386\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-cell\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-generic\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpia\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpiacompat\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-rt\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-server\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-ume\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-virtual\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-xen\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-386\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-generic\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-server\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-virtual\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-source-2.6.22\", pkgver:\"2.6.22-16.61\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-386\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-generic\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-openvz\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-rt\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-server\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-virtual\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-xen\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-386\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-generic\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-lpia\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-lpiacompat\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-openvz\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-rt\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-server\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-virtual\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-xen\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-386\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-generic\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-server\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-virtual\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-23.48\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-23.48\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.15 / linux-doc-2.6.22 / linux-doc-2.6.24 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:15:38", "description": "Update kernel from version 2.6.27.7 to 2.6.27.9:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.8 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9 Also includes three critical fixes scheduled for 2.6.27.10 Update applesmc driver to latest upstream version. (Adds module autoloading.) Update ALSA audio drivers to version 1.0.18a. (See www.alsa-project.org for details.) Security fixes: CVE-2008-5079 in 2.6.27.9 CVE-2008-5182 in 2.6.27.8 CVE-2008-5300 in 2.6.27.8\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Fedora 10 : kernel-2.6.27.9-159.fc10 (2008-11593)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2008-11593.NASL", "href": "https://www.tenable.com/plugins/nessus/37568", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-11593.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37568);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\");\n script_xref(name:\"FEDORA\", value:\"2008-11593\");\n\n script_name(english:\"Fedora 10 : kernel-2.6.27.9-159.fc10 (2008-11593)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update kernel from version 2.6.27.7 to 2.6.27.9:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.8\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9 Also\nincludes three critical fixes scheduled for 2.6.27.10 Update applesmc\ndriver to latest upstream version. (Adds module autoloading.) Update\nALSA audio drivers to version 1.0.18a. (See www.alsa-project.org for\ndetails.) Security fixes: CVE-2008-5079 in 2.6.27.9 CVE-2008-5182 in\n2.6.27.8 CVE-2008-5300 in 2.6.27.8\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.8\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8f8e56b1\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7612a49a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=472325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=473259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=473696\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-December/018236.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?83188a85\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"kernel-2.6.27.9-159.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:17", "description": "CVE-2008-5029 kernel: Unix sockets kernel panic\n\nCVE-2008-5300 kernel: fix soft lockups/OOM issues with unix socket garbage collector\n\nCVE-2009-1337 kernel: exit_notify: kill the wrong capable(CAP_KILL) check\n\nCVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service\n\nCVE-2009-1895 kernel: personality: fix PER_CLEAR_ON_SETID\n\nCVE-2009-2848 kernel: execve: must clear current->clear_child_tid\n\nCVE-2009-3001, CVE-2009-3002 kernel: numerous getname() infoleaks 520300 - kernel: ipv4: make ip_append_data() handle NULL routing table [rhel-3]\n\nCVE-2009-3547 kernel: fs: pipe.c NULL pointer dereference\n\nSecurity fixes :\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could,potentially, lead to a denial of service issue.\n (CVE-2008-5029, Important)\n\n - the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service.\n (CVE-2008-5300, Important)\n\n - the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n - a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across multiple hardware receive descriptors. Receipt of such a frame could leak through a validation check, leading to a corruption of the length check. A remote attacker could use this flaw to send a specially crafted packet that would cause a denial of service or code execution. (CVE-2009-1385, Important)\n\n - the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a setuid or setgid program was executed. A local, unprivileged user could use this flaw to bypass the mmap_min_addr protection mechanism and perform a NULL pointer dereference attack, or bypass the Address Space Layout Randomization (ASLR) security feature.\n (CVE-2009-1895, Important)\n\n - it was discovered that, when executing a new process, the clear_child_tid pointer in the Linux kernel is not cleared. If this pointer points to a writable portion of the memory of the new program, the kernel could corrupt four bytes of memory, possibly leading to a local denial of service or privilege escalation. (CVE-2009-2848, Important)\n\n - missing initialization flaws were found in getname() implementations in the IrDA sockets, AppleTalk DDP protocol, NET/ROM protocol, and ROSE protocol implementations in the Linux kernel. Certain data structures in these getname() implementations were not initialized properly before being copied to user-space.\n These flaws could lead to an information leak.\n (CVE-2009-3002, Important)\n\n - a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel:\n pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)\n\nBug fixes :\n\n - this update adds the mmap_min_addr tunable and restriction checks to help prevent unprivileged users from creating new memory mappings below the minimum address. This can help prevent the exploitation of NULL pointer dereference bugs. Note that mmap_min_addr is set to zero (disabled) by default for backwards compatibility. (BZ#512642)\n\n - a bridge reference count problem in IPv6 has been fixed.\n (BZ#457010)\n\n - enforce null-termination of user-supplied arguments to setsockopt(). (BZ#505514)\n\n - the gcc flag '-fno-delete-null-pointer-checks' was added to the kernel build options. This prevents gcc from optimizing out NULL pointer checks after the first use of a pointer. NULL pointer bugs are often exploited by attackers. Keeping these checks is a safety measure.\n (BZ#511185)\n\n - a check has been added to the IPv4 code to make sure that rt is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable. (BZ#520300)\n\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL3.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5029", "CVE-2008-5300", "CVE-2009-1337", "CVE-2009-1385", "CVE-2009-1895", "CVE-2009-2848", "CVE-2009-3001", "CVE-2009-3002", "CVE-2009-3547"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20091103_KERNEL_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60688", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60688);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2848\", \"CVE-2009-3001\", \"CVE-2009-3002\", \"CVE-2009-3547\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL3.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2008-5029 kernel: Unix sockets kernel panic\n\nCVE-2008-5300 kernel: fix soft lockups/OOM issues with unix socket\ngarbage collector\n\nCVE-2009-1337 kernel: exit_notify: kill the wrong capable(CAP_KILL)\ncheck\n\nCVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service\n\nCVE-2009-1895 kernel: personality: fix PER_CLEAR_ON_SETID\n\nCVE-2009-2848 kernel: execve: must clear current->clear_child_tid\n\nCVE-2009-3001, CVE-2009-3002 kernel: numerous getname() infoleaks\n520300 - kernel: ipv4: make ip_append_data() handle NULL routing table\n[rhel-3]\n\nCVE-2009-3547 kernel: fs: pipe.c NULL pointer dereference\n\nSecurity fixes :\n\n - when fput() was called to close a socket, the\n __scm_destroy() function in the Linux kernel could make\n indirect recursive calls to itself. This\n could,potentially, lead to a denial of service issue.\n (CVE-2008-5029, Important)\n\n - the sendmsg() function in the Linux kernel did not block\n during UNIX socket garbage collection. This could,\n potentially, lead to a local denial of service.\n (CVE-2008-5300, Important)\n\n - the exit_notify() function in the Linux kernel did not\n properly reset the exit signal if a process executed a\n set user ID (setuid) application before exiting. This\n could allow a local, unprivileged user to elevate their\n privileges. (CVE-2009-1337, Important)\n\n - a flaw was found in the Intel PRO/1000 network driver in\n the Linux kernel. Frames with sizes near the MTU of an\n interface may be split across multiple hardware receive\n descriptors. Receipt of such a frame could leak through\n a validation check, leading to a corruption of the\n length check. A remote attacker could use this flaw to\n send a specially crafted packet that would cause a\n denial of service or code execution. (CVE-2009-1385,\n Important)\n\n - the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not\n cleared when a setuid or setgid program was executed. A\n local, unprivileged user could use this flaw to bypass\n the mmap_min_addr protection mechanism and perform a\n NULL pointer dereference attack, or bypass the Address\n Space Layout Randomization (ASLR) security feature.\n (CVE-2009-1895, Important)\n\n - it was discovered that, when executing a new process,\n the clear_child_tid pointer in the Linux kernel is not\n cleared. If this pointer points to a writable portion of\n the memory of the new program, the kernel could corrupt\n four bytes of memory, possibly leading to a local denial\n of service or privilege escalation. (CVE-2009-2848,\n Important)\n\n - missing initialization flaws were found in getname()\n implementations in the IrDA sockets, AppleTalk DDP\n protocol, NET/ROM protocol, and ROSE protocol\n implementations in the Linux kernel. Certain data\n structures in these getname() implementations were not\n initialized properly before being copied to user-space.\n These flaws could lead to an information leak.\n (CVE-2009-3002, Important)\n\n - a NULL pointer dereference flaw was found in each of the\n following functions in the Linux kernel:\n pipe_read_open(), pipe_write_open(), and\n pipe_rdwr_open(). When the mutex lock is not held, the\n i_pipe pointer could be released by other processes\n before it is used to update the pipe's reader and writer\n counters. This could lead to a local denial of service\n or privilege escalation. (CVE-2009-3547, Important)\n\nBug fixes :\n\n - this update adds the mmap_min_addr tunable and\n restriction checks to help prevent unprivileged users\n from creating new memory mappings below the minimum\n address. This can help prevent the exploitation of NULL\n pointer dereference bugs. Note that mmap_min_addr is set\n to zero (disabled) by default for backwards\n compatibility. (BZ#512642)\n\n - a bridge reference count problem in IPv6 has been fixed.\n (BZ#457010)\n\n - enforce null-termination of user-supplied arguments to\n setsockopt(). (BZ#505514)\n\n - the gcc flag '-fno-delete-null-pointer-checks' was added\n to the kernel build options. This prevents gcc from\n optimizing out NULL pointer checks after the first use\n of a pointer. NULL pointer bugs are often exploited by\n attackers. Keeping these checks is a safety measure.\n (BZ#511185)\n\n - a check has been added to the IPv4 code to make sure\n that rt is not NULL, to help prevent future bugs in\n functions that call ip_append_data() from being\n exploitable. (BZ#520300)\n\nThe system must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=457010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=505514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=511185\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=512642\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=520300\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0911&L=scientific-linux-errata&T=0&P=599\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1f8d1106\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 189, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"kernel-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-doc-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-smp-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-smp-unsupported-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-source-2.4.21-63.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-unsupported-2.4.21-63.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:47:03", "description": "Update kernel from version 2.6.27.7 to 2.6.27.9:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.8 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9 Also includes three critical fixes scheduled for 2.6.27.10 Update applesmc driver to latest upstream version. (Adds module autoloading.) Update ALSA audio drivers to version 1.0.18a. (See www.alsa-project.org for details.) Security fixes: CVE-2008-5079 in 2.6.27.9 CVE-2008-5182 in 2.6.27.8 CVE-2008-5300 in 2.6.27.8\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2008-12-26T00:00:00", "type": "nessus", "title": "Fedora 9 : kernel-2.6.27.9-73.fc9 (2008-11618)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2008-11618.NASL", "href": "https://www.tenable.com/plugins/nessus/35264", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-11618.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35264);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\");\n script_bugtraq_id(32676);\n script_xref(name:\"FEDORA\", value:\"2008-11618\");\n\n script_name(english:\"Fedora 9 : kernel-2.6.27.9-73.fc9 (2008-11618)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update kernel from version 2.6.27.7 to 2.6.27.9:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.8\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9 Also\nincludes three critical fixes scheduled for 2.6.27.10 Update applesmc\ndriver to latest upstream version. (Adds module autoloading.) Update\nALSA audio drivers to version 1.0.18a. (See www.alsa-project.org for\ndetails.) Security fixes: CVE-2008-5079 in 2.6.27.9 CVE-2008-5182 in\n2.6.27.8 CVE-2008-5300 in 2.6.27.8\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.8\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8f8e56b1\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.9\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7612a49a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=472325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=473259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=473696\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-December/018268.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4addf118\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"kernel-2.6.27.9-73.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:48:38", "description": "a. Service Console update for COS kernel\n\n The service console package kernel is updated to version 2.4.21-63.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-5029, CVE-2008-5300, CVE-2009-1337, CVE-2009-1385, CVE-2009-1895, CVE-2009-2848, CVE-2009-3002, and CVE-2009-3547 to the security issues fixed in kernel-2.4.21-63.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-2698, CVE-2009-2692 to the security issues fixed in kernel-2.4.21-60.", "cvss3": {}, "published": "2010-06-28T00:00:00", "type": "nessus", "title": "VMSA-2010-0010 : ESX 3.5 third-party update for Service Console kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5029", "CVE-2008-5300", "CVE-2009-1337", "CVE-2009-1385", "CVE-2009-1895", "CVE-2009-2692", "CVE-2009-2698", "CVE-2009-2848", "CVE-2009-3002", "CVE-2009-3547"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:vmware:esx:3.5"], "id": "VMWARE_VMSA-2010-0010.NASL", "href": "https://www.tenable.com/plugins/nessus/47150", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from VMware Security Advisory 2010-0010. \n# The text itself is copyright (C) VMware Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47150);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2692\", \"CVE-2009-2698\", \"CVE-2009-2848\", \"CVE-2009-3002\", \"CVE-2009-3547\");\n script_bugtraq_id(32154, 34405, 35185, 35647, 35930, 36038, 36108, 36176, 36901);\n script_xref(name:\"VMSA\", value:\"2010-0010\");\n\n script_name(english:\"VMSA-2010-0010 : ESX 3.5 third-party update for Service Console kernel\");\n script_summary(english:\"Checks esxupdate output for the patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote VMware ESX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"a. Service Console update for COS kernel\n\n The service console package kernel is updated to version 2.4.21-63.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2008-5029, CVE-2008-5300, CVE-2009-1337,\n CVE-2009-1385, CVE-2009-1895, CVE-2009-2848, CVE-2009-3002, and\n CVE-2009-3547 to the security issues fixed in kernel-2.4.21-63.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-2698, CVE-2009-2692 to the security\n issues fixed in kernel-2.4.21-60.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.vmware.com/pipermail/security-announce/2010/000098.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply the missing patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Kernel Sendpage Local Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(16, 119, 189, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"VMware ESX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/VMware/release\", \"Host/VMware/version\");\n script_require_ports(\"Host/VMware/esxupdate\", \"Host/VMware/esxcli_software_vibs\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"vmware_esx_packages.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/VMware/release\")) audit(AUDIT_OS_NOT, \"VMware ESX / ESXi\");\nif (\n !get_kb_item(\"Host/VMware/esxcli_software_vibs\") &&\n !get_kb_item(\"Host/VMware/esxupdate\")\n) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ninit_esx_check(date:\"2010-06-24\");\nflag = 0;\n\n\nif (esx_check(ver:\"ESX 3.5.0\", patch:\"ESX350-201006401-SG\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:17:25", "description": "The openSUSE 11.0 kernel was updated to 2.6.25.16.\n\nIt fixes various stability bugs and also security bugs.\n\nCVE-2008-1673: Fixed the range checking in the ASN.1 decoder in NAT for SNMP and CIFS, which could have been used by a remote attacker to crash the machine.\n\nCVE-2008-3276: An integer overflow flaw was found in the Linux kernel dccp_setsockopt_change() function. An attacker may leverage this vulnerability to trigger a kernel panic on a victim's machine remotely.\n\nCVE-2008-3272: The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.\n\nCVE-2008-3275: The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ('overflow' of the UBIFS orphan area) via a series of attempted file creations within deleted directories.\n\nAlso lots of bugs were fixed.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-171)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1673", "CVE-2008-3272", "CVE-2008-3275", "CVE-2008-3276"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-rt", "p-cpe:/a:novell:opensuse:kernel-rt_debug", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_KERNEL-080822.NASL", "href": "https://www.tenable.com/plugins/nessus/40009", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-171.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40009);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1673\", \"CVE-2008-3272\", \"CVE-2008-3275\", \"CVE-2008-3276\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-171)\");\n script_summary(english:\"Check for the kernel-171 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE 11.0 kernel was updated to 2.6.25.16.\n\nIt fixes various stability bugs and also security bugs.\n\nCVE-2008-1673: Fixed the range checking in the ASN.1 decoder in NAT\nfor SNMP and CIFS, which could have been used by a remote attacker to\ncrash the machine.\n\nCVE-2008-3276: An integer overflow flaw was found in the Linux kernel\ndccp_setsockopt_change() function. An attacker may leverage this\nvulnerability to trigger a kernel panic on a victim's machine\nremotely.\n\nCVE-2008-3272: The snd_seq_oss_synth_make_info function in\nsound/core/seq/oss/seq_oss_synth.c in the sound subsystem does not\nverify that the device number is within the range defined by\nmax_synthdev before returning certain data to the caller, which allows\nlocal users to obtain sensitive information.\n\nCVE-2008-3275: The (1) real_lookup and (2) __lookup_hash functions in\nfs/namei.c in the vfs implementation do not prevent creation of a\nchild dentry for a deleted (aka S_DEAD) directory, which allows local\nusers to cause a denial of service ('overflow' of the UBIFS orphan\narea) via a series of attempted file creations within deleted\ndirectories.\n\nAlso lots of bugs were fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=216857\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=374099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=394667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=400815\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=400874\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=404892\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=406637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=407689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=408734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=412823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=415607\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=415690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=417505\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-debug-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-default-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-pae-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt_debug-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-source-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-syms-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-vanilla-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-xen-2.6.25.16-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-default / kernel-pae / kernel-rt / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:32", "description": "This kernel security update fixes lots of bugs and some", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5605)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-1673", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5605.NASL", "href": "https://www.tenable.com/plugins/nessus/59130", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59130);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-1673\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5605)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"This kernel security update fixes lots of bugs and some\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0598.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1673.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3272.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3275.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5605.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.30\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:53", "description": "This kernel security update fixes lots of bugs and some", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 5565)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-1673", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5565.NASL", "href": "https://www.tenable.com/plugins/nessus/41534", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41534);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-1673\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n\n script_name(english:\"SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 5565)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"This kernel security update fixes lots of bugs and some\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0598.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1673.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3272.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3275.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5565.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.29\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T15:23:08", "description": "From Red Hat Security Advisory 2008:0885 :\n\nUpdated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a missing capability check was found in the Linux kernel do_change_type routine. This could allow a local unprivileged user to gain privileged access or cause a denial of service. (CVE-2008-2931, Important)\n\n* a flaw was found in the Linux kernel Direct-IO implementation. This could allow a local unprivileged user to cause a denial of service.\n(CVE-2007-6716, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel Open Sound System (OSS) implementation. This deficiency could lead to a possible information leak. (CVE-2008-3272, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a flaw was found in the Linux kernel tmpfs implementation. This could allow a local unprivileged user to read sensitive information from the kernel. (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n* when copying a small IPoIB packet from the original skb it was received in to a new, smaller skb, all fields in the new skb were not initialized. This may have caused a kernel oops.\n\n* previously, data may have been written beyond the end of an array, causing memory corruption on certain systems, resulting in hypervisor crashes during context switching.\n\n* a kernel crash may have occurred on heavily-used Samba servers after 24 to 48 hours of use.\n\n* under heavy memory pressure, pages may have been swapped out from under the SGI Altix XPMEM driver, causing silent data corruption in the kernel.\n\n* the ixgbe driver is untested, but support was advertised for the Intel 82598 network card. If this card was present when the ixgbe driver was loaded, a NULL pointer dereference and a panic occurred.\n\n* on certain systems, if multiple InfiniBand queue pairs simultaneously fell into an error state, an overrun may have occurred, stopping traffic.\n\n* with bridging, when forward delay was set to zero, setting an interface to the forwarding state was delayed by one or possibly two timers, depending on whether STP was enabled. This may have caused long delays in moving an interface to the forwarding state. This issue caused packet loss when migrating virtual machines, preventing them from being migrated without interrupting applications.\n\n* on certain multinode systems, IPMI device nodes were created in reverse order of where they physically resided.\n\n* process hangs may have occurred while accessing application data files via asynchronous direct I/O system calls.\n\n* on systems with heavy lock traffic, a possible deadlock may have caused anything requiring locks over NFS to stop, or be very slow.\nErrors such as 'lockd: server [IP] not responding, timed out' were logged on client systems.\n\n* unexpected removals of USB devices may have caused a NULL pointer dereference in kobject_get_path.\n\n* on Itanium-based systems, repeatedly creating and destroying Windows guests may have caused Dom0 to crash, due to the 'XENMEM_add_to_physmap' hypercall, used by para-virtualized drivers on HVM, being SMP-unsafe.\n\n* when using an MD software RAID, crashes may have occurred when devices were removed or changed while being iterated through. Correct locking is now used.\n\n* break requests had no effect when using 'Serial Over Lan' with the Intel 82571 network card. This issue may have caused log in problems.\n\n* on Itanium-based systems, module_free() referred the first parameter before checking it was valid. This may have caused a kernel panic when exiting SystemTap.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2008-0885)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6417", "CVE-2007-6716", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-pae", "p-cpe:/a:oracle:linux:kernel-pae-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2008-0885.NASL", "href": "https://www.tenable.com/plugins/nessus/67747", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0885 and \n# Oracle Linux Security Advisory ELSA-2008-0885 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67747);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n script_bugtraq_id(27694, 30647, 31515);\n script_xref(name:\"RHSA\", value:\"2008:0885\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2008-0885)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0885 :\n\nUpdated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a missing capability check was found in the Linux kernel\ndo_change_type routine. This could allow a local unprivileged user to\ngain privileged access or cause a denial of service. (CVE-2008-2931,\nImportant)\n\n* a flaw was found in the Linux kernel Direct-IO implementation. This\ncould allow a local unprivileged user to cause a denial of service.\n(CVE-2007-6716, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel Open Sound\nSystem (OSS) implementation. This deficiency could lead to a possible\ninformation leak. (CVE-2008-3272, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\n* a flaw was found in the Linux kernel tmpfs implementation. This\ncould allow a local unprivileged user to read sensitive information\nfrom the kernel. (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n* when copying a small IPoIB packet from the original skb it was\nreceived in to a new, smaller skb, all fields in the new skb were not\ninitialized. This may have caused a kernel oops.\n\n* previously, data may have been written beyond the end of an array,\ncausing memory corruption on certain systems, resulting in hypervisor\ncrashes during context switching.\n\n* a kernel crash may have occurred on heavily-used Samba servers after\n24 to 48 hours of use.\n\n* under heavy memory pressure, pages may have been swapped out from\nunder the SGI Altix XPMEM driver, causing silent data corruption in\nthe kernel.\n\n* the ixgbe driver is untested, but support was advertised for the\nIntel 82598 network card. If this card was present when the ixgbe\ndriver was loaded, a NULL pointer dereference and a panic occurred.\n\n* on certain systems, if multiple InfiniBand queue pairs\nsimultaneously fell into an error state, an overrun may have occurred,\nstopping traffic.\n\n* with bridging, when forward delay was set to zero, setting an\ninterface to the forwarding state was delayed by one or possibly two\ntimers, depending on whether STP was enabled. This may have caused\nlong delays in moving an interface to the forwarding state. This issue\ncaused packet loss when migrating virtual machines, preventing them\nfrom being migrated without interrupting applications.\n\n* on certain multinode systems, IPMI device nodes were created in\nreverse order of where they physically resided.\n\n* process hangs may have occurred while accessing application data\nfiles via asynchronous direct I/O system calls.\n\n* on systems with heavy lock traffic, a possible deadlock may have\ncaused anything requiring locks over NFS to stop, or be very slow.\nErrors such as 'lockd: server [IP] not responding, timed out' were\nlogged on client systems.\n\n* unexpected removals of USB devices may have caused a NULL pointer\ndereference in kobject_get_path.\n\n* on Itanium-based systems, repeatedly creating and destroying Windows\nguests may have caused Dom0 to crash, due to the\n'XENMEM_add_to_physmap' hypercall, used by para-virtualized drivers on\nHVM, being SMP-unsafe.\n\n* when using an MD software RAID, crashes may have occurred when\ndevices were removed or changed while being iterated through. Correct\nlocking is now used.\n\n* break requests had no effect when using 'Serial Over Lan' with the\nIntel 82571 network card. This issue may have caused log in problems.\n\n* on Itanium-based systems, module_free() referred the first parameter\nbefore checking it was valid. This may have caused a kernel panic when\nexiting SystemTap.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-September/000742.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2008-0885\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-92.1.13.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T14:35:10", "description": "Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a missing capability check was found in the Linux kernel do_change_type routine. This could allow a local unprivileged user to gain privileged access or cause a denial of service. (CVE-2008-2931, Important)\n\n* a flaw was found in the Linux kernel Direct-IO implementation. This could allow a local unprivileged user to cause a denial of service.\n(CVE-2007-6716, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel Open Sound System (OSS) implementation. This deficiency could lead to a possible information leak. (CVE-2008-3272, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a flaw was found in the Linux kernel tmpfs implementation. This could allow a local unprivileged user to read sensitive information from the kernel. (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n* when copying a small IPoIB packet from the original skb it was received in to a new, smaller skb, all fields in the new skb were not initialized. This may have caused a kernel oops.\n\n* previously, data may have been written beyond the end of an array, causing memory corruption on certain systems, resulting in hypervisor crashes during context switching.\n\n* a kernel crash may have occurred on heavily-used Samba servers after 24 to 48 hours of use.\n\n* under heavy memory pressure, pages may have been swapped out from under the SGI Altix XPMEM driver, causing silent data corruption in the kernel.\n\n* the ixgbe driver is untested, but support was advertised for the Intel 82598 network card. If this card was present when the ixgbe driver was loaded, a NULL pointer dereference and a panic occurred.\n\n* on certain systems, if multiple InfiniBand queue pairs simultaneously fell into an error state, an overrun may have occurred, stopping traffic.\n\n* with bridging, when forward delay was set to zero, setting an interface to the forwarding state was delayed by one or possibly two timers, depending on whether STP was enabled. This may have caused long delays in moving an interface to the forwarding state. This issue caused packet loss when migrating virtual machines, preventing them from being migrated without interrupting applications.\n\n* on certain multinode systems, IPMI device nodes were created in reverse order of where they physically resided.\n\n* process hangs may have occurred while accessing application data files via asynchronous direct I/O system calls.\n\n* on systems with heavy lock traffic, a possible deadlock may have caused anything requiring locks over NFS to stop, or be very slow.\nErrors such as 'lockd: server [IP] not responding, timed out' were logged on client systems.\n\n* unexpected removals of USB devices may have caused a NULL pointer dereference in kobject_get_path.\n\n* on Itanium-based systems, repeatedly creating and destroying Windows guests may have caused Dom0 to crash, due to the 'XENMEM_add_to_physmap' hypercall, used by para-virtualized drivers on HVM, being SMP-unsafe.\n\n* when using an MD software RAID, crashes may have occurred when devices were removed or changed while being iterated through. Correct locking is now used.\n\n* break requests had no effect when using 'Serial Over Lan' with the Intel 82571 network card. This issue may have caused log in problems.\n\n* on Itanium-based systems, module_free() referred the first parameter before checking it was valid. This may have caused a kernel panic when exiting SystemTap.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2008:0885)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6417", "CVE-2007-6716", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-pae", "p-cpe:/a:centos:centos:kernel-pae-devel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-xen-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2008-0885.NASL", "href": "https://www.tenable.com/plugins/nessus/43710", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0885 and \n# CentOS Errata and Security Advisory 2008:0885 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43710);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n script_bugtraq_id(27694, 30647, 31515);\n script_xref(name:\"RHSA\", value:\"2008:0885\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2008:0885)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a missing capability check was found in the Linux kernel\ndo_change_type routine. This could allow a local unprivileged user to\ngain privileged access or cause a denial of service. (CVE-2008-2931,\nImportant)\n\n* a flaw was found in the Linux kernel Direct-IO implementation. This\ncould allow a local unprivileged user to cause a denial of service.\n(CVE-2007-6716, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel Open Sound\nSystem (OSS) implementation. This deficiency could lead to a possible\ninformation leak. (CVE-2008-3272, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\n* a flaw was found in the Linux kernel tmpfs implementation. This\ncould allow a local unprivileged user to read sensitive information\nfrom the kernel. (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n* when copying a small IPoIB packet from the original skb it was\nreceived in to a new, smaller skb, all fields in the new skb were not\ninitialized. This may have caused a kernel oops.\n\n* previously, data may have been written beyond the end of an array,\ncausing memory corruption on certain systems, resulting in hypervisor\ncrashes during context switching.\n\n* a kernel crash may have occurred on heavily-used Samba servers after\n24 to 48 hours of use.\n\n* under heavy memory pressure, pages may have been swapped out from\nunder the SGI Altix XPMEM driver, causing silent data corruption in\nthe kernel.\n\n* the ixgbe driver is untested, but support was advertised for the\nIntel 82598 network card. If this card was present when the ixgbe\ndriver was loaded, a NULL pointer dereference and a panic occurred.\n\n* on certain systems, if multiple InfiniBand queue pairs\nsimultaneously fell into an error state, an overrun may have occurred,\nstopping traffic.\n\n* with bridging, when forward delay was set to zero, setting an\ninterface to the forwarding state was delayed by one or possibly two\ntimers, depending on whether STP was enabled. This may have caused\nlong delays in moving an interface to the forwarding state. This issue\ncaused packet loss when migrating virtual machines, preventing them\nfrom being migrated without interrupting applications.\n\n* on certain multinode systems, IPMI device nodes were created in\nreverse order of where they physically resided.\n\n* process hangs may have occurred while accessing application data\nfiles via asynchronous direct I/O system calls.\n\n* on systems with heavy lock traffic, a possible deadlock may have\ncaused anything requiring locks over NFS to stop, or be very slow.\nErrors such as 'lockd: server [IP] not responding, timed out' were\nlogged on client systems.\n\n* unexpected removals of USB devices may have caused a NULL pointer\ndereference in kobject_get_path.\n\n* on Itanium-based systems, repeatedly creating and destroying Windows\nguests may have caused Dom0 to crash, due to the\n'XENMEM_add_to_physmap' hypercall, used by para-virtualized drivers on\nHVM, being SMP-unsafe.\n\n* when using an MD software RAID, crashes may have occurred when\ndevices were removed or changed while being iterated through. Correct\nlocking is now used.\n\n* break requests had no effect when using 'Serial Over Lan' with the\nIntel 82571 network card. This issue may have caused log in problems.\n\n* on Itanium-based systems, module_free() referred the first parameter\nbefore checking it was valid. This may have caused a kernel panic when\nexiting SystemTap.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-September/015273.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d39467ab\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-September/015274.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?979197fc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-92.1.13.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:45:46", "description": "It was discovered that there were multiple NULL pointer function dereferences in the Linux kernel terminal handling code. A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service. (CVE-2008-2812)\n\nThe do_change_type routine did not correctly validation administrative users. A local attacker could exploit this to block mount points or cause private mounts to be shared, leading to denial of service or a possible loss of privacy. (CVE-2008-2931)\n\nTobias Klein discovered that the OSS interface through ALSA did not correctly validate the device number. A local attacker could exploit this to access sensitive kernel memory, leading to a denial of service or a loss of privacy. (CVE-2008-3272)\n\nZoltan Sogor discovered that new directory entries could be added to already deleted directories. A local attacker could exploit this, filling up available memory and disk space, leading to a denial of service. (CVE-2008-3275)\n\nIn certain situations, the fix for CVE-2008-0598 from USN-623-1 was causing infinite loops in the writev syscall. This update corrects the mistake. We apologize for the inconvenience.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2008-08-26T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/20/22 vulnerabilities (USN-637-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-2812", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.20", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.20", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:7.04", "cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-637-1.NASL", "href": "https://www.tenable.com/plugins/nessus/34048", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-637-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34048);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-2812\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n script_bugtraq_id(30076, 30126, 30559, 30647);\n script_xref(name:\"USN\", value:\"637-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/20/22 vulnerabilities (USN-637-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there were multiple NULL pointer function\ndereferences in the Linux kernel terminal handling code. A local\nattacker could exploit this to execute arbitrary code as root, or\ncrash the system, leading to a denial of service. (CVE-2008-2812)\n\nThe do_change_type routine did not correctly validation administrative\nusers. A local attacker could exploit this to block mount points or\ncause private mounts to be shared, leading to denial of service or a\npossible loss of privacy. (CVE-2008-2931)\n\nTobias Klein discovered that the OSS interface through ALSA did not\ncorrectly validate the device number. A local attacker could exploit\nthis to access sensitive kernel memory, leading to a denial of service\nor a loss of privacy. (CVE-2008-3272)\n\nZoltan Sogor discovered that new directory entries could be added to\nalready deleted directories. A local attacker could exploit this,\nfilling up available memory and disk space, leading to a denial of\nservice. (CVE-2008-3275)\n\nIn certain situations, the fix for CVE-2008-0598 from USN-623-1 was\ncausing infinite loops in the writev syscall. This update corrects the\nmistake. We apologize for the inconvenience.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/637-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2021 Canonical, Inc. / NASL script (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|7\\.04|7\\.10|8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 7.04 / 7.10 / 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-0598\", \"CVE-2008-2812\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-637-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-386\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-686\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-amd64-generic\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-amd64-k8\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-amd64-server\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-amd64-xeon\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-server\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-386\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-686\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-amd64-generic\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-amd64-k8\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-amd64-server\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-amd64-xeon\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-server\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-doc-2.6.20\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-headers-2.6.20-17\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-headers-2.6.20-17-386\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-headers-2.6.20-17-generic\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-headers-2.6.20-17-lowlatency\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-headers-2.6.20-17-server\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-2.6.20-17-386\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-2.6.20-17-generic\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-2.6.20-17-lowlatency\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-2.6.20-17-server\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-debug-2.6.20-17-386\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-debug-2.6.20-17-generic\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-debug-2.6.20-17-lowlatency\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-debug-2.6.20-17-server\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-source-2.6.20\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-doc-2.6.22\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-386\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-generic\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-rt\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-server\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-ume\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-virtual\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-xen\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-386\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-cell\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-generic\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-lpia\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-lpiacompat\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-rt\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-server\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-ume\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-virtual\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-xen\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-15-386\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-15-generic\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-15-server\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-15-virtual\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-source-2.6.22\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19-386\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19-generic\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19-openvz\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19-rt\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19-server\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19-virtual\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19-xen\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-386\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-generic\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-lpia\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-lpiacompat\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-openvz\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-rt\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-server\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-virtual\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-xen\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-19-386\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-19-generic\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-19-server\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-19-virtual\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-19.41\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.15 / linux-doc-2.6.20 / linux-doc-2.6.22 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T14:51:48", "description": "Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a missing capability check was found in the Linux kernel do_change_type routine. This could allow a local unprivileged user to gain privileged access or cause a denial of service. (CVE-2008-2931, Important)\n\n* a flaw was found in the Linux kernel Direct-IO implementation. This could allow a local unprivileged user to cause a denial of service.\n(CVE-2007-6716, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel Open Sound System (OSS) implementation. This deficiency could lead to a possible information leak. (CVE-2008-3272, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a flaw was found in the Linux kernel tmpfs implementation. This could allow a local unprivileged user to read sensitive information from the kernel. (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n* when copying a small IPoIB packet from the original skb it was received in to a new, smaller skb, all fields in the new skb were not initialized. This may have caused a kernel oops.\n\n* previously, data may have been written beyond the end of an array, causing memory corruption on certain systems, resulting in hypervisor crashes during context switching.\n\n* a kernel crash may have occurred on heavily-used Samba servers after 24 to 48 hours of use.\n\n* under heavy memory pressure, pages may have been swapped out from under the SGI Altix XPMEM driver, causing silent data corruption in the kernel.\n\n* the ixgbe driver is untested, but support was advertised for the Intel 82598 network card. If this card was present when the ixgbe driver was loaded, a NULL pointer dereference and a panic occurred.\n\n* on certain systems, if multiple InfiniBand queue pairs simultaneously fell into an error state, an overrun may have occurred, stopping traffic.\n\n* with bridging, when forward delay was set to zero, setting an interface to the forwarding state was delayed by one or possibly two timers, depending on whether STP was enabled. This may have caused long delays in moving an interface to the forwarding state. This issue caused packet loss when migrating virtual machines, preventing them from being migrated without interrupting applications.\n\n* on certain multinode systems, IPMI device nodes were created in reverse order of where they physically resided.\n\n* process hangs may have occurred while accessing application data files via asynchronous direct I/O system calls.\n\n* on systems with heavy lock traffic, a possible deadlock may have caused anything requiring locks over NFS to stop, or be very slow.\nErrors such as 'lockd: server [IP] not responding, timed out' were logged on client systems.\n\n* unexpected removals of USB devices may have caused a NULL pointer dereference in kobject_get_path.\n\n* on Itanium-based systems, repeatedly creating and destroying Windows guests may have caused Dom0 to crash, due to the 'XENMEM_add_to_physmap' hypercall, used by para-virtualized drivers on HVM, being SMP-unsafe.\n\n* when using an MD software RAID, crashes may have occurred when devices were removed or changed while being iterated through. Correct locking is now used.\n\n* break requests had no effect when using 'Serial Over Lan' with the Intel 82571 network card. This issue may have caused log in problems.\n\n* on Itanium-based systems, module_free() referred the first parameter before checking it was valid. This may have caused a kernel panic when exiting SystemTap.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2008-09-25T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2008:0885)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6417", "CVE-2007-6716", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.2"], "id": "REDHAT-RHSA-2008-0885.NASL", "href": "https://www.tenable.com/plugins/nessus/34288", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0885. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34288);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n script_bugtraq_id(27694, 30647, 31515);\n script_xref(name:\"RHSA\", value:\"2008:0885\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2008:0885)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a missing capability check was found in the Linux kernel\ndo_change_type routine. This could allow a local unprivileged user to\ngain privileged access or cause a denial of service. (CVE-2008-2931,\nImportant)\n\n* a flaw was found in the Linux kernel Direct-IO implementation. This\ncould allow a local unprivileged user to cause a denial of service.\n(CVE-2007-6716, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel Open Sound\nSystem (OSS) implementation. This deficiency could lead to a possible\ninformation leak. (CVE-2008-3272, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\n* a flaw was found in the Linux kernel tmpfs implementation. This\ncould allow a local unprivileged user to read sensitive information\nfrom the kernel. (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n* when copying a small IPoIB packet from the original skb it was\nreceived in to a new, smaller skb, all fields in the new skb were not\ninitialized. This may have caused a kernel oops.\n\n* previously, data may have been written beyond the end of an array,\ncausing memory corruption on certain systems, resulting in hypervisor\ncrashes during context switching.\n\n* a kernel crash may have occurred on heavily-used Samba servers after\n24 to 48 hours of use.\n\n* under heavy memory pressure, pages may have been swapped out from\nunder the SGI Altix XPMEM driver, causing silent data corruption in\nthe kernel.\n\n* the ixgbe driver is untested, but support was advertised for the\nIntel 82598 network card. If this card was present when the ixgbe\ndriver was loaded, a NULL pointer dereference and a panic occurred.\n\n* on certain systems, if multiple InfiniBand queue pairs\nsimultaneously fell into an error state, an overrun may have occurred,\nstopping traffic.\n\n* with bridging, when forward delay was set to zero, setting an\ninterface to the forwarding state was delayed by one or possibly two\ntimers, depending on whether STP was enabled. This may have caused\nlong delays in moving an interface to the forwarding state. This issue\ncaused packet loss when migrating virtual machines, preventing them\nfrom being migrated without interrupting applications.\n\n* on certain multinode systems, IPMI device nodes were created in\nreverse order of where they physically resided.\n\n* process hangs may have occurred while accessing application data\nfiles via asynchronous direct I/O system calls.\n\n* on systems with heavy lock traffic, a possible deadlock may have\ncaused anything requiring locks over NFS to stop, or be very slow.\nErrors such as 'lockd: server [IP] not responding, timed out' were\nlogged on client systems.\n\n* unexpected removals of USB devices may have caused a NULL pointer\ndereference in kobject_get_path.\n\n* on Itanium-based systems, repeatedly creating and destroying Windows\nguests may have caused Dom0 to crash, due to the\n'XENMEM_add_to_physmap' hypercall, used by para-virtualized drivers on\nHVM, being SMP-unsafe.\n\n* when using an MD software RAID, crashes may have occurred when\ndevices were removed or changed while being iterated through. Correct\nlocking is now used.\n\n* break requests had no effect when using 'Serial Over Lan' with the\nIntel 82571 network card. This issue may have caused log in problems.\n\n* on Itanium-based systems, module_free() referred the first parameter\nbefore checking it was valid. This may have caused a kernel panic when\nexiting SystemTap.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6716\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0885\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/09/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2008:0885\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0885\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-92.1.13.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T16:05:32", "description": "Security fixes :\n\n - a missing capability check was found in the Linux kernel do_change_type routine. This could allow a local unprivileged user to gain privileged access or cause a denial of service. (CVE-2008-2931, Important)\n\n - a flaw was found in the Linux kernel Direct-IO implementation. This could allow a local unprivileged user to cause a denial of service. (CVE-2007-6716, Important)\n\n - Tobias Klein reported a missing check in the Linux kernel Open Sound System (OSS) implementation. This deficiency could lead to a possible information leak.\n (CVE-2008-3272, Moderate)\n\n - a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n - a flaw was found in the Linux kernel tmpfs implementation. This could allow a local unprivileged user to read sensitive information from the kernel.\n (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n - when copying a small IPoIB packet from the original skb it was received in to a new, smaller skb, all fields in the new skb were not initialized. This may have caused a kernel oops.\n\n - previously, data may have been written beyond the end of an array, causing memory corruption on certain systems, resulting in hypervisor crashes during context switching.\n\n - a kernel crash may have occurred on heavily-used Samba servers after 24 to 48 hours of use.\n\n - under heavy memory pressure, pages may have been swapped out from under the SGI Altix XPMEM driver, causing silent data corruption in the kernel.\n\n - the ixgbe driver is untested, but support was advertised for the Intel 82598 network card. If this card was present when the ixgbe driver was loaded, a NULL pointer dereference and a panic occurred.\n\n - on certain systems, if multiple InfiniBand queue pairs simultaneously fell into an error state, an overrun may have occurred, stopping traffic.\n\n - with bridging, when forward delay was set to zero, setting an interface to the forwarding state was delayed by one or possibly two timers, depending on whether STP was enabled. This may have caused long delays in moving an interface to the forwarding state. This issue caused packet loss when migrating virtual machines, preventing them from being migrated without interrupting applications.\n\n - on certain multinode systems, IPMI device nodes were created in reverse order of where they physically resided.\n\n - process hangs may have occurred while accessing application data files via asynchronous direct I/O system calls.\n\n - on systems with heavy lock traffic, a possible deadlock may have caused anything requiring locks over NFS to stop, or be very slow. Errors such as 'lockd: server [IP] not responding, timed out' were logged on client systems.\n\n - unexpected removals of USB devices may have caused a NULL pointer dereference in kobject_get_path.\n\n - on Itanium-based systems, repeatedly creating and destroying Windows guests may have caused Dom0 to crash, due to the 'XENMEM_add_to_physmap' hypercall, used by para-virtualized drivers on HVM, being SMP-unsafe.\n\n - when using an MD software RAID, crashes may have occurred when devices were removed or changed while being iterated through. Correct locking is now used.\n\n - break requests had no effect when using 'Serial Over Lan' with the Intel 82571 network card. This issue may have caused log in problems.\n\n - on Itanium-based systems, module_free() referred the first parameter before checking it was valid. This may have caused a kernel panic when exiting SystemTap.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6417", "CVE-2007-6716", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080924_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60477", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60477);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fixes :\n\n - a missing capability check was found in the Linux kernel\n do_change_type routine. This could allow a local\n unprivileged user to gain privileged access or cause a\n denial of service. (CVE-2008-2931, Important)\n\n - a flaw was found in the Linux kernel Direct-IO\n implementation. This could allow a local unprivileged\n user to cause a denial of service. (CVE-2007-6716,\n Important)\n\n - Tobias Klein reported a missing check in the Linux\n kernel Open Sound System (OSS) implementation. This\n deficiency could lead to a possible information leak.\n (CVE-2008-3272, Moderate)\n\n - a deficiency was found in the Linux kernel virtual\n filesystem (VFS) implementation. This could allow a\n local unprivileged user to attempt file creation within\n deleted directories, possibly causing a denial of\n service. (CVE-2008-3275, Moderate)\n\n - a flaw was found in the Linux kernel tmpfs\n implementation. This could allow a local unprivileged\n user to read sensitive information from the kernel.\n (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n - when copying a small IPoIB packet from the original skb\n it was received in to a new, smaller skb, all fields in\n the new skb were not initialized. This may have caused a\n kernel oops.\n\n - previously, data may have been written beyond the end of\n an array, causing memory corruption on certain systems,\n resulting in hypervisor crashes during context\n switching.\n\n - a kernel crash may have occurred on heavily-used Samba\n servers after 24 to 48 hours of use.\n\n - under heavy memory pressure, pages may have been swapped\n out from under the SGI Altix XPMEM driver, causing\n silent data corruption in the kernel.\n\n - the ixgbe driver is untested, but support was advertised\n for the Intel 82598 network card. If this card was\n present when the ixgbe driver was loaded, a NULL pointer\n dereference and a panic occurred.\n\n - on certain systems, if multiple InfiniBand queue pairs\n simultaneously fell into an error state, an overrun may\n have occurred, stopping traffic.\n\n - with bridging, when forward delay was set to zero,\n setting an interface to the forwarding state was delayed\n by one or possibly two timers, depending on whether STP\n was enabled. This may have caused long delays in moving\n an interface to the forwarding state. This issue caused\n packet loss when migrating virtual machines, preventing\n them from being migrated without interrupting\n applications.\n\n - on certain multinode systems, IPMI device nodes were\n created in reverse order of where they physically\n resided.\n\n - process hangs may have occurred while accessing\n application data files via asynchronous direct I/O\n system calls.\n\n - on systems with heavy lock traffic, a possible deadlock\n may have caused anything requiring locks over NFS to\n stop, or be very slow. Errors such as 'lockd: server\n [IP] not responding, timed out' were logged on client\n systems.\n\n - unexpected removals of USB devices may have caused a\n NULL pointer dereference in kobject_get_path.\n\n - on Itanium-based systems, repeatedly creating and\n destroying Windows guests may have caused Dom0 to crash,\n due to the 'XENMEM_add_to_physmap' hypercall, used by\n para-virtualized drivers on HVM, being SMP-unsafe.\n\n - when using an MD software RAID, crashes may have\n occurred when devices were removed or changed while\n being iterated through. Correct locking is now used.\n\n - break requests had no effect when using 'Serial Over\n Lan' with the Intel 82571 network card. This issue may\n have caused log in problems.\n\n - on Itanium-based systems, module_free() referred the\n first parameter before checking it was valid. This may\n have caused a kernel panic when exiting SystemTap.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0809&L=scientific-linux-errata&T=0&P=805\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?92d7044b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-92.1.13.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-16T15:07:53", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - CVE-2008-2931: missing check before setting mount propagation\n\n - CVE-2007-6716: dio: use kzalloc to zero out struct dio\n\n - CVE-2008-3272: snd_seq_oss_synth_make_info leak\n\n - CVE-2008-3275: vfs: fix lookup on deleted directory\n\n - CVE-2007-6417: tmpfs: restore missing clear_highpage", "cvss3": {}, "published": "2014-11-26T00:00:00", "type": "nessus", "title": "OracleVM 2.1 : kernel (OVMSA-2008-2006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6417", "CVE-2007-6716", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-boot", "p-cpe:/a:oracle:vm:kernel-boot-devel", "p-cpe:/a:oracle:vm:kernel-kdump", "p-cpe:/a:oracle:vm:kernel-kdump-devel", "p-cpe:/a:oracle:vm:kernel-ovs", "p-cpe:/a:oracle:vm:kernel-ovs-devel", "cpe:/o:oracle:vm_server:2.1"], "id": "ORACLEVM_OVMSA-2008-2006.NASL", "href": "https://www.tenable.com/plugins/nessus/79448", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2008-2006.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79448);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n script_bugtraq_id(27694, 30126, 30559, 30647, 31515);\n\n script_name(english:\"OracleVM 2.1 : kernel (OVMSA-2008-2006)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - CVE-2008-2931: missing check before setting mount\n propagation\n\n - CVE-2007-6716: dio: use kzalloc to zero out struct dio\n\n - CVE-2008-3272: snd_seq_oss_synth_make_info leak\n\n - CVE-2008-3275: vfs: fix lookup on deleted directory\n\n - CVE-2007-6417: tmpfs: restore missing clear_highpage\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2008-September/000004.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6b54f55b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-BOOT-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-ovs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-ovs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"2\\.1\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 2.1\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-BOOT-2.6.18-8.1.15.1.20.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-BOOT-devel-2.6.18-8.1.15.1.20.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-kdump-2.6.18-8.1.15.1.20.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-kdump-devel-2.6.18-8.1.15.1.20.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-ovs-2.6.18-8.1.15.1.20.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-ovs-devel-2.6.18-8.1.15.1.20.el5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-BOOT / kernel-BOOT-devel / kernel-kdump / kernel-kdump-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:25:43", "description": "From Red Hat Security Advisory 2008:0973 :\n\nUpdated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local, unprivileged user to prepare and run a specially crafted binary which would use this deficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* missing capability checks were found in the SBNI WAN driver which could allow a local user to bypass intended capability restrictions.\n(CVE-2008-3525, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local, unprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* a buffer overflow flaw was found in Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2007-6063, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n* the incorrect kunmap function was used in nfs_xdr_readlinkres.\nkunmap() was used where kunmap_atomic() should have been. As a consequence, if an NFSv2 or NFSv3 server exported a volume containing a symlink which included a path equal to or longer than the local system's PATH_MAX, accessing the link caused a kernel oops. This has been corrected in this update.\n\n* mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a pointer. This caused a kernel panic in mptctl_gettargetinfo in some circumstances. A check has been added which prevents this.\n\n* lost tick compensation code in the timer interrupt routine triggered without apparent cause. When running as a fully-virtualized client, this spurious triggering caused the 64-bit version of Red Hat Enterprise Linux 3 to present highly inaccurate times. With this update the lost tick compensation code is turned off when the operating system is running as a fully-virtualized client under Xen or VMware(r).\n\nAll Red Hat Enterprise Linux 3 users should install this updated kernel which addresses these vulnerabilities and fixes these bugs.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 : kernel (ELSA-2008-0973)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6063", "CVE-2008-0598", "CVE-2008-2136", "CVE-2008-2812", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-boot", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-hugemem-unsupported", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-smp-unsupported", "p-cpe:/a:oracle:linux:kernel-source", "p-cpe:/a:oracle:linux:kernel-unsupported", "cpe:/o:oracle:linux:3"], "id": "ORACLELINUX_ELSA-2008-0973.NASL", "href": "https://www.tenable.com/plugins/nessus/67763", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0973 and \n# Oracle Linux Security Advisory ELSA-2008-0973 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67763);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_bugtraq_id(26605, 29235, 29942, 30076, 30647, 31368);\n script_xref(name:\"RHSA\", value:\"2008:0973\");\n\n script_name(english:\"Oracle Linux 3 : kernel (ELSA-2008-0973)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0973 :\n\nUpdated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local, unprivileged user to\nprepare and run a specially crafted binary which would use this\ndeficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2008-2136,\nImportant)\n\n* missing capability checks were found in the SBNI WAN driver which\ncould allow a local user to bypass intended capability restrictions.\n(CVE-2008-3525, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not\nclear the setuid and setgid bits. This could allow a local,\nunprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* a buffer overflow flaw was found in Integrated Services Digital\nNetwork (ISDN) subsystem. A local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2007-6063, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux\nkernel network drivers. These drivers were missing checks for terminal\nvalidity, which could allow privilege escalation. (CVE-2008-2812,\nModerate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local, unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n* the incorrect kunmap function was used in nfs_xdr_readlinkres.\nkunmap() was used where kunmap_atomic() should have been. As a\nconsequence, if an NFSv2 or NFSv3 server exported a volume containing\na symlink which included a path equal to or longer than the local\nsystem's PATH_MAX, accessing the link caused a kernel oops. This has\nbeen corrected in this update.\n\n* mptctl_gettargetinfo did not check if pIoc3 was NULL before using it\nas a pointer. This caused a kernel panic in mptctl_gettargetinfo in\nsome circumstances. A check has been added which prevents this.\n\n* lost tick compensation code in the timer interrupt routine triggered\nwithout apparent cause. When running as a fully-virtualized client,\nthis spurious triggering caused the 64-bit version of Red Hat\nEnterprise Linux 3 to present highly inaccurate times. With this\nupdate the lost tick compensation code is turned off when the\noperating system is running as a fully-virtualized client under Xen or\nVMware(r).\n\nAll Red Hat Enterprise Li

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

Description

Related