SuSE9 Security Update : Linux kernel (YOU Patch Number 12541)

2009-11-16T00:00:00

Description

This update fixes various security issues and some bugs in the SUSE Linux Enterprise 9 kernel. The following security bugs were fixed : - A race condition in the pipe(2) systemcall could be used by local attackers to execute code. (CVE-2009-3547) - On x86_64 systems a information leak of high register contents (upper 32bit) was fixed. (CVE-2009-2910) - The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. (CVE-2009-1192) - Unsigned check in the ax25 socket handler could allow local attackers to potentially crash the kernel or even execute code. (CVE-2009-2909) - The execve function in the Linux kernel did not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. (CVE-2009-2848) - Fixed various sockethandler getname leaks, which could disclose memory previously used by the kernel or other userland processes to the local attacker. (CVE-2009-3002) - Multiple buffer overflows in the cifs subsystem in the Linux kernel allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c. (CVE-2009-1633) - The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state. (CVE-2009-3726)

{"id": "SUSE9_12541.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "SuSE9 Security Update : Linux kernel (YOU Patch Number 12541)", "description": "This update fixes various security issues and some bugs in the SUSE Linux Enterprise 9 kernel.\n\nThe following security bugs were fixed :\n\n - A race condition in the pipe(2) systemcall could be used by local attackers to execute code. (CVE-2009-3547)\n\n - On x86_64 systems a information leak of high register contents (upper 32bit) was fixed. (CVE-2009-2910)\n\n - The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. (CVE-2009-1192)\n\n - Unsigned check in the ax25 socket handler could allow local attackers to potentially crash the kernel or even execute code. (CVE-2009-2909)\n\n - The execve function in the Linux kernel did not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. (CVE-2009-2848)\n\n - Fixed various sockethandler getname leaks, which could disclose memory previously used by the kernel or other userland processes to the local attacker.\n (CVE-2009-3002)\n\n - Multiple buffer overflows in the cifs subsystem in the Linux kernel allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c. (CVE-2009-1633)\n\n - The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state. (CVE-2009-3726)", "published": "2009-11-16T00:00:00", "modified": "2021-01-14T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/42812", "reporter": "This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2848", "http://support.novell.com/security/cve/CVE-2009-1633.html", "http://support.novell.com/security/cve/CVE-2009-2909.html", "http://support.novell.com/security/cve/CVE-2009-1192.html", "http://support.novell.com/security/cve/CVE-2009-3002.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1192", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2909", "http://support.novell.com/security/cve/CVE-2009-3547.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3726", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3002", "http://support.novell.com/security/cve/CVE-2009-2848.html", "http://support.novell.com/security/cve/CVE-2009-2910.html", "http://support.novell.com/security/cve/CVE-2009-3726.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2910", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1633"], "cvelist": ["CVE-2009-1192", "CVE-2009-1633", "CVE-2009-2848", "CVE-2009-2909", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3547", "CVE-2009-3726"], "immutableFields": [], "lastseen": "2023-05-18T14:27:37", "viewCount": 27, "enchantments": {"dependencies": {"references": [{"type": "canvas", "idList": ["FS_PIPE_RACE_TO_NULL"]}, {"type": "centos", "idList": ["CESA-2009:1106", "CESA-2009:1243", "CESA-2009:1438", "CESA-2009:1541", "CESA-2009:1548", "CESA-2009:1550", "CESA-2009:1670", "CESA-2009:1671", "CESA-2010:0046", "CESA-2010:0474"]}, {"type": "cve", "idList": ["CVE-2009-1192", "CVE-2009-1633", "CVE-2009-2848", "CVE-2009-2909", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3547", "CVE-2009-3726"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1787-1:1654D", "DEBIAN:DSA-1794-1:CF19C", "DEBIAN:DSA-1800-1:C8938", "DEBIAN:DSA-1809-1:64C07", "DEBIAN:DSA-1844-1:B4D67", "DEBIAN:DSA-1865-1:34CE7", "DEBIAN:DSA-1872-1:3575F", "DEBIAN:DSA-1915-1:E4B61", "DEBIAN:DSA-1927-1:8E712", "DEBIAN:DSA-1928-1:AD816", "DEBIAN:DSA-1929-1:8AEEF", "DEBIAN:DSA-2003-1:E3418", "DEBIAN:DSA-2004-1:2FC61"]}, {"type": "exploitdb", "idList": ["EDB-ID:40812"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:587E07B26CFC9328AECA2A6FF11BCAF8", "EXPLOITPACK:633DD86A8BF907210A30C73A725BB51D"]}, {"type": "fedora", "idList": ["FEDORA:2478710F7EA", "FEDORA:2BC4510F896", "FEDORA:2CF2010F7EA", "FEDORA:2DF3C10F88B", "FEDORA:41D6810F891", "FEDORA:52EFE10F85C", "FEDORA:5AA2F10FA12", "FEDORA:6D5F810F87F", "FEDORA:921C610F878", "FEDORA:B0F721107BF", "FEDORA:B3FC210F880", "FEDORA:C07E810F9BD", "FEDORA:C80E110F85F", "FEDORA:F394810F8A0"]}, {"type": "kitploit", "idList": ["KITPLOIT:5310354020898253604"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2009-1106.NASL", "CENTOS_RHSA-2009-1243.NASL", "CENTOS_RHSA-2009-1438.NASL", "CENTOS_RHSA-2009-1541.NASL", "CENTOS_RHSA-2009-1548.NASL", "CENTOS_RHSA-2009-1550.NASL", "CENTOS_RHSA-2009-1670.NASL", "CENTOS_RHSA-2009-1671.NASL", "CENTOS_RHSA-2010-0046.NASL", "CENTOS_RHSA-2010-0474.NASL", "DEBIAN_DSA-1787.NASL", "DEBIAN_DSA-1794.NASL", "DEBIAN_DSA-1800.NASL", "DEBIAN_DSA-1809.NASL", "DEBIAN_DSA-1844.NASL", "DEBIAN_DSA-1865.NASL", "DEBIAN_DSA-1872.NASL", "DEBIAN_DSA-1915.NASL", "DEBIAN_DSA-1927.NASL", "DEBIAN_DSA-1928.NASL", "DEBIAN_DSA-1929.NASL", "DEBIAN_DSA-2003.NASL", "DEBIAN_DSA-2005.NASL", "FEDORA_2009-10165.NASL", "FEDORA_2009-10525.NASL", "FEDORA_2009-10639.NASL", "FEDORA_2009-11032.NASL", "FEDORA_2009-11038.NASL", "FEDORA_2009-5356.NASL", "FEDORA_2009-5383.NASL", "FEDORA_2009-9044.NASL", "MANDRIVA_MDVSA-2009-119.NASL", "MANDRIVA_MDVSA-2009-135.NASL", "MANDRIVA_MDVSA-2009-148.NASL", "MANDRIVA_MDVSA-2009-329.NASL", "ORACLELINUX_ELSA-2009-1106.NASL", "ORACLELINUX_ELSA-2009-1132.NASL", "ORACLELINUX_ELSA-2009-1211.NASL", "ORACLELINUX_ELSA-2009-1438.NASL", "ORACLELINUX_ELSA-2009-1541.NASL", "ORACLELINUX_ELSA-2009-1548.NASL", "ORACLELINUX_ELSA-2009-1550.NASL", "ORACLELINUX_ELSA-2009-1670.NASL", "ORACLELINUX_ELSA-2009-1671.NASL", "ORACLELINUX_ELSA-2010-0046.NASL", "ORACLELINUX_ELSA-2010-0474.NASL", "ORACLEVM_OVMSA-2009-0014.NASL", "ORACLEVM_OVMSA-2009-0033.NASL", "ORACLEVM_OVMSA-2013-0039.NASL", "REDHAT-RHSA-2009-1106.NASL", "REDHAT-RHSA-2009-1132.NASL", "REDHAT-RHSA-2009-1211.NASL", "REDHAT-RHSA-2009-1243.NASL", "REDHAT-RHSA-2009-1438.NASL", "REDHAT-RHSA-2009-1466.NASL", "REDHAT-RHSA-2009-1541.NASL", "REDHAT-RHSA-2009-1548.NASL", "REDHAT-RHSA-2009-1550.NASL", "REDHAT-RHSA-2009-1587.NASL", "REDHAT-RHSA-2009-1588.NASL", "REDHAT-RHSA-2009-1670.NASL", "REDHAT-RHSA-2009-1671.NASL", "REDHAT-RHSA-2009-1672.NASL", "REDHAT-RHSA-2010-0046.NASL", "REDHAT-RHSA-2010-0474.NASL", "SL_20090616_KERNEL_ON_SL5_X.NASL", "SL_20090630_KERNEL_ON_SL4_X.NASL", "SL_20090813_KERNEL_ON_SL4_X.NASL", "SL_20091103_KERNEL_ON_SL3_X.NASL", "SL_20091103_KERNEL_ON_SL4_X.NASL", "SL_20091103_KERNEL_ON_SL5_X.NASL", "SL_20091215_KERNEL_ON_SL4_X.NASL", "SL_20091215_KERNEL_ON_SL5_X.NASL", "SL_20100615_KERNEL_ON_SL4_X.NASL", "SUSE_11_0_KERNEL-100203.NASL", "SUSE_11_1_KERNEL-090527.NASL", "SUSE_11_1_KERNEL-091016.NASL", "SUSE_11_1_KERNEL-091123.NASL", "SUSE_11_2_KERNEL-091218.NASL", "SUSE_11_KERNEL-090527.NASL", "SUSE_11_KERNEL-091015.NASL", "SUSE_11_KERNEL-091123.NASL", "SUSE_KERNEL-6632.NASL", "SUSE_KERNEL-6636.NASL", "SUSE_KERNEL-6637.NASL", "SUSE_KERNEL-6641.NASL", "SUSE_KERNEL-6694.NASL", "SUSE_KERNEL-6697.NASL", "SUSE_KERNEL-6726.NASL", "SUSE_KERNEL-6730.NASL", "UBUNTU_USN-793-1.NASL", "UBUNTU_USN-852-1.NASL", "UBUNTU_USN-864-1.NASL", "VMWARE_VMSA-2009-0016.NASL", "VMWARE_VMSA-2009-0016_REMOTE.NASL", "VMWARE_VMSA-2010-0004.NASL", "VMWARE_VMSA-2010-0004_REMOTE.NASL", "VMWARE_VMSA-2010-0009.NASL", "VMWARE_VMSA-2010-0009_REMOTE.NASL", "VMWARE_VMSA-2010-0010.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:103468", "OPENVAS:1361412562310103468", "OPENVAS:1361412562310122396", "OPENVAS:1361412562310122408", "OPENVAS:1361412562310122422", "OPENVAS:1361412562310122448", "OPENVAS:1361412562310122474", "OPENVAS:136141256231063939", "OPENVAS:136141256231063959", "OPENVAS:136141256231064034", "OPENVAS:136141256231064068", "OPENVAS:136141256231064074", "OPENVAS:136141256231064077", "OPENVAS:136141256231064111", "OPENVAS:136141256231064131", "OPENVAS:136141256231064189", "OPENVAS:136141256231064213", "OPENVAS:136141256231064220", "OPENVAS:136141256231064270", "OPENVAS:136141256231064333", "OPENVAS:136141256231064376", "OPENVAS:136141256231064389", "OPENVAS:136141256231064555", "OPENVAS:136141256231064599", "OPENVAS:136141256231064736", "OPENVAS:136141256231064748", "OPENVAS:136141256231064755", "OPENVAS:136141256231064795", "OPENVAS:136141256231064796", "OPENVAS:136141256231064835", "OPENVAS:136141256231064929", "OPENVAS:136141256231064940", "OPENVAS:136141256231064999", "OPENVAS:136141256231065670", "OPENVAS:136141256231066048", "OPENVAS:136141256231066098", "OPENVAS:136141256231066133", "OPENVAS:136141256231066174", "OPENVAS:136141256231066175", "OPENVAS:136141256231066176", "OPENVAS:136141256231066178", "OPENVAS:136141256231066200", "OPENVAS:136141256231066202", "OPENVAS:136141256231066207", "OPENVAS:136141256231066208", "OPENVAS:136141256231066209", "OPENVAS:136141256231066213", "OPENVAS:136141256231066217", "OPENVAS:136141256231066218", "OPENVAS:136141256231066219", "OPENVAS:136141256231066227", "OPENVAS:136141256231066276", "OPENVAS:136141256231066280", "OPENVAS:136141256231066289", "OPENVAS:136141256231066352", "OPENVAS:136141256231066356", "OPENVAS:136141256231066452", "OPENVAS:136141256231066460", "OPENVAS:136141256231066509", "OPENVAS:136141256231066534", "OPENVAS:136141256231066535", "OPENVAS:136141256231066581", "OPENVAS:136141256231066618", "OPENVAS:136141256231066622", "OPENVAS:136141256231066954", "OPENVAS:1361412562310850120", "OPENVAS:1361412562310850125", "OPENVAS:1361412562310861615", "OPENVAS:1361412562310861694", "OPENVAS:1361412562310861742", "OPENVAS:1361412562310870210", "OPENVAS:1361412562310870277", "OPENVAS:1361412562310880414", "OPENVAS:1361412562310880643", "OPENVAS:1361412562310880731", "OPENVAS:1361412562310880750", "OPENVAS:1361412562310880764", "OPENVAS:1361412562310880808", "OPENVAS:1361412562310880828", "OPENVAS:1361412562310880838", "OPENVAS:1361412562310880884", "OPENVAS:1361412562310880935", "OPENVAS:63939", "OPENVAS:63959", "OPENVAS:64034", "OPENVAS:64068", "OPENVAS:64074", "OPENVAS:64077", "OPENVAS:64111", "OPENVAS:64131", "OPENVAS:64175", "OPENVAS:64189", "OPENVAS:64213", "OPENVAS:64220", "OPENVAS:64270", "OPENVAS:64333", "OPENVAS:64376", "OPENVAS:64389", "OPENVAS:64555", "OPENVAS:64599", "OPENVAS:64736", "OPENVAS:64748", "OPENVAS:64755", "OPENVAS:64795", "OPENVAS:64796", "OPENVAS:64835", "OPENVAS:64929", "OPENVAS:64940", "OPENVAS:64999", "OPENVAS:65670", "OPENVAS:66048", "OPENVAS:66098", "OPENVAS:66133", "OPENVAS:66174", "OPENVAS:66175", "OPENVAS:66176", "OPENVAS:66178", "OPENVAS:66200", "OPENVAS:66202", "OPENVAS:66207", "OPENVAS:66208", "OPENVAS:66209", "OPENVAS:66213", "OPENVAS:66217", "OPENVAS:66218", "OPENVAS:66219", "OPENVAS:66227", "OPENVAS:66276", "OPENVAS:66280", "OPENVAS:66289", "OPENVAS:66352", "OPENVAS:66356", "OPENVAS:66452", "OPENVAS:66460", "OPENVAS:66509", "OPENVAS:66534", "OPENVAS:66535", "OPENVAS:66581", "OPENVAS:66618", "OPENVAS:66622", "OPENVAS:66954", "OPENVAS:850120", "OPENVAS:850125", "OPENVAS:861615", "OPENVAS:861694", "OPENVAS:861742", "OPENVAS:870210", "OPENVAS:870277", "OPENVAS:880414", "OPENVAS:880643", "OPENVAS:880731", "OPENVAS:880750", "OPENVAS:880764", "OPENVAS:880808", "OPENVAS:880828", "OPENVAS:880838", "OPENVAS:880884", "OPENVAS:880935"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1106", "ELSA-2009-1132", "ELSA-2009-1211", "ELSA-2009-1243", "ELSA-2009-1438", "ELSA-2009-1455", "ELSA-2009-1541", "ELSA-2009-1548", "ELSA-2009-1550", "ELSA-2009-1670", "ELSA-2009-1671", "ELSA-2010-0046", "ELSA-2010-0178", "ELSA-2010-0474", "ELSA-2018-4235", "ELSA-2019-4702", "ELSA-2019-4732"]}, {"type": "osv", "idList": ["OSV:DSA-1787-1", "OSV:DSA-1794-1", "OSV:DSA-1800-1", "OSV:DSA-1809-1", "OSV:DSA-1844-1", "OSV:DSA-1865-1", "OSV:DSA-1872-1", "OSV:DSA-1915-1", "OSV:DSA-1927-1", "OSV:DSA-1928-1", "OSV:DSA-1929-1", "OSV:DSA-2003-1", "OSV:DSA-2005-1"]}, {"type": "redhat", "idList": ["RHSA-2009:1081", "RHSA-2009:1106", "RHSA-2009:1132", "RHSA-2009:1157", "RHSA-2009:1211", "RHSA-2009:1239", "RHSA-2009:1243", "RHSA-2009:1438", "RHSA-2009:1466", "RHSA-2009:1540", "RHSA-2009:1541", "RHSA-2009:1548", "RHSA-2009:1550", "RHSA-2009:1587", "RHSA-2009:1588", "RHSA-2009:1635", "RHSA-2009:1670", "RHSA-2009:1671", "RHSA-2009:1672", "RHSA-2009:1692", "RHSA-2010:0046", "RHSA-2010:0095", "RHSA-2010:0474"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21767", "SECURITYVULNS:DOC:21930", "SECURITYVULNS:DOC:22139", "SECURITYVULNS:DOC:22217", "SECURITYVULNS:DOC:22367", "SECURITYVULNS:DOC:22675", "SECURITYVULNS:DOC:22752", "SECURITYVULNS:DOC:28783", "SECURITYVULNS:VULN:10177", "SECURITYVULNS:VULN:10380", "SECURITYVULNS:VULN:9889", "SECURITYVULNS:VULN:9955"]}, {"type": "seebug", "idList": ["SSV:11333", "SSV:12088", "SSV:12161", "SSV:12172", "SSV:12510", "SSV:12576", "SSV:12588", "SSV:12593", "SSV:5116", "SSV:66852"]}, {"type": "suse", "idList": ["SUSE-SA:2009:032", "SUSE-SA:2009:051", "SUSE-SA:2009:054", "SUSE-SA:2009:055", "SUSE-SA:2009:056", "SUSE-SA:2009:060", "SUSE-SA:2009:061", "SUSE-SA:2009:064", "SUSE-SA:2010:001", "SUSE-SA:2010:012"]}, {"type": "threatpost", "idList": ["THREATPOST:9B247D64D74F86C01215CC8DF7D85698"]}, {"type": "ubuntu", "idList": ["USN-793-1", "USN-852-1", "USN-864-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1192", "UB:CVE-2009-1633", "UB:CVE-2009-2848", "UB:CVE-2009-2909", "UB:CVE-2009-2910", "UB:CVE-2009-3002", "UB:CVE-2009-3547", "UB:CVE-2009-3726"]}, {"type": "veracode", "idList": ["VERACODE:23704", "VERACODE:23707", "VERACODE:23770", "VERACODE:23879", "VERACODE:23894", "VERACODE:23916", "VERACODE:23924"]}, {"type": "vmware", "idList": ["VMSA-2009-0016", "VMSA-2009-0016.6", "VMSA-2010-0004", "VMSA-2010-0004.5", "VMSA-2010-0009", "VMSA-2010-0009.2", "VMSA-2010-0010"]}, {"type": "zdt", "idList": ["1337DAY-ID-26409"]}]}, "score": {"value": 0.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "canvas", "idList": ["FS_PIPE_RACE_TO_NULL"]}, {"type": "centos", "idList": ["CESA-2009:1106", "CESA-2009:1243", "CESA-2009:1438", "CESA-2009:1541", "CESA-2009:1548", "CESA-2009:1550", "CESA-2009:1670", "CESA-2009:1671", "CESA-2010:0046", "CESA-2010:0474"]}, {"type": "cve", "idList": ["CVE-2009-1192"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1915-1:E4B61", "DEBIAN:DSA-2003-1:E3418"]}, {"type": "exploitdb", "idList": ["EDB-ID:40812"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:587E07B26CFC9328AECA2A6FF11BCAF8"]}, {"type": "fedora", "idList": ["FEDORA:F394810F8A0"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-1928.NASL", "REDHAT-RHSA-2010-0474.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310107443", "OPENVAS:136141256231064074", "OPENVAS:136141256231064940", "OPENVAS:136141256231066098", "OPENVAS:136141256231066178", "OPENVAS:136141256231066218", "OPENVAS:1361412562310870210", "OPENVAS:64220", "OPENVAS:66452", "OPENVAS:880643", "OPENVAS:880808"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1106", "ELSA-2009-1132", "ELSA-2009-1211", "ELSA-2009-1438", "ELSA-2009-1455", "ELSA-2009-1541", "ELSA-2009-1548", "ELSA-2009-1550", "ELSA-2009-1670", "ELSA-2009-1671", "ELSA-2010-0046", "ELSA-2010-0474"]}, {"type": "redhat", "idList": ["RHSA-2009:1106", "RHSA-2009:1132", "RHSA-2009:1211", "RHSA-2009:1243", "RHSA-2009:1438", "RHSA-2009:1541", "RHSA-2009:1548", "RHSA-2009:1588", "RHSA-2009:1670", "RHSA-2009:1671", "RHSA-2010:0046", "RHSA-2010:0474"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:22752"]}, {"type": "seebug", "idList": ["SSV:12088", "SSV:12510"]}, {"type": "suse", "idList": ["SUSE-SA:2009:064"]}, {"type": "ubuntu", "idList": ["USN-864-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-2848", "UB:CVE-2009-2909", "UB:CVE-2009-2910"]}, {"type": "vmware", "idList": ["VMSA-2010-0010"]}, {"type": "zdt", "idList": ["1337DAY-ID-26409"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2009-1192", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-06"}, {"cve": "CVE-2009-1633", "epss": 0.00252, "percentile": 0.61566, "modified": "2023-05-06"}, {"cve": "CVE-2009-2848", "epss": 0.00052, "percentile": 0.1799, "modified": "2023-05-06"}, {"cve": "CVE-2009-2909", "epss": 0.00042, "percentile": 0.05667, "modified": "2023-05-06"}, {"cve": "CVE-2009-2910", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-06"}, {"cve": "CVE-2009-3002", "epss": 0.00044, "percentile": 0.08443, "modified": "2023-05-06"}, {"cve": "CVE-2009-3547", "epss": 0.00042, "percentile": 0.00487, "modified": "2023-05-06"}, {"cve": "CVE-2009-3726", "epss": 0.00299, "percentile": 0.64906, "modified": "2023-05-06"}], "vulnersScore": 0.1}, "_state": {"dependencies": 1684423147, "score": 1684420145, "epss": 0}, "_internal": {"score_hash": "f4c1869dc1e8d4384790bf75c997a6b0"}, "pluginID": "42812", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42812);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1192\", \"CVE-2009-1633\", \"CVE-2009-2848\", \"CVE-2009-2909\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3547\", \"CVE-2009-3726\");\n\n script_name(english:\"SuSE9 Security Update : Linux kernel (YOU Patch Number 12541)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various security issues and some bugs in the SUSE\nLinux Enterprise 9 kernel.\n\nThe following security bugs were fixed :\n\n - A race condition in the pipe(2) systemcall could be used\n by local attackers to execute code. (CVE-2009-3547)\n\n - On x86_64 systems a information leak of high register\n contents (upper 32bit) was fixed. (CVE-2009-2910)\n\n - The (1) agp_generic_alloc_page and (2)\n agp_generic_alloc_pages functions in\n drivers/char/agp/generic.c in the agp subsystem in the\n Linux kernel do not zero out pages that may later be\n available to a user-space process, which allows local\n users to obtain sensitive information by reading these\n pages. (CVE-2009-1192)\n\n - Unsigned check in the ax25 socket handler could allow\n local attackers to potentially crash the kernel or even\n execute code. (CVE-2009-2909)\n\n - The execve function in the Linux kernel did not properly\n clear the current->clear_child_tid pointer, which allows\n local users to cause a denial of service (memory\n corruption) or possibly gain privileges via a clone\n system call with CLONE_CHILD_SETTID or\n CLONE_CHILD_CLEARTID enabled, which is not properly\n handled during thread creation and exit. (CVE-2009-2848)\n\n - Fixed various sockethandler getname leaks, which could\n disclose memory previously used by the kernel or other\n userland processes to the local attacker.\n (CVE-2009-3002)\n\n - Multiple buffer overflows in the cifs subsystem in the\n Linux kernel allow remote CIFS servers to cause a denial\n of service (memory corruption) and possibly have\n unspecified other impact via (1) a malformed Unicode\n string, related to Unicode string area alignment in\n fs/cifs/sess.c; or (2) long Unicode characters, related\n to fs/cifs/cifssmb.c and the cifs_readdir function in\n fs/cifs/readdir.c. (CVE-2009-1633)\n\n - The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the\n NFSv4 client in the allows remote NFS servers to cause a\n denial of service (NULL pointer dereference and panic)\n by sending a certain response containing incorrect file\n attributes, which trigger attempted use of an open file\n that lacks NFSv4 state. (CVE-2009-3726)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1192.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1633.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2848.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2909.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2910.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3002.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3547.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3726.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12541.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119, 189, 200, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-bigsmp-2.6.5-7.321\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-debug-2.6.5-7.321\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-default-2.6.5-7.321\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-smp-2.6.5-7.321\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-source-2.6.5-7.321\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-syms-2.6.5-7.321\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-um-2.6.5-7.321\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-xen-2.6.5-7.321\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-xenpae-2.6.5-7.321\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"um-host-install-initrd-1.0-48.34\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"um-host-kernel-2.6.5-7.321\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"xen-kmp-3.0.4_2.6.5_7.321-0.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["cpe:/o:suse:suse_linux"], "solution": "Apply YOU patch number 12541.", "nessusSeverity": "High", "cvssScoreSource": "", "vendor_cvss2": {"score": 7.8, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {"risk factor": "Critical", "score": "9.0"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2009-11-11T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": ["CANVAS(CANVAS)"]}

{"openvas": [{"lastseen": "2018-04-06T11:40:26", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n um-host-install-initrd\n um-host-kernel\n xen-kmp\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5062456 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "SLES9: Security update for Linux kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3726", "CVE-2009-2910", "CVE-2009-1192", "CVE-2009-3547", "CVE-2009-3002", "CVE-2009-1633", "CVE-2009-2848", "CVE-2009-2909"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066276", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066276", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5062456.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n um-host-install-initrd\n um-host-kernel\n xen-kmp\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5062456 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66276\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3547\", \"CVE-2009-2910\", \"CVE-2009-1192\", \"CVE-2009-2909\", \"CVE-2009-2848\", \"CVE-2009-3002\", \"CVE-2009-1633\", \"CVE-2009-3726\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES9: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.5~7.321\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:16", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n um-host-install-initrd\n um-host-kernel\n xen-kmp\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5062456 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "SLES9: Security update for Linux kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3726", "CVE-2009-2910", "CVE-2009-1192", "CVE-2009-3547", "CVE-2009-3002", "CVE-2009-1633", "CVE-2009-2848", "CVE-2009-2909"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66276", "href": "http://plugins.openvas.org/nasl.php?oid=66276", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5062456.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n um-host-install-initrd\n um-host-kernel\n xen-kmp\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5062456 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(66276);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3547\", \"CVE-2009-2910\", \"CVE-2009-1192\", \"CVE-2009-2909\", \"CVE-2009-2848\", \"CVE-2009-3002\", \"CVE-2009-1633\", \"CVE-2009-3726\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES9: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.5~7.321\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:22", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-kdump\n kernel-smp\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmipae\n kernel-xen\n kernel-xenpae\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "SLES10: Security update for Linux kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3238", "CVE-2009-1192", "CVE-2009-3547", "CVE-2009-3002", "CVE-2009-1633", "CVE-2009-2848", "CVE-2009-2909"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66280", "href": "http://plugins.openvas.org/nasl.php?oid=66280", "sourceData": "#\n#VID slesp2-kernel-6632\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-kdump\n kernel-smp\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmipae\n kernel-xen\n kernel-xenpae\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(66280);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3547\", \"CVE-2009-2910\", \"CVE-2009-3238\", \"CVE-2009-1192\", \"CVE-2009-2909\", \"CVE-2009-2848\", \"CVE-2009-3002\", \"CVE-2009-1633\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"SLES10: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmi\", rpm:\"kernel-vmi~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmipae\", rpm:\"kernel-vmipae~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-04-06T11:40:44", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-kdump\n kernel-smp\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmipae\n kernel-xen\n kernel-xenpae\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-17T00:00:00", "type": "openvas", "title": "SLES10: Security update for Linux kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3238", "CVE-2009-1192", "CVE-2009-3547", "CVE-2009-3002", "CVE-2009-1633", "CVE-2009-2848", "CVE-2009-2909"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066280", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066280", "sourceData": "#\n#VID slesp2-kernel-6632\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-kdump\n kernel-smp\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmipae\n kernel-xen\n kernel-xenpae\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66280\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3547\", \"CVE-2009-2910\", \"CVE-2009-3238\", \"CVE-2009-1192\", \"CVE-2009-2909\", \"CVE-2009-2848\", \"CVE-2009-3002\", \"CVE-2009-1633\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"SLES10: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmi\", rpm:\"kernel-vmi~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmipae\", rpm:\"kernel-vmipae~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.16.60~0.42.7\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-04-06T11:39:37", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ext4dev-kmp-default\n ext4dev-kmp-pae\n ext4dev-kmp-vmi\n ext4dev-kmp-xen\n kernel-default\n kernel-default-base\n kernel-pae\n kernel-pae-base\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmi-base\n kernel-xen\n kernel-xen-base\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for Linux kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3002", "CVE-2009-2909"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066227", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066227", "sourceData": "#\n#VID 180ffe58c62210bba55d0af594f5207f\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ext4dev-kmp-default\n ext4dev-kmp-pae\n ext4dev-kmp-vmi\n ext4dev-kmp-xen\n kernel-default\n kernel-default-base\n kernel-pae\n kernel-pae-base\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmi-base\n kernel-xen\n kernel-xen-base\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=410452\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=441650\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=448410\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=459146\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=466554\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=471396\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=472342\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=476582\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=477816\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=483375\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=483706\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=487412\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=490030\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=492547\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=498708\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=501563\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=504646\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=509753\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=511306\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=514022\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=515640\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=524242\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=527754\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=528769\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=531260\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=531384\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=531437\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=531533\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=531633\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=532063\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=532443\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=532598\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=533267\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=533267\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=534065\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=534202\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=534214\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.66227\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-2909\", \"CVE-2009-3002\", \"CVE-2009-2910\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES11: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-default\", rpm:\"ext4dev-kmp-default~0_2.6.27.37_0.1~7.1.18\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-pae\", rpm:\"ext4dev-kmp-pae~0_2.6.27.37_0.1~7.1.18\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-vmi\", rpm:\"ext4dev-kmp-vmi~0_2.6.27.37_0.1~7.1.18\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-xen\", rpm:\"ext4dev-kmp-xen~0_2.6.27.37_0.1~7.1.18\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmi\", rpm:\"kernel-vmi~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmi-base\", rpm:\"kernel-vmi-base~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-04-06T11:38:05", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:051.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "SuSE Security Advisory SUSE-SA:2009:051 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3002", "CVE-2009-2909"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066213", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066213", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_051.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:051 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The SUSE Linux Enterprise 11 and openSUSE 11.1 kernel was updated to\n2.6.27.37 fixing various bugs and security issues.\n\nFollowing security issues were fixed:\nCVE-2009-2909: Unsigned check in the ax25 socket handler could allow\nlocal attackers to potentially crash the kernel or even execute code.\n\nCVE-2009-3002: Fixed various socket handler getname leaks, which\ncould disclose memory previously used by the kernel or other userland\nprocesses to the local attacker.\n\nCVE-2009-2910: An information leakage with upper 32bit register values\non x86_64 systems was fixed.\n\nVarious KVM stability and security fixes have also been added.\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:051\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:051.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66213\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-2909\", \"CVE-2009-2910\", \"CVE-2009-3002\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:051 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ec2-debuginfo\", rpm:\"kernel-ec2-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ec2-debugsource\", rpm:\"kernel-ec2-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-debuginfo\", rpm:\"kernel-pae-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-debugsource\", rpm:\"kernel-pae-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source-debuginfo\", rpm:\"kernel-source-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-debuginfo\", rpm:\"kernel-trace-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-debugsource\", rpm:\"kernel-trace-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debugsource\", rpm:\"kernel-xen-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ec2-extra\", rpm:\"kernel-ec2-extra~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~2.6.3~3.13.55\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debugsource\", rpm:\"kernel-kdump-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-debuginfo\", rpm:\"kernel-ppc64-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-debugsource\", rpm:\"kernel-ppc64-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3-debuginfo\", rpm:\"kernel-ps3-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3-debugsource\", rpm:\"kernel-ps3-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64\", rpm:\"kernel-ppc64~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-base\", rpm:\"kernel-ppc64-base~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-extra\", rpm:\"kernel-ppc64-extra~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3\", rpm:\"kernel-ps3~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-26T08:56:00", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ext4dev-kmp-default\n ext4dev-kmp-pae\n ext4dev-kmp-vmi\n ext4dev-kmp-xen\n kernel-default\n kernel-default-base\n kernel-pae\n kernel-pae-base\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmi-base\n kernel-xen\n kernel-xen-base\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "SLES11: Security update for Linux kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3002", "CVE-2009-2909"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66227", "href": "http://plugins.openvas.org/nasl.php?oid=66227", "sourceData": "#\n#VID 180ffe58c62210bba55d0af594f5207f\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ext4dev-kmp-default\n ext4dev-kmp-pae\n ext4dev-kmp-vmi\n ext4dev-kmp-xen\n kernel-default\n kernel-default-base\n kernel-pae\n kernel-pae-base\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmi-base\n kernel-xen\n kernel-xen-base\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=410452\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=441650\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=448410\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=459146\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=466554\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=471396\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=472342\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=476582\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=477816\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=483375\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=483706\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=487412\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=490030\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=492547\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=498708\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=501563\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=504646\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=509753\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=511306\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=514022\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=515640\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=524242\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=527754\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=528769\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=531260\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=531384\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=531437\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=531533\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=531633\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=532063\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=532443\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=532598\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=533267\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=533267\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=534065\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=534202\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=534214\");\n script_id(66227);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-2909\", \"CVE-2009-3002\", \"CVE-2009-2910\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES11: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-default\", rpm:\"ext4dev-kmp-default~0_2.6.27.37_0.1~7.1.18\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-pae\", rpm:\"ext4dev-kmp-pae~0_2.6.27.37_0.1~7.1.18\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-vmi\", rpm:\"ext4dev-kmp-vmi~0_2.6.27.37_0.1~7.1.18\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-xen\", rpm:\"ext4dev-kmp-xen~0_2.6.27.37_0.1~7.1.18\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmi\", rpm:\"kernel-vmi~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmi-base\", rpm:\"kernel-vmi-base~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.37~0.1.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-26T08:55:29", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:051.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "SuSE Security Advisory SUSE-SA:2009:051 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3002", "CVE-2009-2909"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66213", "href": "http://plugins.openvas.org/nasl.php?oid=66213", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_051.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:051 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The SUSE Linux Enterprise 11 and openSUSE 11.1 kernel was updated to\n2.6.27.37 fixing various bugs and security issues.\n\nFollowing security issues were fixed:\nCVE-2009-2909: Unsigned check in the ax25 socket handler could allow\nlocal attackers to potentially crash the kernel or even execute code.\n\nCVE-2009-3002: Fixed various socket handler getname leaks, which\ncould disclose memory previously used by the kernel or other userland\nprocesses to the local attacker.\n\nCVE-2009-2910: An information leakage with upper 32bit register values\non x86_64 systems was fixed.\n\nVarious KVM stability and security fixes have also been added.\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:051\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:051.\";\n\n \n\nif(description)\n{\n script_id(66213);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-2909\", \"CVE-2009-2910\", \"CVE-2009-3002\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:051 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ec2-debuginfo\", rpm:\"kernel-ec2-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ec2-debugsource\", rpm:\"kernel-ec2-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-debuginfo\", rpm:\"kernel-pae-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-debugsource\", rpm:\"kernel-pae-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source-debuginfo\", rpm:\"kernel-source-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-debuginfo\", rpm:\"kernel-trace-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-debugsource\", rpm:\"kernel-trace-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debugsource\", rpm:\"kernel-xen-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ec2-extra\", rpm:\"kernel-ec2-extra~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~2.6.3~3.13.55\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debugsource\", rpm:\"kernel-kdump-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-debuginfo\", rpm:\"kernel-ppc64-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-debugsource\", rpm:\"kernel-ppc64-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3-debuginfo\", rpm:\"kernel-ps3-debuginfo~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3-debugsource\", rpm:\"kernel-ps3-debugsource~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64\", rpm:\"kernel-ppc64~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-base\", rpm:\"kernel-ppc64-base~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-extra\", rpm:\"kernel-ppc64-extra~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3\", rpm:\"kernel-ps3~2.6.27.37~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-19T15:05:21", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-02-19T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2010:012", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3939", "CVE-2010-0007", "CVE-2009-3621", "CVE-2009-3726", "CVE-2009-2910", "CVE-2009-3238", "CVE-2009-4538", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-3002", "CVE-2009-4536", "CVE-2009-1633", "CVE-2009-4308", "CVE-2009-2848", "CVE-2009-2903", "CVE-2009-4021", "CVE-2010-0003", "CVE-2009-3286", "CVE-2009-3612", "CVE-2009-4138"], "modified": "2018-01-19T00:00:00", "id": "OPENVAS:1361412562310850125", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850125", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for kernel SUSE-SA:2010:012\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This kernel update for openSUSE 11.0 fixes some bugs and several\n security problems.\n\n The following security issues are fixed:\n CVE-2009-4536: drivers/net/e1000/e1000_main.c in the e1000 driver\n in the Linux kernel handles Ethernet frames that exceed the MTU by\n processing certain trailing payload data as if it were a complete\n frame, which allows remote attackers to bypass packet filters via a\n large packet with a crafted payload.\n\n CVE-2009-4538: drivers/net/e1000e/netdev.c in the e1000e driver in\n the Linux kernel does not properly check the size of an Ethernet\n frame that exceeds the MTU, which allows remote attackers to have an\n unspecified impact via crafted packets.\n\n CVE-2010-0007: Missing CAP_NET_ADMIN checks in the ebtables netfilter\n code might have allowed local attackers to modify bridge firewall\n settings.\n\n CVE-2010-0003: An information leakage on fatal signals on x86_64\n machines was fixed.\n\n CVE-2009-4138: drivers/firewire/ohci.c in the Linux kernel, when\n packet-per-buffer mode is used, allows local users to cause a denial\n of service (NULL pointer dereference and system crash) or possibly\n have unknown other impact via an unspecified ioctl associated with\n receiving an ISO packet that contains zero in the payload-length field.\n\n CVE-2009-4308: The ext4_decode_error function in fs/ext4/super.c\n in the ext4 filesystem in the Linux kernel before 2.6.32 allows\n user-assisted remote attackers to cause a denial of service (NULL\n pointer dereference), and possibly have unspecified other impact,\n via a crafted read-only filesystem that lacks a journal.\n\n CVE-2009-3939: The poll_mode_io file for the megaraid_sas driver in\n the Linux kernel 2.6.31.6 and earlier has world-writable permissions,\n which allows local users to change the I/O mode of the driver by\n modifying this file.\n\n CVE-2009-4021: The fuse_direct_io function in fs/fuse/file.c in the\n fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow\n attackers to cause a denial of service (invalid pointer dereference\n and OOPS) via vectors possibly related to a memory-consumption attack.\n\n CVE-2009-3547: A race condition in the pipe(2) system call could be\n used by local attackers to hang the machine. The kernel in Moblin\n 2.0 uses NULL ptr protection which avoids code execution possibilities.\n\n CVE-2009-2903: Memory leak in the AppleTalk subsystem in the Linux\n kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the\n AppleTalk and ipddp modules are loaded but the ipddp"N" device is\n not found, allows remote ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_impact = \"local privilege escalation, remote denial of service\";\ntag_affected = \"kernel on openSUSE 11.0\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850125\");\n script_version(\"$Revision: 8469 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-19 13:38:15 +0100 (Fri, 19 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2010-012\");\n script_cve_id(\"CVE-2009-1633\", \"CVE-2009-2848\", \"CVE-2009-2903\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3238\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\", \"CVE-2009-3939\", \"CVE-2009-4021\", \"CVE-2009-4138\", \"CVE-2009-4308\", \"CVE-2009-4536\", \"CVE-2009-4538\", \"CVE-2010-0003\", \"CVE-2010-0007\");\n script_name(\"SuSE Update for kernel SUSE-SA:2010:012\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-debuginfo\", rpm:\"kernel-pae-debuginfo~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-debugsource\", rpm:\"kernel-pae-debugsource~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source-debuginfo\", rpm:\"kernel-source-debuginfo~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debugsource\", rpm:\"kernel-xen-debugsource~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"acerhk-kmp-debug\", rpm:\"acerhk-kmp-debug~0.5.35_2.6.25.20_0.6~98.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"acx-kmp-debug-20080210\", rpm:\"acx-kmp-debug-20080210~2.6.25.20_0.6~4.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"appleir-kmp-debug\", rpm:\"appleir-kmp-debug~1.1_2.6.25.20_0.6~108.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"at76_usb-kmp-debug\", rpm:\"at76_usb-kmp-debug~0.17_2.6.25.20_0.6~2.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"atl2-kmp-debug\", rpm:\"atl2-kmp-debug~2.0.4_2.6.25.20_0.6~4.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"aufs-kmp-debug-cvs20080429\", rpm:\"aufs-kmp-debug-cvs20080429~2.6.25.20_0.6~13.3\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dazuko-kmp-debug\", rpm:\"dazuko-kmp-debug~2.3.4.4_2.6.25.20_0.6~42.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drbd-kmp-debug\", rpm:\"drbd-kmp-debug~8.2.6_2.6.25.20_0.6~0.2\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gspcav-kmp-debug\", rpm:\"gspcav-kmp-debug~01.00.20_2.6.25.20_0.6~1.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kmp-debug\", rpm:\"iscsitarget-kmp-debug~0.4.15_2.6.25.20_0.6~63.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ivtv-kmp-debug\", rpm:\"ivtv-kmp-debug~1.0.3_2.6.25.20_0.6~66.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kmp-debug\", rpm:\"kqemu-kmp-debug~1.3.0pre11_2.6.25.20_0.6~7.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nouveau-kmp-debug\", rpm:\"nouveau-kmp-debug~0.10.1.20081112_2.6.25.20_0.6~0.4\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kmp-debug-20080313\", rpm:\"omnibook-kmp-debug-20080313~2.6.25.20_0.6~1.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcc-acpi-kmp-debug\", rpm:\"pcc-acpi-kmp-debug~0.9_2.6.25.20_0.6~4.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcfclock-kmp-debug\", rpm:\"pcfclock-kmp-debug~0.44_2.6.25.20_0.6~207.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tpctl-kmp-debug\", rpm:\"tpctl-kmp-debug~4.17_2.6.25.20_0.6~189.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"uvcvideo-kmp-debug-r200\", rpm:\"uvcvideo-kmp-debug-r200~2.6.25.20_0.6~2.4\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-ose-kmp-debug\", rpm:\"virtualbox-ose-kmp-debug~1.5.6_2.6.25.20_0.6~33.5\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vmware-kmp-debug\", rpm:\"vmware-kmp-debug~2008.04.14_2.6.25.20_0.6~21.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wlan-ng-kmp-debug\", rpm:\"wlan-ng-kmp-debug~0.2.8_2.6.25.20_0.6~107.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-21T11:33:25", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-02-19T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2010:012", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3939", "CVE-2010-0007", "CVE-2009-3621", "CVE-2009-3726", "CVE-2009-2910", "CVE-2009-3238", "CVE-2009-4538", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-3002", "CVE-2009-4536", "CVE-2009-1633", "CVE-2009-4308", "CVE-2009-2848", "CVE-2009-2903", "CVE-2009-4021", "CVE-2010-0003", "CVE-2009-3286", "CVE-2009-3612", "CVE-2009-4138"], "modified": "2017-12-21T00:00:00", "id": "OPENVAS:850125", "href": "http://plugins.openvas.org/nasl.php?oid=850125", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for kernel SUSE-SA:2010:012\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This kernel update for openSUSE 11.0 fixes some bugs and several\n security problems.\n\n The following security issues are fixed:\n CVE-2009-4536: drivers/net/e1000/e1000_main.c in the e1000 driver\n in the Linux kernel handles Ethernet frames that exceed the MTU by\n processing certain trailing payload data as if it were a complete\n frame, which allows remote attackers to bypass packet filters via a\n large packet with a crafted payload.\n\n CVE-2009-4538: drivers/net/e1000e/netdev.c in the e1000e driver in\n the Linux kernel does not properly check the size of an Ethernet\n frame that exceeds the MTU, which allows remote attackers to have an\n unspecified impact via crafted packets.\n\n CVE-2010-0007: Missing CAP_NET_ADMIN checks in the ebtables netfilter\n code might have allowed local attackers to modify bridge firewall\n settings.\n\n CVE-2010-0003: An information leakage on fatal signals on x86_64\n machines was fixed.\n\n CVE-2009-4138: drivers/firewire/ohci.c in the Linux kernel, when\n packet-per-buffer mode is used, allows local users to cause a denial\n of service (NULL pointer dereference and system crash) or possibly\n have unknown other impact via an unspecified ioctl associated with\n receiving an ISO packet that contains zero in the payload-length field.\n\n CVE-2009-4308: The ext4_decode_error function in fs/ext4/super.c\n in the ext4 filesystem in the Linux kernel before 2.6.32 allows\n user-assisted remote attackers to cause a denial of service (NULL\n pointer dereference), and possibly have unspecified other impact,\n via a crafted read-only filesystem that lacks a journal.\n\n CVE-2009-3939: The poll_mode_io file for the megaraid_sas driver in\n the Linux kernel 2.6.31.6 and earlier has world-writable permissions,\n which allows local users to change the I/O mode of the driver by\n modifying this file.\n\n CVE-2009-4021: The fuse_direct_io function in fs/fuse/file.c in the\n fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow\n attackers to cause a denial of service (invalid pointer dereference\n and OOPS) via vectors possibly related to a memory-consumption attack.\n\n CVE-2009-3547: A race condition in the pipe(2) system call could be\n used by local attackers to hang the machine. The kernel in Moblin\n 2.0 uses NULL ptr protection which avoids code execution possibilities.\n\n CVE-2009-2903: Memory leak in the AppleTalk subsystem in the Linux\n kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the\n AppleTalk and ipddp modules are loaded but the ipddp"N" device is\n not found, allows remote ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_impact = \"local privilege escalation, remote denial of service\";\ntag_affected = \"kernel on openSUSE 11.0\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850125);\n script_version(\"$Revision: 8205 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 07:30:37 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-19 13:38:15 +0100 (Fri, 19 Feb 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2010-012\");\n script_cve_id(\"CVE-2009-1633\", \"CVE-2009-2848\", \"CVE-2009-2903\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3238\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\", \"CVE-2009-3939\", \"CVE-2009-4021\", \"CVE-2009-4138\", \"CVE-2009-4308\", \"CVE-2009-4536\", \"CVE-2009-4538\", \"CVE-2010-0003\", \"CVE-2010-0007\");\n script_name(\"SuSE Update for kernel SUSE-SA:2010:012\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-debuginfo\", rpm:\"kernel-pae-debuginfo~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-debugsource\", rpm:\"kernel-pae-debugsource~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source-debuginfo\", rpm:\"kernel-source-debuginfo~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debugsource\", rpm:\"kernel-xen-debugsource~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"acerhk-kmp-debug\", rpm:\"acerhk-kmp-debug~0.5.35_2.6.25.20_0.6~98.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"acx-kmp-debug-20080210\", rpm:\"acx-kmp-debug-20080210~2.6.25.20_0.6~4.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"appleir-kmp-debug\", rpm:\"appleir-kmp-debug~1.1_2.6.25.20_0.6~108.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"at76_usb-kmp-debug\", rpm:\"at76_usb-kmp-debug~0.17_2.6.25.20_0.6~2.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"atl2-kmp-debug\", rpm:\"atl2-kmp-debug~2.0.4_2.6.25.20_0.6~4.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"aufs-kmp-debug-cvs20080429\", rpm:\"aufs-kmp-debug-cvs20080429~2.6.25.20_0.6~13.3\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"dazuko-kmp-debug\", rpm:\"dazuko-kmp-debug~2.3.4.4_2.6.25.20_0.6~42.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drbd-kmp-debug\", rpm:\"drbd-kmp-debug~8.2.6_2.6.25.20_0.6~0.2\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gspcav-kmp-debug\", rpm:\"gspcav-kmp-debug~01.00.20_2.6.25.20_0.6~1.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kmp-debug\", rpm:\"iscsitarget-kmp-debug~0.4.15_2.6.25.20_0.6~63.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ivtv-kmp-debug\", rpm:\"ivtv-kmp-debug~1.0.3_2.6.25.20_0.6~66.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.25.20~0.6\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kmp-debug\", rpm:\"kqemu-kmp-debug~1.3.0pre11_2.6.25.20_0.6~7.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nouveau-kmp-debug\", rpm:\"nouveau-kmp-debug~0.10.1.20081112_2.6.25.20_0.6~0.4\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kmp-debug-20080313\", rpm:\"omnibook-kmp-debug-20080313~2.6.25.20_0.6~1.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcc-acpi-kmp-debug\", rpm:\"pcc-acpi-kmp-debug~0.9_2.6.25.20_0.6~4.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pcfclock-kmp-debug\", rpm:\"pcfclock-kmp-debug~0.44_2.6.25.20_0.6~207.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tpctl-kmp-debug\", rpm:\"tpctl-kmp-debug~4.17_2.6.25.20_0.6~189.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"uvcvideo-kmp-debug-r200\", rpm:\"uvcvideo-kmp-debug-r200~2.6.25.20_0.6~2.4\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-ose-kmp-debug\", rpm:\"virtualbox-ose-kmp-debug~1.5.6_2.6.25.20_0.6~33.5\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vmware-kmp-debug\", rpm:\"vmware-kmp-debug~2008.04.14_2.6.25.20_0.6~21.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"wlan-ng-kmp-debug\", rpm:\"wlan-ng-kmp-debug~0.2.8_2.6.25.20_0.6~107.1\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:57", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:060.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "SuSE Security Advisory SUSE-SA:2009:060 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3726", "CVE-2009-2910", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-2903", "CVE-2005-4881", "CVE-2009-3286", "CVE-2009-3612"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066460", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066460", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_060.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:060 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The SUSE Linux Enterprise 11 and openSUSE 11.1 Kernel was updated to\n2.6.27.39 fixing various bugs and security issues.\n\nFor details, please visit the referenced security advisories.\n\nA complete list of changes can be found in the RPM changelog.\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:060\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:060.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66460\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2005-4881\", \"CVE-2009-2903\", \"CVE-2009-2910\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:060 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-debuginfo\", rpm:\"kernel-pae-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-debugsource\", rpm:\"kernel-pae-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source-debuginfo\", rpm:\"kernel-source-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-debuginfo\", rpm:\"kernel-trace-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-debugsource\", rpm:\"kernel-trace-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debugsource\", rpm:\"kernel-xen-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~2.6.3~3.13.66\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debugsource\", rpm:\"kernel-kdump-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-debuginfo\", rpm:\"kernel-ppc64-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-debugsource\", rpm:\"kernel-ppc64-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3-debuginfo\", rpm:\"kernel-ps3-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3-debugsource\", rpm:\"kernel-ps3-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64\", rpm:\"kernel-ppc64~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-base\", rpm:\"kernel-ppc64-base~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-extra\", rpm:\"kernel-ppc64-extra~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3\", rpm:\"kernel-ps3~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:03", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ext4dev-kmp-default\n ext4dev-kmp-pae\n ext4dev-kmp-vmi\n ext4dev-kmp-xen\n kernel-default\n kernel-default-base\n kernel-pae\n kernel-pae-base\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmi-base\n kernel-xen\n kernel-xen-base\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-12-03T00:00:00", "type": "openvas", "title": "SLES11: Security update for Linux kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3726", "CVE-2009-2910", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-2903", "CVE-2005-4881", "CVE-2009-3286", "CVE-2009-3612"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066352", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066352", "sourceData": "#\n#VID a3c4f0428e25dca1993e5018e76d6758\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ext4dev-kmp-default\n ext4dev-kmp-pae\n ext4dev-kmp-vmi\n ext4dev-kmp-xen\n kernel-default\n kernel-default-base\n kernel-pae\n kernel-pae-base\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmi-base\n kernel-xen\n kernel-xen-base\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=551348\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=549567\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=441062\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=547357\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=549751\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=556532\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=551942\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=544760\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=554122\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=547137\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=549751\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=540349\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=539878\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=548070\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=536467\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=548071\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=551142\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=544779\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=522790\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=548807\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=550648\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=519820\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=552775\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=531716\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=524222\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=528427\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=524683\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=552602\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=523487\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=547357\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=539010\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=472410\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=549748\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=542505\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=548101\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=541648\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=540997\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=556864\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=548074\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.66352\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-03 22:10:42 +0100 (Thu, 03 Dec 2009)\");\n script_cve_id(\"CVE-2009-3547\", \"CVE-2009-2910\", \"CVE-2009-2903\", \"CVE-2009-3621\", \"CVE-2009-3612\", \"CVE-2005-4881\", \"CVE-2009-3620\", \"CVE-2009-3726\", \"CVE-2009-3286\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES11: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-default\", rpm:\"ext4dev-kmp-default~0_2.6.27.39_0.3~7.1.22\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-pae\", rpm:\"ext4dev-kmp-pae~0_2.6.27.39_0.3~7.1.22\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-vmi\", rpm:\"ext4dev-kmp-vmi~0_2.6.27.39_0.3~7.1.22\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-xen\", rpm:\"ext4dev-kmp-xen~0_2.6.27.39_0.3~7.1.22\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmi\", rpm:\"kernel-vmi~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmi-base\", rpm:\"kernel-vmi-base~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:28", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ext4dev-kmp-default\n ext4dev-kmp-pae\n ext4dev-kmp-vmi\n ext4dev-kmp-xen\n kernel-default\n kernel-default-base\n kernel-pae\n kernel-pae-base\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmi-base\n kernel-xen\n kernel-xen-base\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-12-03T00:00:00", "type": "openvas", "title": "SLES11: Security update for Linux kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3726", "CVE-2009-2910", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-2903", "CVE-2005-4881", "CVE-2009-3286", "CVE-2009-3612"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66352", "href": "http://plugins.openvas.org/nasl.php?oid=66352", "sourceData": "#\n#VID a3c4f0428e25dca1993e5018e76d6758\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n ext4dev-kmp-default\n ext4dev-kmp-pae\n ext4dev-kmp-vmi\n ext4dev-kmp-xen\n kernel-default\n kernel-default-base\n kernel-pae\n kernel-pae-base\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmi-base\n kernel-xen\n kernel-xen-base\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=551348\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=549567\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=441062\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=547357\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=549751\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=556532\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=551942\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=544760\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=554122\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=547137\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=549751\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=540349\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=539878\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=548070\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=536467\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=548071\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=551142\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=544779\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=522790\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=548807\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=550648\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=519820\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=552775\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=531716\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=524222\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=528427\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=524683\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=552602\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=523487\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=547357\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=539010\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=472410\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=549748\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=542505\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=548101\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=541648\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=540997\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=556864\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=548074\");\n script_id(66352);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-03 22:10:42 +0100 (Thu, 03 Dec 2009)\");\n script_cve_id(\"CVE-2009-3547\", \"CVE-2009-2910\", \"CVE-2009-2903\", \"CVE-2009-3621\", \"CVE-2009-3612\", \"CVE-2005-4881\", \"CVE-2009-3620\", \"CVE-2009-3726\", \"CVE-2009-3286\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES11: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-default\", rpm:\"ext4dev-kmp-default~0_2.6.27.39_0.3~7.1.22\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-pae\", rpm:\"ext4dev-kmp-pae~0_2.6.27.39_0.3~7.1.22\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-vmi\", rpm:\"ext4dev-kmp-vmi~0_2.6.27.39_0.3~7.1.22\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"ext4dev-kmp-xen\", rpm:\"ext4dev-kmp-xen~0_2.6.27.39_0.3~7.1.22\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmi\", rpm:\"kernel-vmi~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmi-base\", rpm:\"kernel-vmi-base~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.39~0.3.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:26", "description": "The remote host is missing updates announced in\nadvisory SUSE-SA:2009:060.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "SuSE Security Advisory SUSE-SA:2009:060 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3726", "CVE-2009-2910", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-2903", "CVE-2005-4881", "CVE-2009-3286", "CVE-2009-3612"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:66460", "href": "http://plugins.openvas.org/nasl.php?oid=66460", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sa_2009_060.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SA:2009:060 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The SUSE Linux Enterprise 11 and openSUSE 11.1 Kernel was updated to\n2.6.27.39 fixing various bugs and security issues.\n\nFor details, please visit the referenced security advisories.\n\nA complete list of changes can be found in the RPM changelog.\";\ntag_solution = \"Update your system with the packages as indicated in\nthe referenced security advisory.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:060\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SA:2009:060.\";\n\n \n\nif(description)\n{\n script_id(66460);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2005-4881\", \"CVE-2009-2903\", \"CVE-2009-2910\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SuSE Security Advisory SUSE-SA:2009:060 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-debuginfo\", rpm:\"kernel-pae-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-debugsource\", rpm:\"kernel-pae-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source-debuginfo\", rpm:\"kernel-source-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-debuginfo\", rpm:\"kernel-trace-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-debugsource\", rpm:\"kernel-trace-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debugsource\", rpm:\"kernel-xen-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-extra\", rpm:\"kernel-debug-extra~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default-extra\", rpm:\"kernel-default-extra~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-pae-extra\", rpm:\"kernel-pae-extra~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-trace-extra\", rpm:\"kernel-trace-extra~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-extra\", rpm:\"kernel-xen-extra~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~2.6.3~3.13.66\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debugsource\", rpm:\"kernel-kdump-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-debuginfo\", rpm:\"kernel-ppc64-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-debugsource\", rpm:\"kernel-ppc64-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3-debuginfo\", rpm:\"kernel-ps3-debuginfo~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3-debugsource\", rpm:\"kernel-ps3-debugsource~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64\", rpm:\"kernel-ppc64~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-base\", rpm:\"kernel-ppc64-base~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ppc64-extra\", rpm:\"kernel-ppc64-extra~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-ps3\", rpm:\"kernel-ps3~2.6.27.39~0.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:01", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1550.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1550 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1895", "CVE-2009-1385", "CVE-2008-5029", "CVE-2009-3001", "CVE-2009-3547", "CVE-2008-5300", "CVE-2009-3002", "CVE-2009-1337", "CVE-2009-2848"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66217", "href": "http://plugins.openvas.org/nasl.php?oid=66217", "sourceData": "#CESA-2009:1550 66217 2\n# $Id: ovcesa2009_1550.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1550 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1550\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1550\nhttps://rhn.redhat.com/errata/RHSA-2009-1550.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1550.\";\n\n\n\nif(description)\n{\n script_id(66217);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2848\", \"CVE-2009-3002\", \"CVE-2009-3547\", \"CVE-2009-3001\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1550 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-unsupported\", rpm:\"kernel-hugemem-unsupported~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2009:1550 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1895", "CVE-2009-1385", "CVE-2008-5029", "CVE-2009-3001", "CVE-2009-3547", "CVE-2008-5300", "CVE-2009-3002", "CVE-2009-1337", "CVE-2009-2848"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880838", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880838", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:1550 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-November/016300.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880838\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2009:1550\");\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2848\", \"CVE-2009-3002\", \"CVE-2009-3547\", \"CVE-2009-3001\");\n script_name(\"CentOS Update for kernel CESA-2009:1550 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS3\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 3\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n Security fixes:\n\n * when fput() was called to close a socket, the __scm_destroy() function in\n the Linux kernel could make indirect recursive calls to itself. This could,\n potentially, lead to a denial of service issue. (CVE-2008-5029, Important)\n\n * the sendmsg() function in the Linux kernel did not block during UNIX\n socket garbage collection. This could, potentially, lead to a local denial\n of service. (CVE-2008-5300, Important)\n\n * the exit_notify() function in the Linux kernel did not properly reset the\n exit signal if a process executed a set user ID (setuid) application before\n exiting. This could allow a local, unprivileged user to elevate their\n privileges. (CVE-2009-1337, Important)\n\n * a flaw was found in the Intel PRO/1000 network driver in the Linux\n kernel. Frames with sizes near the MTU of an interface may be split across\n multiple hardware receive descriptors. Receipt of such a frame could leak\n through a validation check, leading to a corruption of the length check. A\n remote attacker could use this flaw to send a specially-crafted packet that\n would cause a denial of service or code execution. (CVE-2009-1385,\n Important)\n\n * the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a\n setuid or setgid program was executed. A local, unprivileged user could use\n this flaw to bypass the mmap_min_addr protection mechanism and perform a\n NULL pointer dereference attack, or bypass the Address Space Layout\n Randomization (ASLR) security feature. (CVE-2009-1895, Important)\n\n * it was discovered that, when executing a new process, the clear_child_tid\n pointer in the Linux kernel is not cleared. If this pointer points to a\n writable portion of the memory of the new program, the kernel could corrupt\n four bytes of memory, possibly leading to a local denial of service or\n privilege escalation. (CVE-2009-2848, Important)\n\n * missing initialization flaws were found in getname() implementations in\n the IrDA sockets, AppleTalk DDP protocol, NET/ROM protocol, and ROSE\n protocol implementations in the Linux kernel. Certain data structures in\n these getname() implementations were not initialized properly before being\n copied to user-space. These flaws could lead to an information leak.\n (CVE-2009-3002, Important)\n\n * a NULL pointer dereference flaw was found in each of the following\n functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and\n pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could\n be release ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-unsupported\", rpm:\"kernel-hugemem-unsupported~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-04-06T11:40:11", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1550.\n\nFor details on the issues addressed in this update, please visit\nthe referenced security advisories.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1550", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1895", "CVE-2009-1385", "CVE-2008-5029", "CVE-2009-3001", "CVE-2009-3547", "CVE-2008-5300", "CVE-2009-3002", "CVE-2009-1337", "CVE-2009-2848"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066178", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066178", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1550.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1550 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1550.\n\nFor details on the issues addressed in this update, please visit\nthe referenced security advisories.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66178\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2848\", \"CVE-2009-3002\", \"CVE-2009-3547\", \"CVE-2009-3001\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1550\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1550.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n script_xref(name : \"URL\" , value : \"http://kbase.redhat.com/faq/docs/DOC-17866\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-unsupported\", rpm:\"kernel-hugemem-unsupported~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:02", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1550.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1550 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1895", "CVE-2009-1385", "CVE-2008-5029", "CVE-2009-3001", "CVE-2009-3547", "CVE-2008-5300", "CVE-2009-3002", "CVE-2009-1337", "CVE-2009-2848"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066217", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066217", "sourceData": "#CESA-2009:1550 66217 2\n# $Id: ovcesa2009_1550.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1550 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1550\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1550\nhttps://rhn.redhat.com/errata/RHSA-2009-1550.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1550.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66217\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2848\", \"CVE-2009-3002\", \"CVE-2009-3547\", \"CVE-2009-3001\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1550 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-unsupported\", rpm:\"kernel-hugemem-unsupported~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:21", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2009:1550 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1895", "CVE-2009-1385", "CVE-2008-5029", "CVE-2009-3001", "CVE-2009-3547", "CVE-2008-5300", "CVE-2009-3002", "CVE-2009-1337", "CVE-2009-2848"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880838", "href": "http://plugins.openvas.org/nasl.php?oid=880838", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:1550 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n Security fixes:\n \n * when fput() was called to close a socket, the __scm_destroy() function in\n the Linux kernel could make indirect recursive calls to itself. This could,\n potentially, lead to a denial of service issue. (CVE-2008-5029, Important)\n \n * the sendmsg() function in the Linux kernel did not block during UNIX\n socket garbage collection. This could, potentially, lead to a local denial\n of service. (CVE-2008-5300, Important)\n \n * the exit_notify() function in the Linux kernel did not properly reset the\n exit signal if a process executed a set user ID (setuid) application before\n exiting. This could allow a local, unprivileged user to elevate their\n privileges. (CVE-2009-1337, Important)\n \n * a flaw was found in the Intel PRO/1000 network driver in the Linux\n kernel. Frames with sizes near the MTU of an interface may be split across\n multiple hardware receive descriptors. Receipt of such a frame could leak\n through a validation check, leading to a corruption of the length check. A\n remote attacker could use this flaw to send a specially-crafted packet that\n would cause a denial of service or code execution. (CVE-2009-1385,\n Important)\n \n * the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a\n setuid or setgid program was executed. A local, unprivileged user could use\n this flaw to bypass the mmap_min_addr protection mechanism and perform a\n NULL pointer dereference attack, or bypass the Address Space Layout\n Randomization (ASLR) security feature. (CVE-2009-1895, Important)\n \n * it was discovered that, when executing a new process, the clear_child_tid\n pointer in the Linux kernel is not cleared. If this pointer points to a\n writable portion of the memory of the new program, the kernel could corrupt\n four bytes of memory, possibly leading to a local denial of service or\n privilege escalation. (CVE-2009-2848, Important)\n \n * missing initialization flaws were found in getname() implementations in\n the IrDA sockets, AppleTalk DDP protocol, NET/ROM protocol, and ROSE\n protocol implementations in the Linux kernel. Certain data structures in\n these getname() implementations were not initialized properly before being\n copied to user-space. These flaws could lead to an information leak.\n (CVE-2009-3002, Important)\n \n * a NULL pointer dereference flaw was found in each of the following\n functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and\n pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could\n be release ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-November/016300.html\");\n script_id(880838);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2009:1550\");\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2848\", \"CVE-2009-3002\", \"CVE-2009-3547\", \"CVE-2009-3001\");\n script_name(\"CentOS Update for kernel CESA-2009:1550 centos3 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-unsupported\", rpm:\"kernel-hugemem-unsupported~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~63.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:40", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1550.\n\nFor details on the issues addressed in this update, please visit\nthe referenced security advisories.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1550", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1895", "CVE-2009-1385", "CVE-2008-5029", "CVE-2009-3001", "CVE-2009-3547", "CVE-2008-5300", "CVE-2009-3002", "CVE-2009-1337", "CVE-2009-2848"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:66178", "href": "http://plugins.openvas.org/nasl.php?oid=66178", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1550.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1550 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1550.\n\nFor details on the issues addressed in this update, please visit\nthe referenced security advisories.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(66178);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2008-5029\", \"CVE-2008-5300\", \"CVE-2009-1337\", \"CVE-2009-1385\", \"CVE-2009-1895\", \"CVE-2009-2848\", \"CVE-2009-3002\", \"CVE-2009-3547\", \"CVE-2009-3001\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1550\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1550.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n script_xref(name : \"URL\" , value : \"http://kbase.redhat.com/faq/docs/DOC-17866\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-unsupported\", rpm:\"kernel-hugemem-unsupported~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~63.EL\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:57:05", "description": "The remote host is missing an update to linux-2.6.24\nannounced via advisory DSA 1928-1.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1928-1 (linux-2.6.24)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3613", "CVE-2009-2846", "CVE-2009-3621", "CVE-2009-2910", "CVE-2009-3238", "CVE-2009-3001", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-3002", "CVE-2009-2908", "CVE-2009-2848", "CVE-2009-2903", "CVE-2009-2909", "CVE-2009-3228", "CVE-2009-3286", "CVE-2009-3612", "CVE-2009-2847", "CVE-2009-2849"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:66208", "href": "http://plugins.openvas.org/nasl.php?oid=66208", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1928_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1928-1 (linux-2.6.24)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege\nescalation. \n\nFor details on the issues addressed in this update, please visit\nthe referenced security advisories.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.6.24-6~etchnhalf.9etch1.\n\nWe recommend that you upgrade your linux-2.6.24 packages.\";\ntag_summary = \"The remote host is missing an update to linux-2.6.24\nannounced via advisory DSA 1928-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201928-1\";\n\n\nif(description)\n{\n script_id(66208);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-2846\", \"CVE-2009-2847\", \"CVE-2009-2848\", \"CVE-2009-2849\", \"CVE-2009-2903\", \"CVE-2009-2908\", \"CVE-2009-2909\", \"CVE-2009-2910\", \"CVE-2009-3001\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3238\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"Debian Security Advisory DSA 1928-1 (linux-2.6.24)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.24\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.24\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.24\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.24\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.24-etchnhalf.1\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.24\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-alpha\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-legacy\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-generic\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-legacy\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-common\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-generic\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-smp\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-smp\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-amd64\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-amd64\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-amd64\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc64\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc-smp\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc64-smp\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc64-smp\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-hppa\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc-smp\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc64\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-486\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-686-bigmem\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-686\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-i386\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-686\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-686-bigmem\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-486\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-mckinley\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-ia64\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-mckinley\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-itanium\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-itanium\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-r5k-cobalt\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-5kc-malta\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-4kc-malta\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-4kc-malta\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-mipsel\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-5kc-malta\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:12", "description": "The remote host is missing an update to linux-2.6.24\nannounced via advisory DSA 1928-1.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1928-1 (linux-2.6.24)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3613", "CVE-2009-2846", "CVE-2009-3621", "CVE-2009-2910", "CVE-2009-3238", "CVE-2009-3001", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-3002", "CVE-2009-2908", "CVE-2009-2848", "CVE-2009-2903", "CVE-2009-2909", "CVE-2009-3228", "CVE-2009-3286", "CVE-2009-3612", "CVE-2009-2847", "CVE-2009-2849"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066208", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066208", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1928_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1928-1 (linux-2.6.24)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege\nescalation. \n\nFor details on the issues addressed in this update, please visit\nthe referenced security advisories.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.6.24-6~etchnhalf.9etch1.\n\nWe recommend that you upgrade your linux-2.6.24 packages.\";\ntag_summary = \"The remote host is missing an update to linux-2.6.24\nannounced via advisory DSA 1928-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201928-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66208\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-2846\", \"CVE-2009-2847\", \"CVE-2009-2848\", \"CVE-2009-2849\", \"CVE-2009-2903\", \"CVE-2009-2908\", \"CVE-2009-2909\", \"CVE-2009-2910\", \"CVE-2009-3001\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3238\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"Debian Security Advisory DSA 1928-1 (linux-2.6.24)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.24\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.24\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.24\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.24\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.24-etchnhalf.1\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.24\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-alpha\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-legacy\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-generic\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-legacy\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-common\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-generic\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-smp\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-smp\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-amd64\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-amd64\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-amd64\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc64\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc-smp\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc64-smp\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc64-smp\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-hppa\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc-smp\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc64\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-486\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-686-bigmem\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-686\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-i386\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-686\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-686-bigmem\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-486\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-mckinley\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-ia64\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-mckinley\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-itanium\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-itanium\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-r5k-cobalt\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-5kc-malta\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-4kc-malta\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-4kc-malta\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-mipsel\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-5kc-malta\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b\", ver:\"2.6.24-6~etchnhalf.9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:49", "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1915-1.", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1915-1 (linux-2.6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3613", "CVE-2009-2910", "CVE-2009-3001", "CVE-2009-3290", "CVE-2009-3002", "CVE-2009-2908", "CVE-2009-2903", "CVE-2009-2909", "CVE-2009-3286", "CVE-2009-2695"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066098", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066098", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1915_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1915-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege escalation.\nFor details, please visit the referenced security advisories.\";\ntag_summary = \"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1915-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201915-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66098\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-2695\", \"CVE-2009-2903\", \"CVE-2009-2908\", \"CVE-2009-2909\", \"CVE-2009-2910\", \"CVE-2009-3001\", \"CVE-2009-3002\", \"CVE-2009-3286\", \"CVE-2009-3290\", \"CVE-2009-3613\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Debian Security Advisory DSA 1915-1 (linux-2.6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.26\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.26\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.26\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.26-2\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.26\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.26\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-legacy\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-generic\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-generic\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-legacy\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-alpha\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-vserver\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-openvz\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-xen\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-ixp4xx\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-arm\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-footbridge\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-ixp4xx\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-footbridge\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-iop32x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-orion5x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-iop32x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-orion5x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-versatile\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-armel\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-versatile\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-hppa\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-486\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686-bigmem\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-486\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-i386\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686-bigmem\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-itanium\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-itanium\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-itanium\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-mckinley\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-ia64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-mckinley\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-itanium\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r5k-ip32\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-mips\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r5k-ip32\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-4kc-malta\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-5kc-malta\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-5kc-malta\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r4k-ip22\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-4kc-malta\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r4k-ip22\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-mipsel\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-powerpc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390-tape\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-s390x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-s390\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-s390x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-sparc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:56", "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1915-1.", "cvss3": {}, "published": "2009-10-27T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1915-1 (linux-2.6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3613", "CVE-2009-2910", "CVE-2009-3001", "CVE-2009-3290", "CVE-2009-3002", "CVE-2009-2908", "CVE-2009-2903", "CVE-2009-2909", "CVE-2009-3286", "CVE-2009-2695"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:66098", "href": "http://plugins.openvas.org/nasl.php?oid=66098", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1915_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1915-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege escalation.\nFor details, please visit the referenced security advisories.\";\ntag_summary = \"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1915-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201915-1\";\n\n\nif(description)\n{\n script_id(66098);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)\");\n script_cve_id(\"CVE-2009-2695\", \"CVE-2009-2903\", \"CVE-2009-2908\", \"CVE-2009-2909\", \"CVE-2009-2910\", \"CVE-2009-3001\", \"CVE-2009-3002\", \"CVE-2009-3286\", \"CVE-2009-3290\", \"CVE-2009-3613\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Debian Security Advisory DSA 1915-1 (linux-2.6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.26\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.26\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.26\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.26-2\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.26\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.26\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-legacy\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-generic\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-generic\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-legacy\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-alpha\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-vserver\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-openvz\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-xen\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-amd64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-ixp4xx\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-arm\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-footbridge\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-ixp4xx\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-footbridge\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-iop32x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-orion5x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-iop32x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-orion5x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-versatile\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-armel\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-versatile\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-hppa\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-486\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686-bigmem\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-486\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-i386\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-686\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686-bigmem\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-itanium\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-itanium\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-itanium\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-mckinley\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-ia64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-mckinley\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-itanium\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r5k-ip32\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-mips\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r5k-ip32\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-4kc-malta\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-5kc-malta\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-5kc-malta\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r4k-ip22\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-4kc-malta\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r4k-ip22\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-mipsel\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-powerpc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390-tape\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-s390x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-s390\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-s390x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390x\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-sparc\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64-smp\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64\", ver:\"2.6.26-19lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:57:02", "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1929-1.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1929-1 (linux-2.6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-1883", "CVE-2009-3238", "CVE-2009-3001", "CVE-2009-3547", "CVE-2009-3002", "CVE-2009-2909", "CVE-2009-3228", "CVE-2009-3286", "CVE-2009-3612"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:66209", "href": "http://plugins.openvas.org/nasl.php?oid=66209", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1929_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1929-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege\nescalation. \n\nFor details on the issues addressed in this update, please visit\nthe referenced security advisories.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-26etch1.\";\ntag_summary = \"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1929-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201929-1\";\n\n\nif(description)\n{\n script_id(66209);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-1883\", \"CVE-2009-2909\", \"CVE-2009-3001\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3238\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3621\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"Debian Security Advisory DSA 1929-1 (linux-2.6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.18-6\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.18\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.18\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.18\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.18\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.18\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-alpha\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-legacy\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-generic\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-alpha\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-alpha\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-legacy\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-generic\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc64-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc64-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-hppa\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-686-bigmem\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-686-bigmem\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-i386\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-486\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-k7\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-k7\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-k7\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-486\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-k7\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-ia64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-mckinley\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-itanium\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-itanium\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-mckinley\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-powerpc\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-powerpc64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc-miboot\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-powerpc\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-prep\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-powerpc64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc-miboot\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-powerpc\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-prep\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-s390\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-s390x\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-s390x\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-s390\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390x\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-s390x\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390-tape\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-04-06T11:40:02", "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1929-1.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1929-1 (linux-2.6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-1883", "CVE-2009-3238", "CVE-2009-3001", "CVE-2009-3547", "CVE-2009-3002", "CVE-2009-2909", "CVE-2009-3228", "CVE-2009-3286", "CVE-2009-3612"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066209", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066209", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1929_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1929-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, sensitive memory leak or privilege\nescalation. \n\nFor details on the issues addressed in this update, please visit\nthe referenced security advisories.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-26etch1.\";\ntag_summary = \"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1929-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201929-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66209\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-1883\", \"CVE-2009-2909\", \"CVE-2009-3001\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3238\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3621\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"Debian Security Advisory DSA 1929-1 (linux-2.6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.18-6\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.18\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.18\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.18\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.18\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.18\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-alpha\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-legacy\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-generic\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-alpha\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-alpha\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-legacy\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-generic\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc64-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc64-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-hppa\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-686-bigmem\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-686-bigmem\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-i386\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-486\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-k7\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-k7\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-k7\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-486\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-k7\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-ia64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-mckinley\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-itanium\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-itanium\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-mckinley\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-powerpc\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-powerpc64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc-miboot\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-powerpc\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-prep\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-powerpc64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc-miboot\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-powerpc\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc64\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-prep\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc-smp\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-s390\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-s390x\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-s390x\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-s390\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390x\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-s390x\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390-tape\", ver:\"2.6.18.dfsg.1-26etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-04-06T11:38:49", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1541.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(), and\npipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could\nbe released by other processes before it is used to update the pipe's\nreader and writer counters. This could lead to a local denial of service or\nprivilege escalation. (CVE-2009-3547, Important)\n\nUsers should upgrade to these updated packages, which contain a backported\npatch to correct these issues. The system must be rebooted for this update\nto take effect.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1541", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3547"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066175", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066175", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1541.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1541 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1541.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(), and\npipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could\nbe released by other processes before it is used to update the pipe's\nreader and writer counters. This could lead to a local denial of service or\nprivilege escalation. (CVE-2009-3547, Important)\n\nUsers should upgrade to these updated packages, which contain a backported\npatch to correct these issues. The system must be rebooted for this update\nto take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66175\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-3547\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1541\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1541.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:36", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1541.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1541 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3547"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066218", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066218", "sourceData": "#CESA-2009:1541 66218 2\n# $Id: ovcesa2009_1541.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1541 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1541\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1541\nhttps://rhn.redhat.com/errata/RHSA-2009-1541.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1541.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66218\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-3547\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1541 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:12", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1541.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(), and\npipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could\nbe released by other processes before it is used to update the pipe's\nreader and writer counters. This could lead to a local denial of service or\nprivilege escalation. (CVE-2009-3547, Important)\n\nUsers should upgrade to these updated packages, which contain a backported\npatch to correct these issues. The system must be rebooted for this update\nto take effect.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1541", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3547"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:66175", "href": "http://plugins.openvas.org/nasl.php?oid=66175", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1541.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1541 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1541.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(), and\npipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could\nbe released by other processes before it is used to update the pipe's\nreader and writer counters. This could lead to a local denial of service or\nprivilege escalation. (CVE-2009-3547, Important)\n\nUsers should upgrade to these updated packages, which contain a backported\npatch to correct these issues. The system must be rebooted for this update\nto take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(66175);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-3547\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1541\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1541.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.16.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:44", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2009:1541 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3547"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880808", "href": "http://plugins.openvas.org/nasl.php?oid=880808", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:1541 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n \n * a NULL pointer dereference flaw was found in each of the following\n functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and\n pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could\n be released by other processes before it is used to update the pipe's\n reader and writer counters. This could lead to a local denial of service or\n privilege escalation. (CVE-2009-3547, Important)\n \n Users should upgrade to these updated packages, which contain a backported\n patch to correct these issues. The system must be rebooted for this update\n to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-November/016302.html\");\n script_id(880808);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2009:1541\");\n script_cve_id(\"CVE-2009-3547\");\n script_name(\"CentOS Update for kernel CESA-2009:1541 centos4 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2009:1541 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3547"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880808", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880808", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:1541 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-November/016302.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880808\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2009:1541\");\n script_cve_id(\"CVE-2009-3547\");\n script_name(\"CentOS Update for kernel CESA-2009:1541 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 4\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * a NULL pointer dereference flaw was found in each of the following\n functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and\n pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could\n be released by other processes before it is used to update the pipe's\n reader and writer counters. This could lead to a local denial of service or\n privilege escalation. (CVE-2009-3547, Important)\n\n Users should upgrade to these updated packages, which contain a backported\n patch to correct these issues. The system must be rebooted for this update\n to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:57:13", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1541.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1541 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3547"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66218", "href": "http://plugins.openvas.org/nasl.php?oid=66218", "sourceData": "#CESA-2009:1541 66218 2\n# $Id: ovcesa2009_1541.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1541 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1541\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1541\nhttps://rhn.redhat.com/errata/RHSA-2009-1541.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1541.\";\n\n\n\nif(description)\n{\n script_id(66218);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-3547\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1541 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.0.16.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:29", "description": "The remote host is missing updates to the Linux kernel announced in\nadvisory RHSA-2009:1106.\n\nSecurity fixes:\n\n* several flaws were found in the way the Linux kernel CIFS implementation\nhandles Unicode strings. CIFS clients convert Unicode strings sent by a\nserver to their local character sets, and then write those strings into\nmemory. If a malicious server sent a long enough string, it could write\npast the end of the target memory region and corrupt other memory areas,\npossibly leading to a denial of service or privilege escalation on the\nclient mounting the CIFS share. (CVE-2009-1439, CVE-2009-1633, Important)\n\n* the Linux kernel Network File System daemon (nfsd) implementation did not\ndrop the CAP_MKNOD capability when handling requests from local,\nunprivileged users. This flaw could possibly lead to an information leak or\nprivilege escalation. (CVE-2009-1072, Moderate)\n\n* Frank Filz reported the NFSv4 client was missing a file permission check\nfor the execute bit in some situations. This could allow local,\nunprivileged users to run non-executable files on NFSv4 mounted file\nsystems. (CVE-2009-1630, Moderate)\n\n* a missing check was found in the hypervisor_callback() function in the\nLinux kernel provided by the kernel-xen package. This could cause a denial\nof service of a 32-bit guest if an application running in that guest\naccesses a certain memory location in the kernel. (CVE-2009-1758, Moderate)\n\n* a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and\nagp_generic_alloc_pages() functions did not zero out the memory pages they\nallocate, which may later be available to user-space processes. This flaw\ncould possibly lead to an information leak. (CVE-2009-1192, Low)\n\nFor further information on bug fixes also addressed in this\nupdate, please visit the referenced advisories.", "cvss3": {}, "published": "2009-06-23T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1106", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1758", "CVE-2009-1072", "CVE-2009-1192", "CVE-2009-1633", "CVE-2009-1439", "CVE-2009-1630"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064213", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064213", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1106.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1106 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to the Linux kernel announced in\nadvisory RHSA-2009:1106.\n\nSecurity fixes:\n\n* several flaws were found in the way the Linux kernel CIFS implementation\nhandles Unicode strings. CIFS clients convert Unicode strings sent by a\nserver to their local character sets, and then write those strings into\nmemory. If a malicious server sent a long enough string, it could write\npast the end of the target memory region and corrupt other memory areas,\npossibly leading to a denial of service or privilege escalation on the\nclient mounting the CIFS share. (CVE-2009-1439, CVE-2009-1633, Important)\n\n* the Linux kernel Network File System daemon (nfsd) implementation did not\ndrop the CAP_MKNOD capability when handling requests from local,\nunprivileged users. This flaw could possibly lead to an information leak or\nprivilege escalation. (CVE-2009-1072, Moderate)\n\n* Frank Filz reported the NFSv4 client was missing a file permission check\nfor the execute bit in some situations. This could allow local,\nunprivileged users to run non-executable files on NFSv4 mounted file\nsystems. (CVE-2009-1630, Moderate)\n\n* a missing check was found in the hypervisor_callback() function in the\nLinux kernel provided by the kernel-xen package. This could cause a denial\nof service of a 32-bit guest if an application running in that guest\naccesses a certain memory location in the kernel. (CVE-2009-1758, Moderate)\n\n* a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and\nagp_generic_alloc_pages() functions did not zero out the memory pages they\nallocate, which may later be available to user-space processes. This flaw\ncould possibly lead to an information leak. (CVE-2009-1192, Low)\n\nFor further information on bug fixes also addressed in this\nupdate, please visit the referenced advisories.\";\n\ntag_solution = \"Users should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\nPlease note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64213\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2009-1072\", \"CVE-2009-1192\", \"CVE-2009-1439\", \"CVE-2009-1630\", \"CVE-2009-1633\", \"CVE-2009-1758\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1106\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1106.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-devel\", rpm:\"kernel-kdump-devel~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:45", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2009:1106 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1758", "CVE-2009-1072", "CVE-2009-1192", "CVE-2009-1633", "CVE-2009-1439", "CVE-2009-1630"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880750", "href": "http://plugins.openvas.org/nasl.php?oid=880750", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:1106 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n Security fixes:\n \n * several flaws were found in the way the Linux kernel CIFS implementation\n handles Unicode strings. CIFS clients convert Unicode strings sent by a\n server to their local character sets, and then write those strings into\n memory. If a malicious server sent a long enough string, it could write\n past the end of the target memory region and corrupt other memory areas,\n possibly leading to a denial of service or privilege escalation on the\n client mounting the CIFS share. (CVE-2009-1439, CVE-2009-1633, Important)\n \n * the Linux kernel Network File System daemon (nfsd) implementation did not\n drop the CAP_MKNOD capability when handling requests from local,\n unprivileged users. This flaw could possibly lead to an information leak or\n privilege escalation. (CVE-2009-1072, Moderate)\n \n * Frank Filz reported the NFSv4 client was missing a file permission check\n for the execute bit in some situations. This could allow local,\n unprivileged users to run non-executable files on NFSv4 mounted file\n systems. (CVE-2009-1630, Moderate)\n \n * a missing check was found in the hypervisor_callback() function in the\n Linux kernel provided by the kernel-xen package. This could cause a denial\n of service of a 32-bit guest if an application running in that guest\n accesses a certain memory location in the kernel. (CVE-2009-1758, Moderate)\n \n * a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and\n agp_generic_alloc_pages() functions did not zero out the memory pages they\n allocate, which may later be available to user-space processes. This flaw\n could possibly lead to an information leak. (CVE-2009-1192, Low)\n \n Bug fixes:\n \n * a race in the NFS client between destroying cached access rights and\n unmounting an NFS file system could have caused a system crash. "Busy\n inodes" messages may have been logged. (BZ#498653)\n \n * nanosleep() could sleep several milliseconds less than the specified time\n on Intel Itanium-based systems. (BZ#500349)\n \n * LEDs for disk drives in AHCI mode may have displayed a fault state when\n there were no faults. (BZ#500120)\n \n * ptrace_do_wait() reported tasks were stopped each time the process doing\n the trace called wait(), instead of reporting it once. (BZ#486945)\n \n * epoll_wait() may have caused a system lockup and problems for\n applications. (BZ#497322)\n \n * missing capabilities could possibly allow users with an fsuid other than\n 0 to perform actions on some file system types that would otherwise be\n pr ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-June/015975.html\");\n script_id(880750);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2009:1106\");\n script_cve_id(\"CVE-2009-1072\", \"CVE-2009-1192\", \"CVE-2009-1439\", \"CVE-2009-1630\", \"CVE-2009-1633\", \"CVE-2009-1758\");\n script_name(\"CentOS Update for kernel CESA-2009:1106 centos5 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:55:43", "description": "The remote host is missing updates to the Linux kernel announced in\nadvisory RHSA-2009:1106.\n\nSecurity fixes:\n\n* several flaws were found in the way the Linux kernel CIFS implementation\nhandles Unicode strings. CIFS clients convert Unicode strings sent by a\nserver to their local character sets, and then write those strings into\nmemory. If a malicious server sent a long enough string, it could write\npast the end of the target memory region and corrupt other memory areas,\npossibly leading to a denial of service or privilege escalation on the\nclient mounting the CIFS share. (CVE-2009-1439, CVE-2009-1633, Important)\n\n* the Linux kernel Network File System daemon (nfsd) implementation did not\ndrop the CAP_MKNOD capability when handling requests from local,\nunprivileged users. This flaw could possibly lead to an information leak or\nprivilege escalation. (CVE-2009-1072, Moderate)\n\n* Frank Filz reported the NFSv4 client was missing a file permission check\nfor the execute bit in some situations. This could allow local,\nunprivileged users to run non-executable files on NFSv4 mounted file\nsystems. (CVE-2009-1630, Moderate)\n\n* a missing check was found in the hypervisor_callback() function in the\nLinux kernel provided by the kernel-xen package. This could cause a denial\nof service of a 32-bit guest if an application running in that guest\naccesses a certain memory location in the kernel. (CVE-2009-1758, Moderate)\n\n* a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and\nagp_generic_alloc_pages() functions did not zero out the memory pages they\nallocate, which may later be available to user-space processes. This flaw\ncould possibly lead to an information leak. (CVE-2009-1192, Low)\n\nFor further information on bug fixes also addressed in this\nupdate, please visit the referenced advisories.", "cvss3": {}, "published": "2009-06-23T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1106", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1758", "CVE-2009-1072", "CVE-2009-1192", "CVE-2009-1633", "CVE-2009-1439", "CVE-2009-1630"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:64213", "href": "http://plugins.openvas.org/nasl.php?oid=64213", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1106.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1106 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to the Linux kernel announced in\nadvisory RHSA-2009:1106.\n\nSecurity fixes:\n\n* several flaws were found in the way the Linux kernel CIFS implementation\nhandles Unicode strings. CIFS clients convert Unicode strings sent by a\nserver to their local character sets, and then write those strings into\nmemory. If a malicious server sent a long enough string, it could write\npast the end of the target memory region and corrupt other memory areas,\npossibly leading to a denial of service or privilege escalation on the\nclient mounting the CIFS share. (CVE-2009-1439, CVE-2009-1633, Important)\n\n* the Linux kernel Network File System daemon (nfsd) implementation did not\ndrop the CAP_MKNOD capability when handling requests from local,\nunprivileged users. This flaw could possibly lead to an information leak or\nprivilege escalation. (CVE-2009-1072, Moderate)\n\n* Frank Filz reported the NFSv4 client was missing a file permission check\nfor the execute bit in some situations. This could allow local,\nunprivileged users to run non-executable files on NFSv4 mounted file\nsystems. (CVE-2009-1630, Moderate)\n\n* a missing check was found in the hypervisor_callback() function in the\nLinux kernel provided by the kernel-xen package. This could cause a denial\nof service of a 32-bit guest if an application running in that guest\naccesses a certain memory location in the kernel. (CVE-2009-1758, Moderate)\n\n* a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and\nagp_generic_alloc_pages() functions did not zero out the memory pages they\nallocate, which may later be available to user-space processes. This flaw\ncould possibly lead to an information leak. (CVE-2009-1192, Low)\n\nFor further information on bug fixes also addressed in this\nupdate, please visit the referenced advisories.\";\n\ntag_solution = \"Users should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\nPlease note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\nif(description)\n{\n script_id(64213);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2009-1072\", \"CVE-2009-1192\", \"CVE-2009-1439\", \"CVE-2009-1630\", \"CVE-2009-1633\", \"CVE-2009-1758\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1106\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1106.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-devel\", rpm:\"kernel-kdump-devel~2.6.18~128.1.14.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:14", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1106.", "cvss3": {}, "published": "2009-06-23T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1106 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1758", "CVE-2009-1072", "CVE-2009-1192", "CVE-2009-1633", "CVE-2009-1439", "CVE-2009-1630"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64270", "href": "http://plugins.openvas.org/nasl.php?oid=64270", "sourceData": "#CESA-2009:1106 64270 2\n# $Id: ovcesa2009_1106.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1106 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1106\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1106\nhttps://rhn.redhat.com/errata/RHSA-2009-1106.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1106.\";\n\n\n\nif(description)\n{\n script_id(64270);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2009-1072\", \"CVE-2009-1192\", \"CVE-2009-1439\", \"CVE-2009-1630\", \"CVE-2009-1633\", \"CVE-2009-1758\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1106 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2009:1106 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1758", "CVE-2009-1072", "CVE-2009-1192", "CVE-2009-1633", "CVE-2009-1439", "CVE-2009-1630"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880750", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880750", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:1106 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-June/015975.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880750\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2009:1106\");\n script_cve_id(\"CVE-2009-1072\", \"CVE-2009-1192\", \"CVE-2009-1439\", \"CVE-2009-1630\", \"CVE-2009-1633\", \"CVE-2009-1758\");\n script_name(\"CentOS Update for kernel CESA-2009:1106 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 5\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n Security fixes:\n\n * several flaws were found in the way the Linux kernel CIFS implementation\n handles Unicode strings. CIFS clients convert Unicode strings sent by a\n server to their local character sets, and then write those strings into\n memory. If a malicious server sent a long enough string, it could write\n past the end of the target memory region and corrupt other memory areas,\n possibly leading to a denial of service or privilege escalation on the\n client mounting the CIFS share. (CVE-2009-1439, CVE-2009-1633, Important)\n\n * the Linux kernel Network File System daemon (nfsd) implementation did not\n drop the CAP_MKNOD capability when handling requests from local,\n unprivileged users. This flaw could possibly lead to an information leak or\n privilege escalation. (CVE-2009-1072, Moderate)\n\n * Frank Filz reported the NFSv4 client was missing a file permission check\n for the execute bit in some situations. This could allow local,\n unprivileged users to run non-executable files on NFSv4 mounted file\n systems. (CVE-2009-1630, Moderate)\n\n * a missing check was found in the hypervisor_callback() function in the\n Linux kernel provided by the kernel-xen package. This could cause a denial\n of service of a 32-bit guest if an application running in that guest\n accesses a certain memory location in the kernel. (CVE-2009-1758, Moderate)\n\n * a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and\n agp_generic_alloc_pages() functions did not zero out the memory pages they\n allocate, which may later be available to user-space processes. This flaw\n could possibly lead to an information leak. (CVE-2009-1192, Low)\n\n Bug fixes:\n\n * a race in the NFS client between destroying cached access rights and\n unmounting an NFS file system could have caused a system crash. 'Busy\n inodes' messages may have been logged. (BZ#498653)\n\n * nanosleep() could sleep several milliseconds less than the specified time\n on Intel Itanium-based systems. (BZ#500349)\n\n * LEDs for disk drives in AHCI mode may have displayed a fault state when\n there were no faults. (BZ#500120)\n\n * ptrace_do_wait() reported tasks were stopped each time the process doing\n the trace called wait(), instead of reporting it once. (BZ#486945)\n\n * epoll_wait() may have caused a system lockup and problems for\n applications. (BZ#497322)\n\n * missing capabilities could possibly allow users with an fsuid other than\n 0 to perform actions on some file system types that would otherwise be\n pr ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-04-06T11:40:42", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1106.", "cvss3": {}, "published": "2009-06-23T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1106 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1758", "CVE-2009-1072", "CVE-2009-1192", "CVE-2009-1633", "CVE-2009-1439", "CVE-2009-1630"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064270", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064270", "sourceData": "#CESA-2009:1106 64270 2\n# $Id: ovcesa2009_1106.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1106 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1106\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1106\nhttps://rhn.redhat.com/errata/RHSA-2009-1106.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1106.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64270\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2009-1072\", \"CVE-2009-1192\", \"CVE-2009-1439\", \"CVE-2009-1630\", \"CVE-2009-1633\", \"CVE-2009-1758\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1106 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~128.1.14.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:11", "description": "The remote host is missing an update to kernel\nannounced via advisory FEDORA-2009-10639.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-10639 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3290", "CVE-2009-2908", "CVE-2009-2903", "CVE-2009-2909", "CVE-2009-3612", "CVE-2009-2847"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066133", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066133", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_10639.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-10639 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update to kernel 2.6.30.9. Upstream change logs:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.9\nAlso fixes:\n- Kernel stack randomization bug\n- NULL dereference in r128 driver\n- ftrace memory corruption on module unload\n- boot hanging on some systems\n- some latency problems caused by scheduler bugs\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kernel' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10639\";\ntag_summary = \"The remote host is missing an update to kernel\nannounced via advisory FEDORA-2009-10639.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66133\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-3612\", \"CVE-2009-2909\", \"CVE-2009-2908\", \"CVE-2009-2903\", \"CVE-2009-3290\", \"CVE-2009-2847\", \"CVE-2009-2910\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-10639 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=524124\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=528868\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=522331\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=527534\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=528887\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=526788\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~i586~2.6.30.9\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug\", rpm:\"kernel-PAEdebug~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-devel\", rpm:\"kernel-PAEdebug-devel~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~i686~2.6.30.9\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-debuginfo\", rpm:\"kernel-PAEdebug-debuginfo~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-bootwrapper\", rpm:\"kernel-bootwrapper~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~ppc~2.6.30.9\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-debuginfo\", rpm:\"kernel-smp-debuginfo~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~ppc64~2.6.30.9\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~x86_64~2.6.30.9\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:43", "description": "The remote host is missing an update to kernel\nannounced via advisory FEDORA-2009-10639.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-10639 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3290", "CVE-2009-2908", "CVE-2009-2903", "CVE-2009-2909", "CVE-2009-3612", "CVE-2009-2847"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66133", "href": "http://plugins.openvas.org/nasl.php?oid=66133", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_10639.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-10639 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update to kernel 2.6.30.9. Upstream change logs:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.9\nAlso fixes:\n- Kernel stack randomization bug\n- NULL dereference in r128 driver\n- ftrace memory corruption on module unload\n- boot hanging on some systems\n- some latency problems caused by scheduler bugs\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kernel' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10639\";\ntag_summary = \"The remote host is missing an update to kernel\nannounced via advisory FEDORA-2009-10639.\";\n\n\n\nif(description)\n{\n script_id(66133);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-3612\", \"CVE-2009-2909\", \"CVE-2009-2908\", \"CVE-2009-2903\", \"CVE-2009-3290\", \"CVE-2009-2847\", \"CVE-2009-2910\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-10639 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=524124\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=528868\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=522331\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=527534\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=528887\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=526788\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~i586~2.6.30.9\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug\", rpm:\"kernel-PAEdebug~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-devel\", rpm:\"kernel-PAEdebug-devel~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~i686~2.6.30.9\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-debuginfo\", rpm:\"kernel-PAEdebug-debuginfo~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-bootwrapper\", rpm:\"kernel-bootwrapper~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~ppc~2.6.30.9\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-debuginfo\", rpm:\"kernel-smp-debuginfo~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~ppc64~2.6.30.9\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~x86_64~2.6.30.9\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.30.9~90.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:51", "description": "The remote host is missing an update to kernel\nannounced via advisory MDVSA-2009:301.", "cvss3": {}, "published": "2009-11-23T00:00:00", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:301 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3726", "CVE-2009-3638", "CVE-2009-3547", "CVE-2009-2903", "CVE-2005-4881", "CVE-2009-3612"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066289", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066289", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_301.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:301 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Some vulnerabilities were discovered and corrected in the Linux\n2.6 kernel:\n\nMemory leak in the appletalk subsystem in the Linux kernel 2.4.x\nthrough 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and\nipddp modules are loaded but the ipddpN device is not found, allows\nremote attackers to cause a denial of service (memory consumption)\nvia IP-DDP datagrams. (CVE-2009-2903)\n\nMultiple race conditions in fs/pipe.c in the Linux kernel before\n2.6.32-rc6 allow local users to cause a denial of service (NULL pointer\ndereference and system crash) or gain privileges by attempting to\nopen an anonymous pipe via a /proc/*/fd/ pathname. (CVE-2009-3547)\n\nThe tcf_fill_node function in net/sched/cls_api.c in the netlink\nsubsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6\nand earlier, does not initialize a certain tcm__pad2 structure member,\nwhich might allow local users to obtain sensitive information from\nkernel memory via unspecified vectors. NOTE: this issue exists\nbecause of an incomplete fix for CVE-2005-4881. (CVE-2009-3612)\n\nnet/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows\nlocal users to cause a denial of service (system hang) by creating an\nabstract-namespace AF_UNIX listening socket, performing a shutdown\noperation on this socket, and then performing a series of connect\noperations to this socket. (CVE-2009-3621)\n\nInteger overflow in the kvm_dev_ioctl_get_supported_cpuid function\nin arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel\nbefore 2.6.31.4 allows local users to have an unspecified impact\nvia a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl\nfunction. (CVE-2009-3638)\n\nThe nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in\nthe Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause\na denial of service (NULL pointer dereference and panic) by sending a\ncertain response containing incorrect file attributes, which trigger\nattempted use of an open file that lacks NFSv4 state. (CVE-2009-3726)\n\nAdditionally, it includes the fixes from the stable kernel version\n2.6.27.39. It also fixes issues with the bnx2 module in which the\nmachine could become unresponsive. For details, see the package\nchangelog.\n\nTo update your kernel, please follow the directions located at:\n\nhttp://www.mandriva.com/en/security/kernelupdate\n\nAffected: Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:301\";\ntag_summary = \"The remote host is missing an update to kernel\nannounced via advisory MDVSA-2009:301.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66289\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-23 20:51:51 +0100 (Mon, 23 Nov 2009)\");\n script_cve_id(\"CVE-2009-2903\", \"CVE-2009-3547\", \"CVE-2005-4881\", \"CVE-2009-3612\", \"CVE-2009-3621\", \"CVE-2009-3638\", \"CVE-2009-3726\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:301 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"drm-experimental-kernel-2.6.27.39-desktop-1mnb\", rpm:\"drm-experimental-kernel-2.6.27.39-desktop-1mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drm-experimental-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"drm-experimental-kernel-2.6.27.39-desktop586-1mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drm-experimental-kernel-2.6.27.39-server-1mnb\", rpm:\"drm-experimental-kernel-2.6.27.39-server-1mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop586-latest\", rpm:\"drm-experimental-kernel-desktop586-latest~2.3.0~1.20091119.2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop-latest\", rpm:\"drm-experimental-kernel-desktop-latest~2.3.0~1.20091119.2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drm-experimental-kernel-server-latest\", rpm:\"drm-experimental-kernel-server-latest~2.3.0~1.20091119.2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fglrx-kernel-2.6.27.39-desktop-1mnb\", rpm:\"fglrx-kernel-2.6.27.39-desktop-1mnb~8.522~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fglrx-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"fglrx-kernel-2.6.27.39-desktop586-1mnb~8.522~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fglrx-kernel-2.6.27.39-server-1mnb\", rpm:\"fglrx-kernel-2.6.27.39-server-1mnb~8.522~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop586-latest\", rpm:\"fglrx-kernel-desktop586-latest~8.522~1.20091119.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop-latest\", rpm:\"fglrx-kernel-desktop-latest~8.522~1.20091119.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fglrx-kernel-server-latest\", rpm:\"fglrx-kernel-server-latest~8.522~1.20091119.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kernel-2.6.27.39-desktop-1mnb\", rpm:\"iscsitarget-kernel-2.6.27.39-desktop-1mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"iscsitarget-kernel-2.6.27.39-desktop586-1mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kernel-2.6.27.39-server-1mnb\", rpm:\"iscsitarget-kernel-2.6.27.39-server-1mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop586-latest\", rpm:\"iscsitarget-kernel-desktop586-latest~0.4.16~1.20091119.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop-latest\", rpm:\"iscsitarget-kernel-desktop-latest~0.4.16~1.20091119.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kernel-server-latest\", rpm:\"iscsitarget-kernel-server-latest~0.4.16~1.20091119.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-2.6.27.39-1mnb\", rpm:\"kernel-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop-2.6.27.39-1mnb\", rpm:\"kernel-desktop-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop586-2.6.27.39-1mnb\", rpm:\"kernel-desktop586-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop586-devel-2.6.27.39-1mnb\", rpm:\"kernel-desktop586-devel-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop586-devel-latest\", rpm:\"kernel-desktop586-devel-latest~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop586-latest\", rpm:\"kernel-desktop586-latest~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop-devel-2.6.27.39-1mnb\", rpm:\"kernel-desktop-devel-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop-devel-latest\", rpm:\"kernel-desktop-devel-latest~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop-latest\", rpm:\"kernel-desktop-latest~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-server-2.6.27.39-1mnb\", rpm:\"kernel-server-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-server-devel-2.6.27.39-1mnb\", rpm:\"kernel-server-devel-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-server-devel-latest\", rpm:\"kernel-server-devel-latest~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-server-latest\", rpm:\"kernel-server-latest~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source-2.6.27.39-1mnb\", rpm:\"kernel-source-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source-latest\", rpm:\"kernel-source-latest~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kernel-2.6.27.39-desktop-1mnb\", rpm:\"kqemu-kernel-2.6.27.39-desktop-1mnb~1.4.0pre1~0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"kqemu-kernel-2.6.27.39-desktop586-1mnb~1.4.0pre1~0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kernel-2.6.27.39-server-1mnb\", rpm:\"kqemu-kernel-2.6.27.39-server-1mnb~1.4.0pre1~0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop586-latest\", rpm:\"kqemu-kernel-desktop586-latest~1.4.0pre1~1.20091119.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop-latest\", rpm:\"kqemu-kernel-desktop-latest~1.4.0pre1~1.20091119.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kernel-server-latest\", rpm:\"kqemu-kernel-server-latest~1.4.0pre1~1.20091119.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.39-desktop-1mnb\", rpm:\"libafs-kernel-2.6.27.39-desktop-1mnb~1.4.7~5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"libafs-kernel-2.6.27.39-desktop586-1mnb~1.4.7~5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.39-server-1mnb\", rpm:\"libafs-kernel-2.6.27.39-server-1mnb~1.4.7~5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-desktop586-latest\", rpm:\"libafs-kernel-desktop586-latest~1.4.7~1.20091119.5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-desktop-latest\", rpm:\"libafs-kernel-desktop-latest~1.4.7~1.20091119.5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-server-latest\", rpm:\"libafs-kernel-server-latest~1.4.7~1.20091119.5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"madwifi-kernel-2.6.27.39-desktop-1mnb\", rpm:\"madwifi-kernel-2.6.27.39-desktop-1mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"madwifi-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"madwifi-kernel-2.6.27.39-desktop586-1mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"madwifi-kernel-2.6.27.39-server-1mnb\", rpm:\"madwifi-kernel-2.6.27.39-server-1mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop586-latest\", rpm:\"madwifi-kernel-desktop586-latest~0.9.4~1.20091119.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop-latest\", rpm:\"madwifi-kernel-desktop-latest~0.9.4~1.20091119.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"madwifi-kernel-server-latest\", rpm:\"madwifi-kernel-server-latest~0.9.4~1.20091119.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia173-kernel-2.6.27.39-desktop-1mnb\", rpm:\"nvidia173-kernel-2.6.27.39-desktop-1mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia173-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"nvidia173-kernel-2.6.27.39-desktop586-1mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop586-latest\", rpm:\"nvidia173-kernel-desktop586-latest~173.14.12~1.20091119.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop-latest\", rpm:\"nvidia173-kernel-desktop-latest~173.14.12~1.20091119.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-2.6.27.39-desktop-1mnb\", rpm:\"nvidia71xx-kernel-2.6.27.39-desktop-1mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"nvidia71xx-kernel-2.6.27.39-desktop586-1mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-2.6.27.39-server-1mnb\", rpm:\"nvidia71xx-kernel-2.6.27.39-server-1mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop586-latest\", rpm:\"nvidia71xx-kernel-desktop586-latest~71.86.06~1.20091119.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop-latest\", rpm:\"nvidia71xx-kernel-desktop-latest~71.86.06~1.20091119.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-server-latest\", rpm:\"nvidia71xx-kernel-server-latest~71.86.06~1.20091119.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-2.6.27.39-desktop-1mnb\", rpm:\"nvidia96xx-kernel-2.6.27.39-desktop-1mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"nvidia96xx-kernel-2.6.27.39-desktop586-1mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-2.6.27.39-server-1mnb\", rpm:\"nvidia96xx-kernel-2.6.27.39-server-1mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop586-latest\", rpm:\"nvidia96xx-kernel-desktop586-latest~96.43.07~1.20091119.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop-latest\", rpm:\"nvidia96xx-kernel-desktop-latest~96.43.07~1.20091119.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-server-latest\", rpm:\"nvidia96xx-kernel-server-latest~96.43.07~1.20091119.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia-current-kernel-2.6.27.39-desktop-1mnb\", rpm:\"nvidia-current-kernel-2.6.27.39-desktop-1mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia-current-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"nvidia-current-kernel-2.6.27.39-desktop586-1mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia-current-kernel-2.6.27.39-server-1mnb\", rpm:\"nvidia-current-kernel-2.6.27.39-server-1mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop586-latest\", rpm:\"nvidia-current-kernel-desktop586-latest~177.70~1.20091119.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop-latest\", rpm:\"nvidia-current-kernel-desktop-latest~177.70~1.20091119.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia-current-kernel-server-latest\", rpm:\"nvidia-current-kernel-server-latest~177.70~1.20091119.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vpnclient-kernel-2.6.27.39-desktop-1mnb\", rpm:\"vpnclient-kernel-2.6.27.39-desktop-1mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vpnclient-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"vpnclient-kernel-2.6.27.39-desktop586-1mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vpnclient-kernel-2.6.27.39-server-1mnb\", rpm:\"vpnclient-kernel-2.6.27.39-server-1mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop586-latest\", rpm:\"vpnclient-kernel-desktop586-latest~4.8.01.0640~1.20091119.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop-latest\", rpm:\"vpnclient-kernel-desktop-latest~4.8.01.0640~1.20091119.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vpnclient-kernel-server-latest\", rpm:\"vpnclient-kernel-server-latest~4.8.01.0640~1.20091119.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.39-desktop-1mnb\", rpm:\"libafs-kernel-2.6.27.39-desktop-1mnb~1.4.7~5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.39-server-1mnb\", rpm:\"libafs-kernel-2.6.27.39-server-1mnb~1.4.7~5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-desktop-latest\", rpm:\"libafs-kernel-desktop-latest~1.4.7~1.20091119.5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-server-latest\", rpm:\"libafs-kernel-server-latest~1.4.7~1.20091119.5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:38", "description": "The remote host is missing an update to kernel\nannounced via advisory MDVSA-2009:301.", "cvss3": {}, "published": "2009-11-23T00:00:00", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:301 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3726", "CVE-2009-3638", "CVE-2009-3547", "CVE-2009-2903", "CVE-2005-4881", "CVE-2009-3612"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:66289", "href": "http://plugins.openvas.org/nasl.php?oid=66289", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_301.nasl 6587 2017-07-07 06:35:35Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:301 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Some vulnerabilities were discovered and corrected in the Linux\n2.6 kernel:\n\nMemory leak in the appletalk subsystem in the Linux kernel 2.4.x\nthrough 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and\nipddp modules are loaded but the ipddpN device is not found, allows\nremote attackers to cause a denial of service (memory consumption)\nvia IP-DDP datagrams. (CVE-2009-2903)\n\nMultiple race conditions in fs/pipe.c in the Linux kernel before\n2.6.32-rc6 allow local users to cause a denial of service (NULL pointer\ndereference and system crash) or gain privileges by attempting to\nopen an anonymous pipe via a /proc/*/fd/ pathname. (CVE-2009-3547)\n\nThe tcf_fill_node function in net/sched/cls_api.c in the netlink\nsubsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6\nand earlier, does not initialize a certain tcm__pad2 structure member,\nwhich might allow local users to obtain sensitive information from\nkernel memory via unspecified vectors. NOTE: this issue exists\nbecause of an incomplete fix for CVE-2005-4881. (CVE-2009-3612)\n\nnet/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows\nlocal users to cause a denial of service (system hang) by creating an\nabstract-namespace AF_UNIX listening socket, performing a shutdown\noperation on this socket, and then performing a series of connect\noperations to this socket. (CVE-2009-3621)\n\nInteger overflow in the kvm_dev_ioctl_get_supported_cpuid function\nin arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel\nbefore 2.6.31.4 allows local users to have an unspecified impact\nvia a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl\nfunction. (CVE-2009-3638)\n\nThe nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in\nthe Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause\na denial of service (NULL pointer dereference and panic) by sending a\ncertain response containing incorrect file attributes, which trigger\nattempted use of an open file that lacks NFSv4 state. (CVE-2009-3726)\n\nAdditionally, it includes the fixes from the stable kernel version\n2.6.27.39. It also fixes issues with the bnx2 module in which the\nmachine could become unresponsive. For details, see the package\nchangelog.\n\nTo update your kernel, please follow the directions located at:\n\nhttp://www.mandriva.com/en/security/kernelupdate\n\nAffected: Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:301\";\ntag_summary = \"The remote host is missing an update to kernel\nannounced via advisory MDVSA-2009:301.\";\n\n \n\nif(description)\n{\n script_id(66289);\n script_version(\"$Revision: 6587 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 08:35:35 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-23 20:51:51 +0100 (Mon, 23 Nov 2009)\");\n script_cve_id(\"CVE-2009-2903\", \"CVE-2009-3547\", \"CVE-2005-4881\", \"CVE-2009-3612\", \"CVE-2009-3621\", \"CVE-2009-3638\", \"CVE-2009-3726\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:301 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"drm-experimental-kernel-2.6.27.39-desktop-1mnb\", rpm:\"drm-experimental-kernel-2.6.27.39-desktop-1mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drm-experimental-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"drm-experimental-kernel-2.6.27.39-desktop586-1mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drm-experimental-kernel-2.6.27.39-server-1mnb\", rpm:\"drm-experimental-kernel-2.6.27.39-server-1mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop586-latest\", rpm:\"drm-experimental-kernel-desktop586-latest~2.3.0~1.20091119.2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop-latest\", rpm:\"drm-experimental-kernel-desktop-latest~2.3.0~1.20091119.2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"drm-experimental-kernel-server-latest\", rpm:\"drm-experimental-kernel-server-latest~2.3.0~1.20091119.2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fglrx-kernel-2.6.27.39-desktop-1mnb\", rpm:\"fglrx-kernel-2.6.27.39-desktop-1mnb~8.522~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fglrx-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"fglrx-kernel-2.6.27.39-desktop586-1mnb~8.522~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fglrx-kernel-2.6.27.39-server-1mnb\", rpm:\"fglrx-kernel-2.6.27.39-server-1mnb~8.522~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop586-latest\", rpm:\"fglrx-kernel-desktop586-latest~8.522~1.20091119.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop-latest\", rpm:\"fglrx-kernel-desktop-latest~8.522~1.20091119.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"fglrx-kernel-server-latest\", rpm:\"fglrx-kernel-server-latest~8.522~1.20091119.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kernel-2.6.27.39-desktop-1mnb\", rpm:\"iscsitarget-kernel-2.6.27.39-desktop-1mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"iscsitarget-kernel-2.6.27.39-desktop586-1mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kernel-2.6.27.39-server-1mnb\", rpm:\"iscsitarget-kernel-2.6.27.39-server-1mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop586-latest\", rpm:\"iscsitarget-kernel-desktop586-latest~0.4.16~1.20091119.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop-latest\", rpm:\"iscsitarget-kernel-desktop-latest~0.4.16~1.20091119.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"iscsitarget-kernel-server-latest\", rpm:\"iscsitarget-kernel-server-latest~0.4.16~1.20091119.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-2.6.27.39-1mnb\", rpm:\"kernel-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop-2.6.27.39-1mnb\", rpm:\"kernel-desktop-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop586-2.6.27.39-1mnb\", rpm:\"kernel-desktop586-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop586-devel-2.6.27.39-1mnb\", rpm:\"kernel-desktop586-devel-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop586-devel-latest\", rpm:\"kernel-desktop586-devel-latest~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop586-latest\", rpm:\"kernel-desktop586-latest~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop-devel-2.6.27.39-1mnb\", rpm:\"kernel-desktop-devel-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop-devel-latest\", rpm:\"kernel-desktop-devel-latest~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-desktop-latest\", rpm:\"kernel-desktop-latest~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-server-2.6.27.39-1mnb\", rpm:\"kernel-server-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-server-devel-2.6.27.39-1mnb\", rpm:\"kernel-server-devel-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-server-devel-latest\", rpm:\"kernel-server-devel-latest~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-server-latest\", rpm:\"kernel-server-latest~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source-2.6.27.39-1mnb\", rpm:\"kernel-source-2.6.27.39-1mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source-latest\", rpm:\"kernel-source-latest~2.6.27.39~1mnb2\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kernel-2.6.27.39-desktop-1mnb\", rpm:\"kqemu-kernel-2.6.27.39-desktop-1mnb~1.4.0pre1~0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"kqemu-kernel-2.6.27.39-desktop586-1mnb~1.4.0pre1~0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kernel-2.6.27.39-server-1mnb\", rpm:\"kqemu-kernel-2.6.27.39-server-1mnb~1.4.0pre1~0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop586-latest\", rpm:\"kqemu-kernel-desktop586-latest~1.4.0pre1~1.20091119.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop-latest\", rpm:\"kqemu-kernel-desktop-latest~1.4.0pre1~1.20091119.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kqemu-kernel-server-latest\", rpm:\"kqemu-kernel-server-latest~1.4.0pre1~1.20091119.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.39-desktop-1mnb\", rpm:\"libafs-kernel-2.6.27.39-desktop-1mnb~1.4.7~5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"libafs-kernel-2.6.27.39-desktop586-1mnb~1.4.7~5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.39-server-1mnb\", rpm:\"libafs-kernel-2.6.27.39-server-1mnb~1.4.7~5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-desktop586-latest\", rpm:\"libafs-kernel-desktop586-latest~1.4.7~1.20091119.5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-desktop-latest\", rpm:\"libafs-kernel-desktop-latest~1.4.7~1.20091119.5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-server-latest\", rpm:\"libafs-kernel-server-latest~1.4.7~1.20091119.5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"madwifi-kernel-2.6.27.39-desktop-1mnb\", rpm:\"madwifi-kernel-2.6.27.39-desktop-1mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"madwifi-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"madwifi-kernel-2.6.27.39-desktop586-1mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"madwifi-kernel-2.6.27.39-server-1mnb\", rpm:\"madwifi-kernel-2.6.27.39-server-1mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop586-latest\", rpm:\"madwifi-kernel-desktop586-latest~0.9.4~1.20091119.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop-latest\", rpm:\"madwifi-kernel-desktop-latest~0.9.4~1.20091119.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"madwifi-kernel-server-latest\", rpm:\"madwifi-kernel-server-latest~0.9.4~1.20091119.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia173-kernel-2.6.27.39-desktop-1mnb\", rpm:\"nvidia173-kernel-2.6.27.39-desktop-1mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia173-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"nvidia173-kernel-2.6.27.39-desktop586-1mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop586-latest\", rpm:\"nvidia173-kernel-desktop586-latest~173.14.12~1.20091119.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop-latest\", rpm:\"nvidia173-kernel-desktop-latest~173.14.12~1.20091119.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-2.6.27.39-desktop-1mnb\", rpm:\"nvidia71xx-kernel-2.6.27.39-desktop-1mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"nvidia71xx-kernel-2.6.27.39-desktop586-1mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-2.6.27.39-server-1mnb\", rpm:\"nvidia71xx-kernel-2.6.27.39-server-1mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop586-latest\", rpm:\"nvidia71xx-kernel-desktop586-latest~71.86.06~1.20091119.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop-latest\", rpm:\"nvidia71xx-kernel-desktop-latest~71.86.06~1.20091119.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-server-latest\", rpm:\"nvidia71xx-kernel-server-latest~71.86.06~1.20091119.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-2.6.27.39-desktop-1mnb\", rpm:\"nvidia96xx-kernel-2.6.27.39-desktop-1mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"nvidia96xx-kernel-2.6.27.39-desktop586-1mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-2.6.27.39-server-1mnb\", rpm:\"nvidia96xx-kernel-2.6.27.39-server-1mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop586-latest\", rpm:\"nvidia96xx-kernel-desktop586-latest~96.43.07~1.20091119.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop-latest\", rpm:\"nvidia96xx-kernel-desktop-latest~96.43.07~1.20091119.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-server-latest\", rpm:\"nvidia96xx-kernel-server-latest~96.43.07~1.20091119.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia-current-kernel-2.6.27.39-desktop-1mnb\", rpm:\"nvidia-current-kernel-2.6.27.39-desktop-1mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia-current-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"nvidia-current-kernel-2.6.27.39-desktop586-1mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia-current-kernel-2.6.27.39-server-1mnb\", rpm:\"nvidia-current-kernel-2.6.27.39-server-1mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop586-latest\", rpm:\"nvidia-current-kernel-desktop586-latest~177.70~1.20091119.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop-latest\", rpm:\"nvidia-current-kernel-desktop-latest~177.70~1.20091119.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nvidia-current-kernel-server-latest\", rpm:\"nvidia-current-kernel-server-latest~177.70~1.20091119.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vpnclient-kernel-2.6.27.39-desktop-1mnb\", rpm:\"vpnclient-kernel-2.6.27.39-desktop-1mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vpnclient-kernel-2.6.27.39-desktop586-1mnb\", rpm:\"vpnclient-kernel-2.6.27.39-desktop586-1mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vpnclient-kernel-2.6.27.39-server-1mnb\", rpm:\"vpnclient-kernel-2.6.27.39-server-1mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop586-latest\", rpm:\"vpnclient-kernel-desktop586-latest~4.8.01.0640~1.20091119.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop-latest\", rpm:\"vpnclient-kernel-desktop-latest~4.8.01.0640~1.20091119.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"vpnclient-kernel-server-latest\", rpm:\"vpnclient-kernel-server-latest~4.8.01.0640~1.20091119.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.39-desktop-1mnb\", rpm:\"libafs-kernel-2.6.27.39-desktop-1mnb~1.4.7~5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.39-server-1mnb\", rpm:\"libafs-kernel-2.6.27.39-server-1mnb~1.4.7~5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-desktop-latest\", rpm:\"libafs-kernel-desktop-latest~1.4.7~1.20091119.5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libafs-kernel-server-latest\", rpm:\"libafs-kernel-server-latest~1.4.7~1.20091119.5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:15", "description": "Oracle Linux Local Security Checks ELSA-2009-1106", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-1106", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1758", "CVE-2009-3238", "CVE-2009-1072", "CVE-2009-1192", "CVE-2009-1633", "CVE-2009-1439", "CVE-2009-1630"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122474", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122474", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-1106.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122474\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:46:10 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-1106\");\n script_tag(name:\"insight\", value:\"ELSA-2009-1106 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-1106\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-1106.html\");\n script_cve_id(\"CVE-2009-1072\", \"CVE-2009-1192\", \"CVE-2009-1439\", \"CVE-2009-1630\", \"CVE-2009-1633\", \"CVE-2009-1758\", \"CVE-2009-3238\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~128.1.14.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~128.1.14.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~128.1.14.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~128.1.14.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~128.1.14.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~128.1.14.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~128.1.14.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~128.1.14.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~128.1.14.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~128.1.14.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.14.0.1.el5~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.14.0.1.el5~1.4.2~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.14.0.1.el5PAE~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.14.0.1.el5PAE~1.4.2~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.14.0.1.el5debug~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.14.0.1.el5debug~1.4.2~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.14.0.1.el5xen~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.14.0.1.el5xen~1.4.2~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~128.1.14.0.1.el5~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~128.1.14.0.1.el5PAE~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~128.1.14.0.1.el5debug~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~128.1.14.0.1.el5xen~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-04-06T11:40:09", "description": "The remote host is missing updates to kernel-rt packages announced in\nadvisory RHSA-2009:1540.\n\nFor details on the issues addressed in this update, please visit\nthe referenced security advisories.\n\nThese updated packages also include bug fixes and enhancements. Users are\ndirected to the Realtime Security Update Release Notes for version 1.1 for\ninformation on these changes, which will be available shortly from:\n\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues and add enhancements. The system must be\nrebooted for this update to take effect.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1540", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3613", "CVE-2009-1895", "CVE-2009-3621", "CVE-2009-2910", "CVE-2009-3001", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3612", "CVE-2009-2695", "CVE-2009-2849", "CVE-2009-2691"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066174", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066174", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1540.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1540 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\n\nhttp://rhn.redhat.com/errata/RHSA-2009-1540.html\nhttp://www.redhat.com/security/updates/classification/#important\nhttp://kbase.redhat.com/faq/docs/DOC-18042\nhttp://kbase.redhat.com/faq/docs/DOC-17866\nhttp://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/\";\n\ntag_summary = \"The remote host is missing updates to kernel-rt packages announced in\nadvisory RHSA-2009:1540.\n\nFor details on the issues addressed in this update, please visit\nthe referenced security advisories.\n\nThese updated packages also include bug fixes and enhancements. Users are\ndirected to the Realtime Security Update Release Notes for version 1.1 for\ninformation on these changes, which will be available shortly from:\n\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues and add enhancements. The system must be\nrebooted for this update to take effect.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66174\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2849\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3001\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1540\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-rt\", rpm:\"kernel-rt~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug\", rpm:\"kernel-rt-debug~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-debuginfo\", rpm:\"kernel-rt-debug-debuginfo~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-devel\", rpm:\"kernel-rt-debug-devel~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo\", rpm:\"kernel-rt-debuginfo~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo-common\", rpm:\"kernel-rt-debuginfo-common~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-devel\", rpm:\"kernel-rt-devel~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace\", rpm:\"kernel-rt-trace~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-debuginfo\", rpm:\"kernel-rt-trace-debuginfo~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-devel\", rpm:\"kernel-rt-trace-devel~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla\", rpm:\"kernel-rt-vanilla~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-debuginfo\", rpm:\"kernel-rt-vanilla-debuginfo~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-devel\", rpm:\"kernel-rt-vanilla-devel~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-doc\", rpm:\"kernel-rt-doc~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:40", "description": "The remote host is missing updates to kernel-rt packages announced in\nadvisory RHSA-2009:1540.\n\nFor details on the issues addressed in this update, please visit\nthe referenced security advisories.\n\nThese updated packages also include bug fixes and enhancements. Users are\ndirected to the Realtime Security Update Release Notes for version 1.1 for\ninformation on these changes, which will be available shortly from:\n\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues and add enhancements. The system must be\nrebooted for this update to take effect.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1540", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3613", "CVE-2009-1895", "CVE-2009-3621", "CVE-2009-2910", "CVE-2009-3001", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-3002", "CVE-2009-3228", "CVE-2009-3612", "CVE-2009-2695", "CVE-2009-2849", "CVE-2009-2691"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:66174", "href": "http://plugins.openvas.org/nasl.php?oid=66174", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1540.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1540 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\n\nhttp://rhn.redhat.com/errata/RHSA-2009-1540.html\nhttp://www.redhat.com/security/updates/classification/#important\nhttp://kbase.redhat.com/faq/docs/DOC-18042\nhttp://kbase.redhat.com/faq/docs/DOC-17866\nhttp://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/\";\n\ntag_summary = \"The remote host is missing updates to kernel-rt packages announced in\nadvisory RHSA-2009:1540.\n\nFor details on the issues addressed in this update, please visit\nthe referenced security advisories.\n\nThese updated packages also include bug fixes and enhancements. Users are\ndirected to the Realtime Security Update Release Notes for version 1.1 for\ninformation on these changes, which will be available shortly from:\n\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues and add enhancements. The system must be\nrebooted for this update to take effect.\";\n\n\n\nif(description)\n{\n script_id(66174);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-1895\", \"CVE-2009-2691\", \"CVE-2009-2695\", \"CVE-2009-2849\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3228\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3001\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1540\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-rt\", rpm:\"kernel-rt~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug\", rpm:\"kernel-rt-debug~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-debuginfo\", rpm:\"kernel-rt-debug-debuginfo~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-devel\", rpm:\"kernel-rt-debug-devel~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo\", rpm:\"kernel-rt-debuginfo~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo-common\", rpm:\"kernel-rt-debuginfo-common~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-devel\", rpm:\"kernel-rt-devel~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace\", rpm:\"kernel-rt-trace~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-debuginfo\", rpm:\"kernel-rt-trace-debuginfo~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-devel\", rpm:\"kernel-rt-trace-devel~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla\", rpm:\"kernel-rt-vanilla~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-debuginfo\", rpm:\"kernel-rt-vanilla-debuginfo~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-devel\", rpm:\"kernel-rt-vanilla-devel~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-doc\", rpm:\"kernel-rt-doc~2.6.24.7~137.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:52", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1635.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* a NULL pointer dereference flaw was found in the NFSv4 implementation in\nthe Linux kernel. Several of the NFSv4 file locking functions failed to\ncheck whether a file had been opened on the server before performing\nlocking operations on it. A local user on a system with an NFSv4 share\nmounted could possibly use this flaw to cause a denial of service or\nescalate their privileges. (CVE-2009-3726, Important)\n\n* permission issues were found in the megaraid_sas driver (for SAS based\nRAID controllers) in the Linux kernel. The dbg_lvl and poll_mode_io\nfiles on the sysfs file system (/sys/) had world-writable permissions.\nThis could allow local, unprivileged users to change the behavior of the\ndriver. (CVE-2009-3889, CVE-2009-3939, Moderate)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues and add these enhancements. The system must\nbe rebooted for this update to take effect.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1635", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3939", "CVE-2009-3726", "CVE-2009-3889"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066356", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066356", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1635.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1635 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1635.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* a NULL pointer dereference flaw was found in the NFSv4 implementation in\nthe Linux kernel. Several of the NFSv4 file locking functions failed to\ncheck whether a file had been opened on the server before performing\nlocking operations on it. A local user on a system with an NFSv4 share\nmounted could possibly use this flaw to cause a denial of service or\nescalate their privileges. (CVE-2009-3726, Important)\n\n* permission issues were found in the megaraid_sas driver (for SAS based\nRAID controllers) in the Linux kernel. The dbg_lvl and poll_mode_io\nfiles on the sysfs file system (/sys/) had world-writable permissions.\nThis could allow local, unprivileged users to change the behavior of the\ndriver. (CVE-2009-3889, CVE-2009-3939, Moderate)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues and add these enhancements. The system must\nbe rebooted for this update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66356\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-3726\", \"CVE-2009-3889\", \"CVE-2009-3939\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1635\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1635.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-rt\", rpm:\"kernel-rt~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug\", rpm:\"kernel-rt-debug~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-debuginfo\", rpm:\"kernel-rt-debug-debuginfo~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-devel\", rpm:\"kernel-rt-debug-devel~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo\", rpm:\"kernel-rt-debuginfo~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo-common\", rpm:\"kernel-rt-debuginfo-common~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-devel\", rpm:\"kernel-rt-devel~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace\", rpm:\"kernel-rt-trace~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-debuginfo\", rpm:\"kernel-rt-trace-debuginfo~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-devel\", rpm:\"kernel-rt-trace-devel~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla\", rpm:\"kernel-rt-vanilla~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-debuginfo\", rpm:\"kernel-rt-vanilla-debuginfo~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-devel\", rpm:\"kernel-rt-vanilla-devel~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-doc\", rpm:\"kernel-rt-doc~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:12", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1635.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* a NULL pointer dereference flaw was found in the NFSv4 implementation in\nthe Linux kernel. Several of the NFSv4 file locking functions failed to\ncheck whether a file had been opened on the server before performing\nlocking operations on it. A local user on a system with an NFSv4 share\nmounted could possibly use this flaw to cause a denial of service or\nescalate their privileges. (CVE-2009-3726, Important)\n\n* permission issues were found in the megaraid_sas driver (for SAS based\nRAID controllers) in the Linux kernel. The dbg_lvl and poll_mode_io\nfiles on the sysfs file system (/sys/) had world-writable permissions.\nThis could allow local, unprivileged users to change the behavior of the\ndriver. (CVE-2009-3889, CVE-2009-3939, Moderate)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues and add these enhancements. The system must\nbe rebooted for this update to take effect.", "cvss3": {}, "published": "2009-12-10T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1635", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3939", "CVE-2009-3726", "CVE-2009-3889"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:66356", "href": "http://plugins.openvas.org/nasl.php?oid=66356", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1635.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1635 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1635.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* a NULL pointer dereference flaw was found in the NFSv4 implementation in\nthe Linux kernel. Several of the NFSv4 file locking functions failed to\ncheck whether a file had been opened on the server before performing\nlocking operations on it. A local user on a system with an NFSv4 share\nmounted could possibly use this flaw to cause a denial of service or\nescalate their privileges. (CVE-2009-3726, Important)\n\n* permission issues were found in the megaraid_sas driver (for SAS based\nRAID controllers) in the Linux kernel. The dbg_lvl and poll_mode_io\nfiles on the sysfs file system (/sys/) had world-writable permissions.\nThis could allow local, unprivileged users to change the behavior of the\ndriver. (CVE-2009-3889, CVE-2009-3939, Moderate)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues and add these enhancements. The system must\nbe rebooted for this update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(66356);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-3726\", \"CVE-2009-3889\", \"CVE-2009-3939\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1635\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1635.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-rt\", rpm:\"kernel-rt~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug\", rpm:\"kernel-rt-debug~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-debuginfo\", rpm:\"kernel-rt-debug-debuginfo~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-devel\", rpm:\"kernel-rt-debug-devel~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo\", rpm:\"kernel-rt-debuginfo~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo-common\", rpm:\"kernel-rt-debuginfo-common~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-devel\", rpm:\"kernel-rt-devel~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace\", rpm:\"kernel-rt-trace~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-debuginfo\", rpm:\"kernel-rt-trace-debuginfo~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-devel\", rpm:\"kernel-rt-trace-devel~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla\", rpm:\"kernel-rt-vanilla~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-debuginfo\", rpm:\"kernel-rt-vanilla-debuginfo~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-devel\", rpm:\"kernel-rt-vanilla-devel~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-doc\", rpm:\"kernel-rt-doc~2.6.24.7~139.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:27", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-06-18T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2010:0474-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1437", "CVE-2009-3726", "CVE-2010-1173"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:870277", "href": "http://plugins.openvas.org/nasl.php?oid=870277", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2010:0474-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n Security fixes:\n \n * a NULL pointer dereference flaw was found in the Linux kernel NFSv4\n implementation. Several of the NFSv4 file locking functions failed to check\n whether a file had been opened on the server before performing locking\n operations on it. A local, unprivileged user on a system with an NFSv4\n share mounted could possibly use this flaw to cause a kernel panic (denial\n of service) or escalate their privileges. (CVE-2009-3726, Important)\n \n * a flaw was found in the sctp_process_unk_param() function in the Linux\n kernel Stream Control Transmission Protocol (SCTP) implementation. A remote\n attacker could send a specially-crafted SCTP packet to an SCTP listening\n port on a target system, causing a kernel panic (denial of service).\n (CVE-2010-1173, Important)\n \n * a race condition between finding a keyring by name and destroying a freed\n keyring was found in the Linux kernel key management facility. A local,\n unprivileged user could use this flaw to cause a kernel panic (denial of\n service) or escalate their privileges. (CVE-2010-1437, Important)\n \n Red Hat would like to thank Simon Vallet for responsibly reporting\n CVE-2009-3726; and Jukka Taimisto and Olli Jarva of Codenomicon Ltd, Nokia\n Siemens Networks, and Wind River on behalf of their customer, for\n responsibly reporting CVE-2010-1173.\n \n Bug fixes:\n \n * RHBA-2007:0791 introduced a regression in the Journaling Block Device\n (JBD). Under certain circumstances, removing a large file (such as 300 MB\n or more) did not result in inactive memory being freed, leading to the\n system having a large amount of inactive memory. Now, the memory is\n correctly freed. (BZ#589155)\n \n * the timer_interrupt() routine did not scale lost real ticks to logical\n ticks correctly, possibly causing time drift for 64-bit Red Hat Enterprise\n Linux 4 KVM (Kernel-based Virtual Machine) guests that were booted with the\n "divider=x" kernel parameter set to a value greater than 1. "warning: many\n lost ticks" messages may have been logged on the affected guest systems.\n (BZ#590551)\n \n * a bug could have prevented NFSv3 clients from having the most up-to-date\n file attributes for files on a given NFSv3 file system. In cases where a\n file type changed, such as if a file was removed and replaced with a\n directory of the same name, the NFSv3 client may not have noticed this\n change until stat(2) was ca ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-June/msg00009.html\");\n script_id(870277);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-18 17:26:33 +0200 (Fri, 18 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2010:0474-01\");\n script_cve_id(\"CVE-2009-3726\", \"CVE-2010-1173\", \"CVE-2010-1437\");\n script_name(\"RedHat Update for kernel RHSA-2010:0474-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-26T11:05:41", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-06-18T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2010:0474-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1437", "CVE-2009-3726", "CVE-2010-1173"], "modified": "2018-01-25T00:00:00", "id": "OPENVAS:1361412562310870277", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870277", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2010:0474-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n Security fixes:\n \n * a NULL pointer dereference flaw was found in the Linux kernel NFSv4\n implementation. Several of the NFSv4 file locking functions failed to check\n whether a file had been opened on the server before performing locking\n operations on it. A local, unprivileged user on a system with an NFSv4\n share mounted could possibly use this flaw to cause a kernel panic (denial\n of service) or escalate their privileges. (CVE-2009-3726, Important)\n \n * a flaw was found in the sctp_process_unk_param() function in the Linux\n kernel Stream Control Transmission Protocol (SCTP) implementation. A remote\n attacker could send a specially-crafted SCTP packet to an SCTP listening\n port on a target system, causing a kernel panic (denial of service).\n (CVE-2010-1173, Important)\n \n * a race condition between finding a keyring by name and destroying a freed\n keyring was found in the Linux kernel key management facility. A local,\n unprivileged user could use this flaw to cause a kernel panic (denial of\n service) or escalate their privileges. (CVE-2010-1437, Important)\n \n Red Hat would like to thank Simon Vallet for responsibly reporting\n CVE-2009-3726; and Jukka Taimisto and Olli Jarva of Codenomicon Ltd, Nokia\n Siemens Networks, and Wind River on behalf of their customer, for\n responsibly reporting CVE-2010-1173.\n \n Bug fixes:\n \n * RHBA-2007:0791 introduced a regression in the Journaling Block Device\n (JBD). Under certain circumstances, removing a large file (such as 300 MB\n or more) did not result in inactive memory being freed, leading to the\n system having a large amount of inactive memory. Now, the memory is\n correctly freed. (BZ#589155)\n \n * the timer_interrupt() routine did not scale lost real ticks to logical\n ticks correctly, possibly causing time drift for 64-bit Red Hat Enterprise\n Linux 4 KVM (Kernel-based Virtual Machine) guests that were booted with the\n "divider=x" kernel parameter set to a value greater than 1. "warning: many\n lost ticks" messages may have been logged on the affected guest systems.\n (BZ#590551)\n \n * a bug could have prevented NFSv3 clients from having the most up-to-date\n file attributes for files on a given NFSv3 file system. In cases where a\n file type changed, such as if a file was removed and replaced with a\n directory of the same name, the NFSv3 client may not have noticed this\n change until stat(2) was ca ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-June/msg00009.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870277\");\n script_version(\"$Revision: 8528 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 08:57:36 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-18 17:26:33 +0200 (Fri, 18 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2010:0474-01\");\n script_cve_id(\"CVE-2009-3726\", \"CVE-2010-1173\", \"CVE-2010-1437\");\n script_name(\"RedHat Update for kernel RHSA-2010:0474-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.0.26.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:08", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2010:0474 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1437", "CVE-2009-3726", "CVE-2010-1173"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:880414", "href": "http://plugins.openvas.org/nasl.php?oid=880414", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2010:0474 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n Security fixes:\n\n * a NULL pointer dereference flaw was found in the Linux kernel NFSv4\n implementation. Several of the NFSv4 file locking functions failed to check\n whether a file had been opened on the server before performing locking\n operations on it. A local, unprivileged user on a system with an NFSv4\n share mounted could possibly use this flaw to cause a kernel panic (denial\n of service) or escalate their privileges. (CVE-2009-3726, Important)\n\n * a flaw was found in the sctp_process_unk_param() function in the Linux\n kernel Stream Control Transmission Protocol (SCTP) implementation. A remote\n attacker could send a specially-crafted SCTP packet to an SCTP listening\n port on a target system, causing a kernel panic (denial of service).\n (CVE-2010-1173, Important)\n\n * a race condition between finding a keyring by name and destroying a freed\n keyring was found in the Linux kernel key management facility. A local,\n unprivileged user could use this flaw to cause a kernel panic (denial of\n service) or escalate their privileges. (CVE-2010-1437, Important)\n\n Red Hat would like to thank Simon Vallet for responsibly reporting\n CVE-2009-3726; and Jukka Taimisto and Olli Jarva of Codenomicon Ltd, Nokia\n Siemens Networks, and Wind River on behalf of their customer, for\n responsibly reporting CVE-2010-1173.\n\n Bug fixes:\n\n * RHBA-2007:0791 introduced a regression in the Journaling Block Device\n (JBD). Under certain circumstances, removing a large file (such as 300 MB\n or more) did not result in inactive memory being freed, leading to the\n system having a large amount of inactive memory. Now, the memory is\n correctly freed. (BZ#589155)\n\n * the timer_interrupt() routine did not scale lost real ticks to logical\n ticks correctly, possibly causing time drift for 64-bit Red Hat Enterprise\n Linux 4 KVM (Kernel-based Virtual Machine) guests that were booted with the\n "divider=x" kernel parameter set to a value greater than 1. "warning: many\n lost ticks" messages may have been logged on the affected guest systems.\n (BZ#590551)\n\n * a bug could have prevented NFSv3 clients from having the most up-to-date\n file attributes for files on a given NFSv3 file system. In cases where a\n file type changed, such as if a file was removed and replaced with a\n directory of the same name, the NFSv3 client may not have noticed this\n change until stat(2) was called (for example, by running "ls -l").\n (BZ#596372)\n\n * RHBA-2007:0791 introduced bugs in the Li ...\n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-August/016934.html\");\n script_id(880414);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0474\");\n script_cve_id(\"CVE-2009-3726\", \"CVE-2010-1173\", \"CVE-2010-1437\");\n script_name(\"CentOS Update for kernel CESA-2010:0474 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-22T13:05:35", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2010:0474 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1437", "CVE-2009-3726", "CVE-2010-1173"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:1361412562310880414", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880414", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2010:0474 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n Security fixes:\n\n * a NULL pointer dereference flaw was found in the Linux kernel NFSv4\n implementation. Several of the NFSv4 file locking functions failed to check\n whether a file had been opened on the server before performing locking\n operations on it. A local, unprivileged user on a system with an NFSv4\n share mounted could possibly use this flaw to cause a kernel panic (denial\n of service) or escalate their privileges. (CVE-2009-3726, Important)\n\n * a flaw was found in the sctp_process_unk_param() function in the Linux\n kernel Stream Control Transmission Protocol (SCTP) implementation. A remote\n attacker could send a specially-crafted SCTP packet to an SCTP listening\n port on a target system, causing a kernel panic (denial of service).\n (CVE-2010-1173, Important)\n\n * a race condition between finding a keyring by name and destroying a freed\n keyring was found in the Linux kernel key management facility. A local,\n unprivileged user could use this flaw to cause a kernel panic (denial of\n service) or escalate their privileges. (CVE-2010-1437, Important)\n\n Red Hat would like to thank Simon Vallet for responsibly reporting\n CVE-2009-3726; and Jukka Taimisto and Olli Jarva of Codenomicon Ltd, Nokia\n Siemens Networks, and Wind River on behalf of their customer, for\n responsibly reporting CVE-2010-1173.\n\n Bug fixes:\n\n * RHBA-2007:0791 introduced a regression in the Journaling Block Device\n (JBD). Under certain circumstances, removing a large file (such as 300 MB\n or more) did not result in inactive memory being freed, leading to the\n system having a large amount of inactive memory. Now, the memory is\n correctly freed. (BZ#589155)\n\n * the timer_interrupt() routine did not scale lost real ticks to logical\n ticks correctly, possibly causing time drift for 64-bit Red Hat Enterprise\n Linux 4 KVM (Kernel-based Virtual Machine) guests that were booted with the\n "divider=x" kernel parameter set to a value greater than 1. "warning: many\n lost ticks" messages may have been logged on the affected guest systems.\n (BZ#590551)\n\n * a bug could have prevented NFSv3 clients from having the most up-to-date\n file attributes for files on a given NFSv3 file system. In cases where a\n file type changed, such as if a file was removed and replaced with a\n directory of the same name, the NFSv3 client may not have noticed this\n change until stat(2) was called (for example, by running "ls -l").\n (BZ#596372)\n\n * RHBA-2007:0791 introduced bugs in the Li ...\n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-August/016934.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880414\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0474\");\n script_cve_id(\"CVE-2009-3726\", \"CVE-2010-1173\", \"CVE-2010-1437\");\n script_name(\"CentOS Update for kernel CESA-2010:0474 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.28.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:53", "description": "The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:1211.\n\nFor details on the issues addressed with this update, please visit\nthe referenced security advisories.", "cvss3": {}, "published": "2009-08-17T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1211", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1389", "CVE-2009-1633", "CVE-2009-1439"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:64599", "href": "http://plugins.openvas.org/nasl.php?oid=64599", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1211.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1211 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"Users should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\nPlease note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\ntag_summary = \"The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:1211.\n\nFor details on the issues addressed with this update, please visit\nthe referenced security advisories.\";\n\n\n\n\nif(description)\n{\n script_id(64599);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2009-1389\", \"CVE-2009-1439\", \"CVE-2009-1633\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1211\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1211.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:49", "description": "The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:1211.\n\nFor details on the issues addressed with this update, please visit\nthe referenced security advisories.", "cvss3": {}, "published": "2009-08-17T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1211", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1389", "CVE-2009-1633", "CVE-2009-1439"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064599", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064599", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1211.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1211 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"Users should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\nPlease note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\ntag_summary = \"The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:1211.\n\nFor details on the issues addressed with this update, please visit\nthe referenced security advisories.\";\n\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64599\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2009-1389\", \"CVE-2009-1439\", \"CVE-2009-1633\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1211\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1211.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.7.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:34", "description": "Oracle Linux Local Security Checks ELSA-2009-1670", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-1670", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3726", "CVE-2009-3620", "CVE-2009-3612"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122408", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122408", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-1670.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122408\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:44:45 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-1670\");\n script_tag(name:\"insight\", value:\"ELSA-2009-1670 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-1670\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-1670.html\");\n script_cve_id(\"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~164.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~164.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~164.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~164.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~164.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~164.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~164.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~164.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~164.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~164.9.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~164.9.1.0.1.el5~1.4.4~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~164.9.1.0.1.el5PAE~1.4.4~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~164.9.1.0.1.el5debug~1.4.4~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~164.9.1.0.1.el5xen~1.4.4~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~164.9.1.0.1.el5~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~164.9.1.0.1.el5PAE~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~164.9.1.0.1.el5debug~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~164.9.1.0.1.el5xen~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2009:1670 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3726", "CVE-2009-3620", "CVE-2009-3612"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880828", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880828", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:1670 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-December/016374.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880828\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2009:1670\");\n script_cve_id(\"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n script_name(\"CentOS Update for kernel CESA-2009:1670 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 5\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n Security fixes:\n\n * NULL pointer dereference flaws in the r128 driver. Checks to test if the\n Concurrent Command Engine state was initialized were missing in private\n IOCTL functions. An attacker could use these flaws to cause a local denial\n of service or escalate their privileges. (CVE-2009-3620, Important)\n\n * a NULL pointer dereference flaw in the NFSv4 implementation. Several\n NFSv4 file locking functions failed to check whether a file had been opened\n on the server before performing locking operations on it. A local user on a\n system with an NFSv4 share mounted could possibly use this flaw to cause a\n denial of service or escalate their privileges. (CVE-2009-3726, Important)\n\n * a flaw in tcf_fill_node(). A certain data structure in this function was\n not initialized properly before being copied to user-space. This could lead\n to an information leak. (CVE-2009-3612, Moderate)\n\n * unix_stream_connect() did not check if a UNIX domain socket was in the\n shutdown state. This could lead to a deadlock. A local, unprivileged user\n could use this flaw to cause a denial of service. (CVE-2009-3621, Moderate)\n\n Knowledgebase DOC-20536 has steps to mitigate NULL pointer dereference\n flaws.\n\n Bug fixes:\n\n * frequently changing a CPU between online and offline caused a kernel\n panic on some systems. (BZ#545583)\n\n * for the LSI Logic LSI53C1030 Ultra320 SCSI controller, read commands sent\n could receive incorrect data, preventing correct data transfer. (BZ#529308)\n\n * pciehp could not detect PCI Express hot plug slots on some systems.\n (BZ#530383)\n\n * soft lockups: inotify race and contention on dcache_lock. (BZ#533822,\n BZ#537019)\n\n * priority ordered lists are now used for threads waiting for a given\n mutex. (BZ#533858)\n\n * a deadlock in DLM could cause GFS2 file systems to lock up. (BZ#533859)\n\n * use-after-free bug in the audit subsystem crashed certain systems when\n running usermod. (BZ#533861)\n\n * on certain hardware configurations, a kernel panic when the Broadcom\n iSCSI offload driver (bnx2i.ko and cnic.ko) was loaded. (BZ#537014)\n\n * qla2xxx: Enabled MSI-X, and correctly handle the module parameter to\n control it. This improves performance for certain systems. (BZ#537020)\n\n * system crash when reading the cpuaffinity file on a system. (BZ#537346)\n\n * suspend-resume problems on systems with lots of logical CPUs, e.g. BX-EX.\n (BZ#539674)\n\n * off-by-one error in the legacy PCI bus check. (BZ#539675)\n\n * TSC was not made available ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-04-06T11:38:05", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1670.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1670 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3726", "CVE-2009-3620", "CVE-2009-3612"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066618", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066618", "sourceData": "#CESA-2009:1670 66618 2\n# $Id: ovcesa2009_1670.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1670 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1670\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1670\nhttps://rhn.redhat.com/errata/RHSA-2009-1670.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1670.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66618\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1670 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:43", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1670.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes:\n\n* NULL pointer dereference flaws in the r128 driver. Checks to test if the\nConcurrent Command Engine state was initialized were missing in private\nIOCTL functions. An attacker could use these flaws to cause a local denial\nof service or escalate their privileges. (CVE-2009-3620, Important)\n\n* a NULL pointer dereference flaw in the NFSv4 implementation. Several\nNFSv4 file locking functions failed to check whether a file had been opened\non the server before performing locking operations on it. A local user on a\nsystem with an NFSv4 share mounted could possibly use this flaw to cause a\ndenial of service or escalate their privileges. (CVE-2009-3726, Important)\n\n* a flaw in tcf_fill_node(). A certain data structure in this function was\nnot initialized properly before being copied to user-space. This could lead\nto an information leak. (CVE-2009-3612, Moderate)\n\n* unix_stream_connect() did not check if a UNIX domain socket was in the\nshutdown state. This could lead to a deadlock. A local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2009-3621, Moderate)\n\nKnowledgebase DOC-20536 has steps to mitigate NULL pointer dereference\nflaws.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1670", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3726", "CVE-2009-3620", "CVE-2009-3612"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066534", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066534", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1670.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1670 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1670.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes:\n\n* NULL pointer dereference flaws in the r128 driver. Checks to test if the\nConcurrent Command Engine state was initialized were missing in private\nIOCTL functions. An attacker could use these flaws to cause a local denial\nof service or escalate their privileges. (CVE-2009-3620, Important)\n\n* a NULL pointer dereference flaw in the NFSv4 implementation. Several\nNFSv4 file locking functions failed to check whether a file had been opened\non the server before performing locking operations on it. A local user on a\nsystem with an NFSv4 share mounted could possibly use this flaw to cause a\ndenial of service or escalate their privileges. (CVE-2009-3726, Important)\n\n* a flaw in tcf_fill_node(). A certain data structure in this function was\nnot initialized properly before being copied to user-space. This could lead\nto an information leak. (CVE-2009-3612, Moderate)\n\n* unix_stream_connect() did not check if a UNIX domain socket was in the\nshutdown state. This could lead to a deadlock. A local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2009-3621, Moderate)\n\nKnowledgebase DOC-20536 has steps to mitigate NULL pointer dereference\nflaws.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66534\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1670\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1670.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n script_xref(name : \"URL\" , value : \"http://kbase.redhat.com/faq/docs/DOC-20536\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-devel\", rpm:\"kernel-kdump-devel~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:20", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1670.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1670 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3726", "CVE-2009-3620", "CVE-2009-3612"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66618", "href": "http://plugins.openvas.org/nasl.php?oid=66618", "sourceData": "#CESA-2009:1670 66618 2\n# $Id: ovcesa2009_1670.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1670 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1670\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1670\nhttps://rhn.redhat.com/errata/RHSA-2009-1670.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1670.\";\n\n\n\nif(description)\n{\n script_id(66618);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1670 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:39", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2009:1670 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3726", "CVE-2009-3620", "CVE-2009-3612"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880828", "href": "http://plugins.openvas.org/nasl.php?oid=880828", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:1670 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n Security fixes:\n \n * NULL pointer dereference flaws in the r128 driver. Checks to test if the\n Concurrent Command Engine state was initialized were missing in private\n IOCTL functions. An attacker could use these flaws to cause a local denial\n of service or escalate their privileges. (CVE-2009-3620, Important)\n \n * a NULL pointer dereference flaw in the NFSv4 implementation. Several\n NFSv4 file locking functions failed to check whether a file had been opened\n on the server before performing locking operations on it. A local user on a\n system with an NFSv4 share mounted could possibly use this flaw to cause a\n denial of service or escalate their privileges. (CVE-2009-3726, Important)\n \n * a flaw in tcf_fill_node(). A certain data structure in this function was\n not initialized properly before being copied to user-space. This could lead\n to an information leak. (CVE-2009-3612, Moderate)\n \n * unix_stream_connect() did not check if a UNIX domain socket was in the\n shutdown state. This could lead to a deadlock. A local, unprivileged user\n could use this flaw to cause a denial of service. (CVE-2009-3621, Moderate)\n \n Knowledgebase DOC-20536 has steps to mitigate NULL pointer dereference\n flaws.\n \n Bug fixes:\n \n * frequently changing a CPU between online and offline caused a kernel\n panic on some systems. (BZ#545583)\n \n * for the LSI Logic LSI53C1030 Ultra320 SCSI controller, read commands sent\n could receive incorrect data, preventing correct data transfer. (BZ#529308)\n \n * pciehp could not detect PCI Express hot plug slots on some systems.\n (BZ#530383)\n \n * soft lockups: inotify race and contention on dcache_lock. (BZ#533822,\n BZ#537019)\n \n * priority ordered lists are now used for threads waiting for a given\n mutex. (BZ#533858)\n \n * a deadlock in DLM could cause GFS2 file systems to lock up. (BZ#533859)\n \n * use-after-free bug in the audit subsystem crashed certain systems when\n running usermod. (BZ#533861)\n \n * on certain hardware configurations, a kernel panic when the Broadcom\n iSCSI offload driver (bnx2i.ko and cnic.ko) was loaded. (BZ#537014)\n \n * qla2xxx: Enabled MSI-X, and correctly handle the module parameter to\n control it. This improves performance for certain systems. (BZ#537020)\n \n * system crash when reading the cpuaffinity file on a system. (BZ#537346)\n \n * suspend-resume problems on systems with lots of logical CPUs, e.g. BX-EX.\n (BZ#539674)\n \n * off-by-one error in the legacy PCI bus check. (BZ#539675)\n \n * TSC was not made available ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-December/016374.html\");\n script_id(880828);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2009:1670\");\n script_cve_id(\"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n script_name(\"CentOS Update for kernel CESA-2009:1670 centos5 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~164.9.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:10", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1670.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes:\n\n* NULL pointer dereference flaws in the r128 driver. Checks to test if the\nConcurrent Command Engine state was initialized were missing in private\nIOCTL functions. An attacker could use these flaws to cause a local denial\nof service or escalate their privileges. (CVE-2009-3620, Important)\n\n* a NULL pointer dereference flaw in the NFSv4 implementation. Several\nNFSv4 file locking functions failed to check whether a file had been opened\non the server before performing locking operations on it. A local user on a\nsystem with an NFSv4 share mounted could possibly use this flaw to cause a\ndenial of service or escalate their privileges. (CVE-2009-3726, Important)\n\n* a flaw in tcf_fill_node(). A certain data structure in this function was\nnot initialized properly before being copied to user-space. This could lead\nto an information leak. (CVE-2009-3612, Moderate)\n\n* unix_stream_connect() did not check if a UNIX domain socket was in the\nshutdown state. This could lead to a deadlock. A local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2009-3621, Moderate)\n\nKnowledgebase DOC-20536 has steps to mitigate NULL pointer dereference\nflaws.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1670", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3726", "CVE-2009-3620", "CVE-2009-3612"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:66534", "href": "http://plugins.openvas.org/nasl.php?oid=66534", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1670.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1670 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1670.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes:\n\n* NULL pointer dereference flaws in the r128 driver. Checks to test if the\nConcurrent Command Engine state was initialized were missing in private\nIOCTL functions. An attacker could use these flaws to cause a local denial\nof service or escalate their privileges. (CVE-2009-3620, Important)\n\n* a NULL pointer dereference flaw in the NFSv4 implementation. Several\nNFSv4 file locking functions failed to check whether a file had been opened\non the server before performing locking operations on it. A local user on a\nsystem with an NFSv4 share mounted could possibly use this flaw to cause a\ndenial of service or escalate their privileges. (CVE-2009-3726, Important)\n\n* a flaw in tcf_fill_node(). A certain data structure in this function was\nnot initialized properly before being copied to user-space. This could lead\nto an information leak. (CVE-2009-3612, Moderate)\n\n* unix_stream_connect() did not check if a UNIX domain socket was in the\nshutdown state. This could lead to a deadlock. A local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2009-3621, Moderate)\n\nKnowledgebase DOC-20536 has steps to mitigate NULL pointer dereference\nflaws.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(66534);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1670\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1670.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n script_xref(name : \"URL\" , value : \"http://kbase.redhat.com/faq/docs/DOC-20536\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-devel\", rpm:\"kernel-kdump-devel~2.6.18~164.9.1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:43", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1671.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux\nkernel. pci_unmap_single() presented a memory leak that could lead to IOMMU\nspace exhaustion and a system crash. An attacker on the local network could\ntrigger this flaw by using jumbo frames for large amounts of network\ntraffic. (CVE-2009-3613, Important)\n\n* NULL pointer dereference flaws were found in the r128 driver in the Linux\nkernel. Checks to test if the Concurrent Command Engine state was\ninitialized were missing in private IOCTL functions. An attacker could use\nthese flaws to cause a local denial of service or escalate their\nprivileges. (CVE-2009-3620, Important)\n\n* an information leak was found in the Linux kernel. On AMD64 systems,\n32-bit processes could access and read certain 64-bit registers by\ntemporarily switching themselves to 64-bit mode. (CVE-2009-2910, Moderate)\n\n* the unix_stream_connect() function in the Linux kernel did not check if a\nUNIX domain socket was in the shutdown state. This could lead to a\ndeadlock. A local, unprivileged user could use this flaw to cause a denial\nof service. (CVE-2009-3621, Moderate)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1671", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3613", "CVE-2009-3621", "CVE-2009-2910", "CVE-2009-3620"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066535", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066535", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1671.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1671 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1671.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux\nkernel. pci_unmap_single() presented a memory leak that could lead to IOMMU\nspace exhaustion and a system crash. An attacker on the local network could\ntrigger this flaw by using jumbo frames for large amounts of network\ntraffic. (CVE-2009-3613, Important)\n\n* NULL pointer dereference flaws were found in the r128 driver in the Linux\nkernel. Checks to test if the Concurrent Command Engine state was\ninitialized were missing in private IOCTL functions. An attacker could use\nthese flaws to cause a local denial of service or escalate their\nprivileges. (CVE-2009-3620, Important)\n\n* an information leak was found in the Linux kernel. On AMD64 systems,\n32-bit processes could access and read certain 64-bit registers by\ntemporarily switching themselves to 64-bit mode. (CVE-2009-2910, Moderate)\n\n* the unix_stream_connect() function in the Linux kernel did not check if a\nUNIX domain socket was in the shutdown state. This could lead to a\ndeadlock. A local, unprivileged user could use this flaw to cause a denial\nof service. (CVE-2009-3621, Moderate)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66535\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-2910\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1671\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1671.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2009:1671 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3613", "CVE-2009-3621", "CVE-2009-2910", "CVE-2009-3620"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880764", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880764", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:1671 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-December/016393.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880764\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2009:1671\");\n script_cve_id(\"CVE-2009-2910\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_name(\"CentOS Update for kernel CESA-2009:1671 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 4\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * a flaw was found in the Realtek r8169 Ethernet driver in the Linux\n kernel. pci_unmap_single() presented a memory leak that could lead to IOMMU\n space exhaustion and a system crash. An attacker on the local network could\n trigger this flaw by using jumbo frames for large amounts of network\n traffic. (CVE-2009-3613, Important)\n\n * NULL pointer dereference flaws were found in the r128 driver in the Linux\n kernel. Checks to test if the Concurrent Command Engine state was\n initialized were missing in private IOCTL functions. An attacker could use\n these flaws to cause a local denial of service or escalate their\n privileges. (CVE-2009-3620, Important)\n\n * an information leak was found in the Linux kernel. On AMD64 systems,\n 32-bit processes could access and read certain 64-bit registers by\n temporarily switching themselves to 64-bit mode. (CVE-2009-2910, Moderate)\n\n * the unix_stream_connect() function in the Linux kernel did not check if a\n UNIX domain socket was in the shutdown state. This could lead to a\n deadlock. A local, unprivileged user could use this flaw to cause a denial\n of service. (CVE-2009-3621, Moderate)\n\n This update also fixes the following bugs:\n\n * an iptables rule with the recent module and a hit count value greater\n than the ip_pkt_list_tot parameter (the default is 20), did not have any\n effect over packets, as the hit count could not be reached. (BZ#529306)\n\n * in environments that use dual-controller storage devices with the cciss\n driver, Device-Mapper Multipath maps could not be detected and configured,\n due to the cciss driver not exporting the bus attribute via sysfs. This\n attribute is now exported. (BZ#529309)\n\n * the kernel crashed with a divide error when a certain joystick was\n attached. (BZ#532027)\n\n * a bug in the mptctl_do_mpt_command() function in the mpt driver may have\n resulted in crashes during boot on i386 systems with certain adapters using\n the mpt driver, and also running the hugemem kernel. (BZ#533798)\n\n * on certain hardware, the igb driver was unable to detect link statuses\n correctly. This may have caused problems for network bonding, such as\n failover not occurring. (BZ#534105)\n\n * the RHSA-2009:1024 update introduced a regression. After updating to Red\n Hat Enterprise Linux 4.8 and rebooting, network links often failed to be\n brought up for interfaces using the forcedeth driver. 'no link during\n initialization' messages may have been logg ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-04-06T11:39:57", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1671.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1671 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3613", "CVE-2009-3621", "CVE-2009-2910", "CVE-2009-3620"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066622", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066622", "sourceData": "#CESA-2009:1671 66622 2\n# $Id: ovcesa2009_1671.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1671 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1671\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1671\nhttps://rhn.redhat.com/errata/RHSA-2009-1671.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1671.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66622\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-2910\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1671 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:30", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1671.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux\nkernel. pci_unmap_single() presented a memory leak that could lead to IOMMU\nspace exhaustion and a system crash. An attacker on the local network could\ntrigger this flaw by using jumbo frames for large amounts of network\ntraffic. (CVE-2009-3613, Important)\n\n* NULL pointer dereference flaws were found in the r128 driver in the Linux\nkernel. Checks to test if the Concurrent Command Engine state was\ninitialized were missing in private IOCTL functions. An attacker could use\nthese flaws to cause a local denial of service or escalate their\nprivileges. (CVE-2009-3620, Important)\n\n* an information leak was found in the Linux kernel. On AMD64 systems,\n32-bit processes could access and read certain 64-bit registers by\ntemporarily switching themselves to 64-bit mode. (CVE-2009-2910, Moderate)\n\n* the unix_stream_connect() function in the Linux kernel did not check if a\nUNIX domain socket was in the shutdown state. This could lead to a\ndeadlock. A local, unprivileged user could use this flaw to cause a denial\nof service. (CVE-2009-3621, Moderate)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1671", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3613", "CVE-2009-3621", "CVE-2009-2910", "CVE-2009-3620"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:66535", "href": "http://plugins.openvas.org/nasl.php?oid=66535", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1671.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1671 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1671.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux\nkernel. pci_unmap_single() presented a memory leak that could lead to IOMMU\nspace exhaustion and a system crash. An attacker on the local network could\ntrigger this flaw by using jumbo frames for large amounts of network\ntraffic. (CVE-2009-3613, Important)\n\n* NULL pointer dereference flaws were found in the r128 driver in the Linux\nkernel. Checks to test if the Concurrent Command Engine state was\ninitialized were missing in private IOCTL functions. An attacker could use\nthese flaws to cause a local denial of service or escalate their\nprivileges. (CVE-2009-3620, Important)\n\n* an information leak was found in the Linux kernel. On AMD64 systems,\n32-bit processes could access and read certain 64-bit registers by\ntemporarily switching themselves to 64-bit mode. (CVE-2009-2910, Moderate)\n\n* the unix_stream_connect() function in the Linux kernel did not check if a\nUNIX domain socket was in the shutdown state. This could lead to a\ndeadlock. A local, unprivileged user could use this flaw to cause a denial\nof service. (CVE-2009-3621, Moderate)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(66535);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-2910\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1671\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1671.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.18.EL\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:59", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1671.", "cvss3": {}, "published": "2009-12-30T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1671 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3613", "CVE-2009-3621", "CVE-2009-2910", "CVE-2009-3620"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:66622", "href": "http://plugins.openvas.org/nasl.php?oid=66622", "sourceData": "#CESA-2009:1671 66622 2\n# $Id: ovcesa2009_1671.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1671 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1671\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1671\nhttps://rhn.redhat.com/errata/RHSA-2009-1671.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:1671.\";\n\n\n\nif(description)\n{\n script_id(66622);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)\");\n script_cve_id(\"CVE-2009-2910\", \"CVE-2009-3613\", \"CVE-2009-3620\", \"CVE-2009-3621\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1671 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.0.18.EL\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:17:56", "description": "Several security issues and some bugs were fixed in the SUSE Linux Enterprise 9 kernel.\n#### Solution\nThere is no known workaround, please install the update packages.", "cvss3": {}, "published": "2009-11-16T13:03:36", "type": "suse", "title": "local privilege escalation in kernel", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-3726", "CVE-2009-2910", "CVE-2009-1192", "CVE-2009-3547", "CVE-2009-3002", "CVE-2009-1633", "CVE-2009-2848", "CVE-2009-2909"], "modified": "2009-11-16T13:03:36", "id": "SUSE-SA:2009:056", "href": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:26:04", "description": "This update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel.\n#### Solution\nThere is no known workaround, please install the update packages.", "cvss3": {}, "published": "2009-11-11T17:52:30", "type": "suse", "title": "local privilege escalation in kernel", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3238", "CVE-2009-1192", "CVE-2009-3547", "CVE-2009-3002", "CVE-2009-1633", "CVE-2009-2848", "CVE-2009-2909"], "modified": "2009-11-11T17:52:30", "id": "SUSE-SA:2009:054", "href": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-04T11:37:59", "description": "This update fixes various bugs and some security issues in the SUSE Linux Enterprise 10 SP 3 kernel.\n#### Solution\nThere is no known workaround, please install the update packages.", "cvss3": {}, "published": "2009-11-12T19:03:35", "type": "suse", "title": "local privilege escalation in kernel", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3238", "CVE-2009-1192", "CVE-2009-3547", "CVE-2009-2909"], "modified": "2009-11-12T19:03:35", "id": "SUSE-SA:2009:055", "href": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00006.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-04T11:54:56", "description": "The SUSE Linux Enterprise 11 and openSUSE 11.1 kernel was updated to 2.6.27.37 fixing various bugs and security issues.\n#### Solution\nThere is no known workaround, please install the update packages.", "cvss3": {}, "published": "2009-11-02T17:52:48", "type": "suse", "title": "potential local privilege escalation in kernel", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-2910", "CVE-2009-3002", "CVE-2009-2909"], "modified": "2009-11-02T17:52:48", "id": "SUSE-SA:2009:051", "href": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00000.html", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-04T11:48:25", "description": "This kernel update for openSUSE 11.0 fixes some bugs and several security problems.\n#### Solution\nThere is no known workaround, please install the update packages.", "cvss3": {}, "published": "2010-02-15T16:54:24", "type": "suse", "title": "local privilege escalation, remote denial of in kernel", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-3939", "CVE-2010-0007", "CVE-2009-3621", "CVE-2009-3726", "CVE-2009-2910", "CVE-2009-3238", "CVE-2009-4538", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-3002", "CVE-2009-4536", "CVE-2009-1633", "CVE-2009-4308", "CVE-2009-2848", "CVE-2009-2903", "CVE-2009-4021", "CVE-2010-0003", "CVE-2009-3286", "CVE-2009-3612", "CVE-2009-4138"], "modified": "2010-02-15T16:54:24", "id": "SUSE-SA:2010:012", "href": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:28:11", "description": "The SUSE Linux Enterprise 11 and openSUSE 11.1 Kernel was updated to 2.6.27.39 fixing various bugs and security issues.\n#### Solution\nThere is no known workaround, please install the update packages.", "cvss3": {}, "published": "2009-12-02T17:15:31", "type": "suse", "title": "remote denial of service in kernel", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-3621", "CVE-2009-3726", "CVE-2009-2910", "CVE-2009-3547", "CVE-2009-3620", "CVE-2009-2903", "CVE-2005-4881", "CVE-2009-3286", "CVE-2009-3612"], "modified": "2009-12-02T17:15:31", "id": "SUSE-SA:2009:060", "href": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00001.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2023-05-18T14:28:01", "description": "This update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel.\n\nThe following security issues were fixed: CVE-2009-3547: A race condition during pipe open could be used by local attackers to elevate privileges.\n\n - On x86_64 systems a information leak of high register contents (upper 32bit) was fixed. (CVE-2009-2910)\n\n - The randomness of the ASLR methods used in the kernel was increased. (CVE-2009-3238)\n\n - A information leak from the kernel due to uninitialized memory in AGP handling was fixed. (CVE-2009-1192)\n\n - A signed comparison in the ax25 sockopt handler was fixed which could be used to crash the kernel or potentially execute code. (CVE-2009-2909)\n\n - The execve function in the Linux kernel did not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. (CVE-2009-2848)\n\n - Fixed various sockethandler getname leaks, which could disclose memory previously used by the kernel or other userland processes to the local attacker.\n (CVE-2009-3002)\n\n - Multiple buffer overflows in the cifs subsystem in the Linux kernel allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c. (CVE-2009-1633)\n\nAlso see the RPM changelog for more changes.", "cvss3": {}, "published": "2009-11-11T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6632)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1192", "CVE-2009-1633", "CVE-2009-2848", "CVE-2009-2909", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3238", "CVE-2009-3547"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-6632.NASL", "href": "https://www.tenable.com/plugins/nessus/42465", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42465);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1192\", \"CVE-2009-1633\", \"CVE-2009-2848\", \"CVE-2009-2909\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3238\", \"CVE-2009-3547\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6632)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a several security issues and various bugs in the\nSUSE Linux Enterprise 10 SP 2 kernel.\n\nThe following security issues were fixed: CVE-2009-3547: A race\ncondition during pipe open could be used by local attackers to elevate\nprivileges.\n\n - On x86_64 systems a information leak of high register\n contents (upper 32bit) was fixed. (CVE-2009-2910)\n\n - The randomness of the ASLR methods used in the kernel\n was increased. (CVE-2009-3238)\n\n - A information leak from the kernel due to uninitialized\n memory in AGP handling was fixed. (CVE-2009-1192)\n\n - A signed comparison in the ax25 sockopt handler was\n fixed which could be used to crash the kernel or\n potentially execute code. (CVE-2009-2909)\n\n - The execve function in the Linux kernel did not properly\n clear the current->clear_child_tid pointer, which allows\n local users to cause a denial of service (memory\n corruption) or possibly gain privileges via a clone\n system call with CLONE_CHILD_SETTID or\n CLONE_CHILD_CLEARTID enabled, which is not properly\n handled during thread creation and exit. (CVE-2009-2848)\n\n - Fixed various sockethandler getname leaks, which could\n disclose memory previously used by the kernel or other\n userland processes to the local attacker.\n (CVE-2009-3002)\n\n - Multiple buffer overflows in the cifs subsystem in the\n Linux kernel allow remote CIFS servers to cause a denial\n of service (memory corruption) and possibly have\n unspecified other impact via (1) a malformed Unicode\n string, related to Unicode string area alignment in\n fs/cifs/sess.c; or (2) long Unicode characters, related\n to fs/cifs/cifssmb.c and the cifs_readdir function in\n fs/cifs/readdir.c. (CVE-2009-1633)\n\nAlso see the RPM changelog for more changes.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1192.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1633.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2848.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2909.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2910.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3002.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3238.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3547.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6632.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119, 189, 200, 310, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.42.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:29", "description": "This update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel.\n\nThe following security issues were fixed: CVE-2009-3547: A race condition during pipe open could be used by local attackers to elevate privileges.\n\n - On x86_64 systems a information leak of high register contents (upper 32bit) was fixed. (CVE-2009-2910)\n\n - The randomness of the ASLR methods used in the kernel was increased. (CVE-2009-3238)\n\n - A information leak from the kernel due to uninitialized memory in AGP handling was fixed. (CVE-2009-1192)\n\n - A signed comparison in the ax25 sockopt handler was fixed which could be used to crash the kernel or potentially execute code. (CVE-2009-2909)\n\n - The execve function in the Linux kernel did not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. (CVE-2009-2848)\n\n - Fixed various sockethandler getname leaks, which could disclose memory previously used by the kernel or other userland processes to the local attacker.\n (CVE-2009-3002)\n\n - Multiple buffer overflows in the cifs subsystem in the Linux kernel allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c. (CVE-2009-1633)\n\nAlso see the RPM changelog for more changes.", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6636)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1192", "CVE-2009-1633", "CVE-2009-2848", "CVE-2009-2909", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3238", "CVE-2009-3547"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-6636.NASL", "href": "https://www.tenable.com/plugins/nessus/59140", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59140);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1192\", \"CVE-2009-1633\", \"CVE-2009-2848\", \"CVE-2009-2909\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3238\", \"CVE-2009-3547\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6636)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a several security issues and various bugs in the\nSUSE Linux Enterprise 10 SP 2 kernel.\n\nThe following security issues were fixed: CVE-2009-3547: A race\ncondition during pipe open could be used by local attackers to elevate\nprivileges.\n\n - On x86_64 systems a information leak of high register\n contents (upper 32bit) was fixed. (CVE-2009-2910)\n\n - The randomness of the ASLR methods used in the kernel\n was increased. (CVE-2009-3238)\n\n - A information leak from the kernel due to uninitialized\n memory in AGP handling was fixed. (CVE-2009-1192)\n\n - A signed comparison in the ax25 sockopt handler was\n fixed which could be used to crash the kernel or\n potentially execute code. (CVE-2009-2909)\n\n - The execve function in the Linux kernel did not properly\n clear the current->clear_child_tid pointer, which allows\n local users to cause a denial of service (memory\n corruption) or possibly gain privileges via a clone\n system call with CLONE_CHILD_SETTID or\n CLONE_CHILD_CLEARTID enabled, which is not properly\n handled during thread creation and exit. (CVE-2009-2848)\n\n - Fixed various sockethandler getname leaks, which could\n disclose memory previously used by the kernel or other\n userland processes to the local attacker.\n (CVE-2009-3002)\n\n - Multiple buffer overflows in the cifs subsystem in the\n Linux kernel allow remote CIFS servers to cause a denial\n of service (memory corruption) and possibly have\n unspecified other impact via (1) a malformed Unicode\n string, related to Unicode string area alignment in\n fs/cifs/sess.c; or (2) long Unicode characters, related\n to fs/cifs/cifssmb.c and the cifs_readdir function in\n fs/cifs/readdir.c. (CVE-2009-1633)\n\nAlso see the RPM changelog for more changes.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1192.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1633.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2848.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2909.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2910.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3002.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3238.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3547.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6636.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(119, 189, 200, 310, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.42.7\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.42.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-30T14:08:47", "description": "The openSUSE 11.1 Kernel was updated to 2.6.27.37 fixing various bugs and security issues.\n\nFollowing security issues were fixed: CVE-2009-2909: Unsigned check in the ax25 socket handler could allow local attackers to potentially crash the kernel or even execute code.\n\nCVE-2009-3002: Fixed various sockethandler getname leaks, which could disclose memory previously used by the kernel or other userland processes to the local attacker.\n\nCVE-2009-2910: A information leakage with upper 32bit register values on x86_64 systems was fixed.\n\nVarious KVM stability and security fixes have also been added.", "cvss3": {}, "published": "2009-11-02T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-1415)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2909", "CVE-2009-2910", "CVE-2009-3002"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-extra", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-extra", "p-cpe:/a:novell:opensuse:kernel-ec2", "p-cpe:/a:novell:opensuse:kernel-ec2-base", "p-cpe:/a:novell:opensuse:kernel-ec2-extra", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-extra", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-trace", "p-cpe:/a:novell:opensuse:kernel-trace-base", "p-cpe:/a:novell:opensuse:kernel-trace-extra", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-xen-extra", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_KERNEL-091016.NASL", "href": "https://www.tenable.com/plugins/nessus/42334", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-1415.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42334);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2909\", \"CVE-2009-2910\", \"CVE-2009-3002\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-1415)\");\n script_summary(english:\"Check for the kernel-1415 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE 11.1 Kernel was updated to 2.6.27.37 fixing various bugs\nand security issues.\n\nFollowing security issues were fixed: CVE-2009-2909: Unsigned check in\nthe ax25 socket handler could allow local attackers to potentially\ncrash the kernel or even execute code.\n\nCVE-2009-3002: Fixed various sockethandler getname leaks, which could\ndisclose memory previously used by the kernel or other userland\nprocesses to the local attacker.\n\nCVE-2009-2910: A information leakage with upper 32bit register values\non x86_64 systems was fixed.\n\nVarious KVM stability and security fixes have also been added.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=410452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=441650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=448410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=459146\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=466279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=466554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=471396\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=472342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=476582\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=477816\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=483375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=483706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487412\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490030\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=498708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501563\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=504646\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=509753\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=511306\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=514022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=515640\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=524242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=527754\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=528769\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=531260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=531384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=531437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=531533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=531633\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=532063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=532443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=532598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=533267\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534214\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534961\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534977\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535380\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535409\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535497\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535801\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535880\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535947\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=536117\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=537435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=541403\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=544759\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=544779\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=545013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=545236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=546006\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(189, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-debug-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-debug-base-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-debug-extra-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-default-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-default-base-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-default-extra-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-ec2-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-ec2-base-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-ec2-extra-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-pae-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-pae-base-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-pae-extra-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-source-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-syms-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-trace-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-trace-base-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-trace-extra-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-vanilla-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-xen-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-xen-base-2.6.27.37-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-xen-extra-2.6.27.37-0.1.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-debug-base / kernel-debug-extra / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-31T14:19:44", "description": "The SUSE Linux Enterprise 11 Kernel was updated to 2.6.27.37 fixing various bugs and security issues.\n\nThe following security issues were fixed :\n\n - Unsigned check in the ax25 socket handler could allow local attackers to potentially crash the kernel or even execute code. (CVE-2009-2909)\n\n - Fixed various sockethandler getname leaks, which could disclose memory previously used by the kernel or other userland processes to the local attacker.\n (CVE-2009-3002)\n\n - A information leakage with upper 32bit register values on x86_64 systems was fixed. (CVE-2009-2910)\n\nVarious KVM stability and security fixes have also been added.", "cvss3": {}, "published": "2009-11-03T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1410 / 1412 / 1413)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2909", "CVE-2009-2910", "CVE-2009-3002"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-vmi", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen", "p-cpe:/a:novell:suse_linux:11:kernel-default", "p-cpe:/a:novell:suse_linux:11:kernel-default-base", "p-cpe:/a:novell:suse_linux:11:kernel-default-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default-man", "p-cpe:/a:novell:suse_linux:11:kernel-pae", "p-cpe:/a:novell:suse_linux:11:kernel-pae-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:11:kernel-source", "p-cpe:/a:novell:suse_linux:11:kernel-syms", "p-cpe:/a:novell:suse_linux:11:kernel-vmi", "p-cpe:/a:novell:suse_linux:11:kernel-vmi-base", "p-cpe:/a:novell:suse_linux:11:kernel-xen", "p-cpe:/a:novell:suse_linux:11:kernel-xen-base", "p-cpe:/a:novell:suse_linux:11:kernel-xen-extra", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_KERNEL-091015.NASL", "href": "https://www.tenable.com/plugins/nessus/42343", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42343);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2909\", \"CVE-2009-2910\", \"CVE-2009-3002\");\n\n script_name(english:\"SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1410 / 1412 / 1413)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 Kernel was updated to 2.6.27.37 fixing\nvarious bugs and security issues.\n\nThe following security issues were fixed :\n\n - Unsigned check in the ax25 socket handler could allow\n local attackers to potentially crash the kernel or even\n execute code. (CVE-2009-2909)\n\n - Fixed various sockethandler getname leaks, which could\n disclose memory previously used by the kernel or other\n userland processes to the local attacker.\n (CVE-2009-3002)\n\n - A information leakage with upper 32bit register values\n on x86_64 systems was fixed. (CVE-2009-2910)\n\nVarious KVM stability and security fixes have also been added.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=410452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=441650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=448410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=459146\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=466554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=471396\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=472342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=476582\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=477816\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=483375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=483706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487412\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490030\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=498708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501563\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=504646\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=509753\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=511306\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=514022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=515640\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=524242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=527754\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=528769\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=531260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=531384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=531437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=531533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=531633\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=532063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=532443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=532598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=533267\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534214\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534961\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534977\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535380\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535409\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535497\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535801\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535880\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535890\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=535947\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=536117\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=537435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=541403\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=544759\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=544779\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=545013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=545236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=546006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2909.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2910.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3002.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 1410 / 1412 / 1413 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(189, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-vmi-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-base-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-extra-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-base-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-extra-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-source-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-syms-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-base-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-extra-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-base-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-extra-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-source-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-syms-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-base-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-extra-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ext4dev-kmp-default-0_2.6.27.37_0.1-7.1.18\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-default-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-default-base-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-source-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-syms-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-pae-0_2.6.27.37_0.1-7.1.18\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-vmi-0_2.6.27.37_0.1-7.1.18\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-xen-0_2.6.27.37_0.1-7.1.18\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-base-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-vmi-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-vmi-base-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-base-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"kernel-default-man-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"ext4dev-kmp-xen-0_2.6.27.37_0.1-7.1.18\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-2.6.27.37-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-base-2.6.27.37-0.1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:27:19", "description": "Update to kernel 2.6.27.37:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.36 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.37\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-10-16T00:00:00", "type": "nessus", "title": "Fedora 10 : kernel-2.6.27.37-170.2.104.fc10 (2009-10525)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2908", "CVE-2009-2909", "CVE-2009-2910"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-10525.NASL", "href": "https://www.tenable.com/plugins/nessus/42156", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-10525.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42156);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2908\", \"CVE-2009-2909\", \"CVE-2009-2910\");\n script_bugtraq_id(36639);\n script_xref(name:\"FEDORA\", value:\"2009-10525\");\n\n script_name(english:\"Fedora 10 : kernel-2.6.27.37-170.2.104.fc10 (2009-10525)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to kernel 2.6.27.37:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.36\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.37\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.36\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d092acef\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.37\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1d41ad4c\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=527534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=528887\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-October/030114.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?349f65a5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(189, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"kernel-2.6.27.37-170.2.104.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:53:25", "description": "This update fixes various bugs and some security issues in the SUSE Linux Enterprise 10 SP 3 kernel.\n\nThe following security issues were fixed: CVE-2009-3238: The get_random_int function in drivers/char/random.c in the Linux kernel produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the functions tendency to return the same value over and over again for long stretches of time.\n\n - The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. (CVE-2009-1192)\n\n - Unsigned check in the ax25 socket handler could allow local attackers to potentially crash the kernel or even execute code. (CVE-2009-2909)", "cvss3": {}, "published": "2010-10-11T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6637)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1192", "CVE-2009-2909", "CVE-2009-3238"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-6637.NASL", "href": "https://www.tenable.com/plugins/nessus/49867", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49867);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1192\", \"CVE-2009-2909\", \"CVE-2009-3238\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6637)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various bugs and some security issues in the SUSE\nLinux Enterprise 10 SP 3 kernel.\n\nThe following security issues were fixed: CVE-2009-3238: The\nget_random_int function in drivers/char/random.c in the Linux kernel\nproduces insufficiently random numbers, which allows attackers to\npredict the return value, and possibly defeat protection mechanisms\nbased on randomization, via vectors that leverage the functions\ntendency to return the same value over and over again for long\nstretches of time.\n\n - The (1) agp_generic_alloc_page and (2)\n agp_generic_alloc_pages functions in\n drivers/char/agp/generic.c in the agp subsystem in the\n Linux kernel do not zero out pages that may later be\n available to a user-space process, which allows local\n users to obtain sensitive information by reading these\n pages. (CVE-2009-1192)\n\n - Unsigned check in the ax25 socket handler could allow\n local attackers to potentially crash the kernel or even\n execute code. (CVE-2009-2909)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1192.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2909.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3238.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6637.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_cwe_id(189, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-kdumppae-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.57.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:35", "description": "This update fixes various bugs and some security issues in the SUSE Linux Enterprise 10 SP 3 kernel.\n\nThe following security issues were fixed: CVE-2009-3238: The get_random_int function in drivers/char/random.c in the Linux kernel produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the functions tendency to return the same value over and over again for long stretches of time.\n\n - The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. (CVE-2009-1192)\n\n - Unsigned check in the ax25 socket handler could allow local attackers to potentially crash the kernel or even execute code. (CVE-2009-2909)", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6641)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1192", "CVE-2009-2909", "CVE-2009-3238"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-6641.NASL", "href": "https://www.tenable.com/plugins/nessus/59141", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59141);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1192\", \"CVE-2009-2909\", \"CVE-2009-3238\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6641)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various bugs and some security issues in the SUSE\nLinux Enterprise 10 SP 3 kernel.\n\nThe following security issues were fixed: CVE-2009-3238: The\nget_random_int function in drivers/char/random.c in the Linux kernel\nproduces insufficiently random numbers, which allows attackers to\npredict the return value, and possibly defeat protection mechanisms\nbased on randomization, via vectors that leverage the functions\ntendency to return the same value over and over again for long\nstretches of time.\n\n - The (1) agp_generic_alloc_page and (2)\n agp_generic_alloc_pages functions in\n drivers/char/agp/generic.c in the agp subsystem in the\n Linux kernel do not zero out pages that may later be\n available to a user-space process, which allows local\n users to obtain sensitive information by reading these\n pages. (CVE-2009-1192)\n\n - Unsigned check in the ax25 socket handler could allow\n local attackers to potentially crash the kernel or even\n execute code. (CVE-2009-2909)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1192.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2909.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3238.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6641.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_cwe_id(189, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.57.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.57.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:45:17", "description": "This kernel update for openSUSE 11.0 fixes some bugs and several security problems.\n\nThe following security issues are fixed: CVE-2009-4536:\ndrivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload.\n\nCVE-2009-4538: drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets.\n\nCVE-2010-0007: Missing CAP_NET_ADMIN checks in the ebtables netfilter code might have allowed local attackers to modify bridge firewall settings.\n\nCVE-2010-0003: An information leakage on fatal signals on x86_64 machines was fixed.\n\nCVE-2009-4138: drivers/firewire/ohci.c in the Linux kernel, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field.\n\nCVE-2009-4308: The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal.\n\nCVE-2009-3939: The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.\n\nCVE-2009-4021: The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack.\n\nCVE-2009-3547: A race condition in the pipe(2) systemcall could be used by local attackers to hang the machine. The kernel in Moblin 2.0 uses NULL ptr protection which avoids code execution possbilities.\n\nCVE-2009-2903: Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp'N' device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.\n\nCVE-2009-3621: net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.\n\nCVE-2009-3612: The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors.\n\nCVE-2009-3620: The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.\n\nCVE-2009-3726: The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state.\n\nCVE-2009-3286: NFSv4 in the Linux kernel 2.6.18, and possibly other versions, does not properly clean up an inode when an O_EXCL create fails, which causes files to be created with insecure settings such as setuid bits, and possibly allows local users to gain privileges, related to the execution of the do_open_permission function even when a create fails.\n\nCVE-2009-2910: arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.\n\nCVE-2009-3238: The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to 'return the same value over and over again for long stretches of time.'\n\nCVE-2009-2848: The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.\n\nCVE-2009-3002: The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to the atalk_getname function in net/appletalk/ddp.c; (2) an AF_IRDA socket, related to the irda_getname function in net/irda/af_irda.c; (3) an AF_ECONET socket, related to the econet_getname function in net/econet/af_econet.c; (4) an AF_NETROM socket, related to the nr_getname function in net/netrom/af_netrom.c; (5) an AF_ROSE socket, related to the rose_getname function in net/rose/af_rose.c; or (6) a raw CAN socket, related to the raw_getname function in net/can/raw.c.\n\nCVE-2009-1633: Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c.", "cvss3": {}, "published": "2010-02-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-1908)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1633", "CVE-2009-2848", "CVE-2009-2903", "CVE-2009-2910", "CVE-2009-3002", "CVE-2009-3238", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726", "CVE-2009-3939", "CVE-2009-4021", "CVE-2009-4138", "CVE-2009-4308", "CVE-2009-4536", "CVE-2009-4538", "CVE-2010-0003", "CVE-2010-0007"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:acerhk-kmp-debug", "p-cpe:/a:novell:opensuse:acx-kmp-debug", "p-cpe:/a:novell:opensuse:appleir-kmp-debug", "p-cpe:/a:novell:opensuse:at76_usb-kmp-debug", "p-cpe:/a:novell:opensuse:atl2-kmp-debug", "p-cpe:/a:novell:opensuse:aufs-kmp-debug", "p-cpe:/a:novell:opensuse:dazuko-kmp-debug", "p-cpe:/a:novell:opensuse:drbd-kmp-debug", "p-cpe:/a:novell:opensuse:gspcav-kmp-debug", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-debug", "p-cpe:/a:novell:opensuse:ivtv-kmp-debug", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kqemu-kmp-debug", "p-cpe:/a:novell:opensuse:nouveau-kmp-debug", "p-cpe:/a:novell:opensuse:omnibook-kmp-debug", "p-cpe:/a:novell:opensuse:pcc-acpi-kmp-debug", "p-cpe:/a:novell:opensuse:pcfclock-kmp-debug", "p-cpe:/a:novell:opensuse:tpctl-kmp-debug", "p-cpe:/a:novell:opensuse:uvcvideo-kmp-debug", "p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug", "p-cpe:/a:novell:opensuse:wlan-ng-kmp-debug", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:vmware-kmp-debug"], "id": "SUSE_11_0_KERNEL-100203.NASL", "href": "https://www.tenable.com/plugins/nessus/44621", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-1908.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44621);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1633\", \"CVE-2009-2848\", \"CVE-2009-2903\", \"CVE-2009-2910\", \"CVE-2009-3002\", \"CVE-2009-3238\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\", \"CVE-2009-3939\", \"CVE-2009-4021\", \"CVE-2009-4138\", \"CVE-2009-4308\", \"CVE-2009-4536\", \"CVE-2009-4538\", \"CVE-2010-0003\", \"CVE-2010-0007\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-1908)\");\n script_summary(english:\"Check for the kernel-1908 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update for openSUSE 11.0 fixes some bugs and several\nsecurity problems.\n\nThe following security issues are fixed: CVE-2009-4536:\ndrivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel\nhandles Ethernet frames that exceed the MTU by processing certain\ntrailing payload data as if it were a complete frame, which allows\nremote attackers to bypass packet filters via a large packet with a\ncrafted payload.\n\nCVE-2009-4538: drivers/net/e1000e/netdev.c in the e1000e driver in the\nLinux kernel does not properly check the size of an Ethernet frame\nthat exceeds the MTU, which allows remote attackers to have an\nunspecified impact via crafted packets.\n\nCVE-2010-0007: Missing CAP_NET_ADMIN checks in the ebtables netfilter\ncode might have allowed local attackers to modify bridge firewall\nsettings.\n\nCVE-2010-0003: An information leakage on fatal signals on x86_64\nmachines was fixed.\n\nCVE-2009-4138: drivers/firewire/ohci.c in the Linux kernel, when\npacket-per-buffer mode is used, allows local users to cause a denial\nof service (NULL pointer dereference and system crash) or possibly\nhave unknown other impact via an unspecified ioctl associated with\nreceiving an ISO packet that contains zero in the payload-length\nfield.\n\nCVE-2009-4308: The ext4_decode_error function in fs/ext4/super.c in\nthe ext4 filesystem in the Linux kernel before 2.6.32 allows\nuser-assisted remote attackers to cause a denial of service (NULL\npointer dereference), and possibly have unspecified other impact, via\na crafted read-only filesystem that lacks a journal.\n\nCVE-2009-3939: The poll_mode_io file for the megaraid_sas driver in\nthe Linux kernel 2.6.31.6 and earlier has world-writable permissions,\nwhich allows local users to change the I/O mode of the driver by\nmodifying this file.\n\nCVE-2009-4021: The fuse_direct_io function in fs/fuse/file.c in the\nfuse subsystem in the Linux kernel before 2.6.32-rc7 might allow\nattackers to cause a denial of service (invalid pointer dereference\nand OOPS) via vectors possibly related to a memory-consumption attack.\n\nCVE-2009-3547: A race condition in the pipe(2) systemcall could be\nused by local attackers to hang the machine. The kernel in Moblin 2.0\nuses NULL ptr protection which avoids code execution possbilities.\n\nCVE-2009-2903: Memory leak in the appletalk subsystem in the Linux\nkernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the\nappletalk and ipddp modules are loaded but the ipddp'N' device is not\nfound, allows remote attackers to cause a denial of service (memory\nconsumption) via IP-DDP datagrams.\n\nCVE-2009-3621: net/unix/af_unix.c in the Linux kernel 2.6.31.4 and\nearlier allows local users to cause a denial of service (system hang)\nby creating an abstract-namespace AF_UNIX listening socket, performing\na shutdown operation on this socket, and then performing a series of\nconnect operations to this socket.\n\nCVE-2009-3612: The tcf_fill_node function in net/sched/cls_api.c in\nthe netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and\n2.4.37.6 and earlier, does not initialize a certain tcm__pad2\nstructure member, which might allow local users to obtain sensitive\ninformation from kernel memory via unspecified vectors.\n\nCVE-2009-3620: The ATI Rage 128 (aka r128) driver in the Linux kernel\nbefore 2.6.31-git11 does not properly verify Concurrent Command Engine\n(CCE) state initialization, which allows local users to cause a denial\nof service (NULL pointer dereference and system crash) or possibly\ngain privileges via unspecified ioctl calls.\n\nCVE-2009-3726: The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the\nNFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS\nservers to cause a denial of service (NULL pointer dereference and\npanic) by sending a certain response containing incorrect file\nattributes, which trigger attempted use of an open file that lacks\nNFSv4 state.\n\nCVE-2009-3286: NFSv4 in the Linux kernel 2.6.18, and possibly other\nversions, does not properly clean up an inode when an O_EXCL create\nfails, which causes files to be created with insecure settings such as\nsetuid bits, and possibly allows local users to gain privileges,\nrelated to the execution of the do_open_permission function even when\na create fails.\n\nCVE-2009-2910: arch/x86/ia32/ia32entry.S in the Linux kernel before\n2.6.31.4 on the x86_64 platform does not clear certain kernel\nregisters before a return to user mode, which allows local users to\nread register values from an earlier process by switching an ia32\nprocess to 64-bit mode.\n\nCVE-2009-3238: The get_random_int function in drivers/char/random.c in\nthe Linux kernel before 2.6.30 produces insufficiently random numbers,\nwhich allows attackers to predict the return value, and possibly\ndefeat protection mechanisms based on randomization, via vectors that\nleverage the function's tendency to 'return the same value over and\nover again for long stretches of time.'\n\nCVE-2009-2848: The execve function in the Linux kernel, possibly\n2.6.30-rc6 and earlier, does not properly clear the\ncurrent->clear_child_tid pointer, which allows local users to cause a\ndenial of service (memory corruption) or possibly gain privileges via\na clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID\nenabled, which is not properly handled during thread creation and\nexit.\n\nCVE-2009-3002: The Linux kernel before 2.6.31-rc7 does not initialize\ncertain data structures within getname functions, which allows local\nusers to read the contents of some kernel memory locations by calling\ngetsockname on (1) an AF_APPLETALK socket, related to the\natalk_getname function in net/appletalk/ddp.c; (2) an AF_IRDA socket,\nrelated to the irda_getname function in net/irda/af_irda.c; (3) an\nAF_ECONET socket, related to the econet_getname function in\nnet/econet/af_econet.c; (4) an AF_NETROM socket, related to the\nnr_getname function in net/netrom/af_netrom.c; (5) an AF_ROSE socket,\nrelated to the rose_getname function in net/rose/af_rose.c; or (6) a\nraw CAN socket, related to the raw_getname function in net/can/raw.c.\n\nCVE-2009-1633: Multiple buffer overflows in the cifs subsystem in the\nLinux kernel before 2.6.29.4 allow remote CIFS servers to cause a\ndenial of service (memory corruption) and possibly have unspecified\nother impact via (1) a malformed Unicode string, related to Unicode\nstring area alignment in fs/cifs/sess.c; or (2) long Unicode\ncharacters, related to fs/cifs/cifssmb.c and the cifs_readdir function\nin fs/cifs/readdir.c.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=421732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=441062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492282\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=526368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=527865\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=536467\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=541648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=541658\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=543740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=547131\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548070\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548071\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=550001\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=552775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=556864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=557180\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=564382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=564712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=567376\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=569902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=570606\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 119, 189, 200, 264, 310, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acerhk-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acx-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:appleir-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:at76_usb-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:atl2-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:aufs-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dazuko-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:drbd-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gspcav-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ivtv-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kqemu-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nouveau-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:omnibook-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcc-acpi-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tpctl-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:uvcvideo-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vmware-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wlan-ng-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"acerhk-kmp-debug-0.5.35_2.6.25.20_0.6-98.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"acx-kmp-debug-20080210_2.6.25.20_0.6-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"appleir-kmp-debug-1.1_2.6.25.20_0.6-108.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"at76_usb-kmp-debug-0.17_2.6.25.20_0.6-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"atl2-kmp-debug-2.0.4_2.6.25.20_0.6-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"aufs-kmp-debug-cvs20080429_2.6.25.20_0.6-13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"dazuko-kmp-debug-2.3.4.4_2.6.25.20_0.6-42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"drbd-kmp-debug-8.2.6_2.6.25.20_0.6-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"gspcav-kmp-debug-01.00.20_2.6.25.20_0.6-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"iscsitarget-kmp-debug-0.4.15_2.6.25.20_0.6-63.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"ivtv-kmp-debug-1.0.3_2.6.25.20_0.6-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-debug-2.6.25.20-0.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-default-2.6.25.20-0.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-pae-2.6.25.20-0.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-source-2.6.25.20-0.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-syms-2.6.25.20-0.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-vanilla-2.6.25.20-0.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-xen-2.6.25.20-0.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kqemu-kmp-debug-1.3.0pre11_2.6.25.20_0.6-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"nouveau-kmp-debug-0.10.1.20081112_2.6.25.20_0.6-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"omnibook-kmp-debug-20080313_2.6.25.20_0.6-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"pcc-acpi-kmp-debug-0.9_2.6.25.20_0.6-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"pcfclock-kmp-debug-0.44_2.6.25.20_0.6-207.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tpctl-kmp-debug-4.17_2.6.25.20_0.6-189.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"uvcvideo-kmp-debug-r200_2.6.25.20_0.6-2.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"virtualbox-ose-kmp-debug-1.5.6_2.6.25.20_0.6-33.5\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"vmware-kmp-debug-2008.04.14_2.6.25.20_0.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"wlan-ng-kmp-debug-0.2.8_2.6.25.20_0.6-107.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acerhk-kmp-debug / acx-kmp-debug / appleir-kmp-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:28:56", "description": "The SUSE Linux Enterprise 11 Kernel was updated to 2.6.27.39 fixing various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - A race condition during pipe open could be used by local attackers to cause a denial of service. (Due to mmap_min_addr protection enabled by default, code execution is not possible.). (CVE-2009-3547)\n\n - On x86_64 systems a information leak of high register contents (upper 32bit) was fixed. (CVE-2009-2910)\n\n - Memory leak in the appletalk subsystem in the Linux kernel when the appletalk and ipddp modules are loaded but the ipddp'N' device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. (CVE-2009-2903)\n\n - net/1/af_unix.c in the Linux kernel allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. (CVE-2009-3621)\n\n - The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue existed because of an incomplete fix for CVE-2005-4881. (CVE-2009-3612 / CVE-2005-4881)\n\n - The ATI Rage 128 (aka r128) driver in the Linux kernel does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls. (CVE-2009-3620)\n\n - The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state.\n (CVE-2009-3726)\n\n - Sv4 in the Linux kernel does not properly clean up an inode when an O_EXCL create fails, which causes files to be created with insecure settings such as setuid bits, and possibly allows local users to gain privileges, related to the execution of the do_open_permission function even when a create fails. (CVE-2009-3286)", "cvss3": {}, "published": "2009-12-03T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1581 / 1588 / 1591)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4881", "CVE-2009-2903", "CVE-2009-2910", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-vmi", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen", "p-cpe:/a:novell:suse_linux:11:kernel-default", "p-cpe:/a:novell:suse_linux:11:kernel-default-base", "p-cpe:/a:novell:suse_linux:11:kernel-default-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default-man", "p-cpe:/a:novell:suse_linux:11:kernel-pae", "p-cpe:/a:novell:suse_linux:11:kernel-pae-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:11:kernel-source", "p-cpe:/a:novell:suse_linux:11:kernel-syms", "p-cpe:/a:novell:suse_linux:11:kernel-vmi", "p-cpe:/a:novell:suse_linux:11:kernel-vmi-base", "p-cpe:/a:novell:suse_linux:11:kernel-xen", "p-cpe:/a:novell:suse_linux:11:kernel-xen-base", "p-cpe:/a:novell:suse_linux:11:kernel-xen-extra", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_KERNEL-091123.NASL", "href": "https://www.tenable.com/plugins/nessus/42990", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42990);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-4881\", \"CVE-2009-2903\", \"CVE-2009-2910\", \"CVE-2009-3286\", \"CVE-2009-3547\", \"CVE-2009-3612\", \"CVE-2009-3620\", \"CVE-2009-3621\", \"CVE-2009-3726\");\n\n script_name(english:\"SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1581 / 1588 / 1591)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 Kernel was updated to 2.6.27.39 fixing\nvarious bugs and security issues.\n\nThe following security issues have been fixed :\n\n - A race condition during pipe open could be used by local\n attackers to cause a denial of service. (Due to\n mmap_min_addr protection enabled by default, code\n execution is not possible.). (CVE-2009-3547)\n\n - On x86_64 systems a information leak of high register\n contents (upper 32bit) was fixed. (CVE-2009-2910)\n\n - Memory leak in the appletalk subsystem in the Linux\n kernel when the appletalk and ipddp modules are loaded\n but the ipddp'N' device is not found, allows remote\n attackers to cause a denial of service (memory\n consumption) via IP-DDP datagrams. (CVE-2009-2903)\n\n - net/1/af_unix.c in the Linux kernel allows local users\n to cause a denial of service (system hang) by creating\n an abstract-namespace AF_UNIX listening socket,\n performing a shutdown operation on this socket, and then\n performing a series of connect operations to this\n socket. (CVE-2009-3621)\n\n - The tcf_fill_node function in net/sched/cls_api.c in the\n netlink subsystem in the Linux kernel 2.6.x before\n 2.6.32-rc5, and 2.4.37.6 and earlier, does not\n initialize a certain tcm__pad2 structure member, which\n might allow local users to obtain sensitive information\n from kernel memory via unspecified vectors. NOTE: this\n issue existed because of an incomplete fix for\n CVE-2005-4881. (CVE-2009-3612 / CVE-2005-4881)\n\n - The ATI Rage 128 (aka r128) driver in the Linux kernel\n does not properly verify Concurrent Command Engine (CCE)\n state initialization, which allows local users to cause\n a denial of service (NULL pointer dereference and system\n crash) or possibly gain privileges via unspecified ioctl\n calls. (CVE-2009-3620)\n\n - The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the\n NFSv4 client in the Linux kernel allows remote NFS\n servers to cause a denial of service (NULL pointer\n dereference and panic) by sending a certain response\n containing incorrect file attributes, which trigger\n attempted use of an open file that lacks NFSv4 state.\n (CVE-2009-3726)\n\n - Sv4 in the Linux kernel does not properly clean up an\n inode when an O_EXCL create fails, which causes files to\n be created with insecure settings such as setuid bits,\n and possibly allows local users to gain privileges,\n related to the execution of the do_open_permission\n function even when a create fails. (CVE-2009-3286)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=441062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=472410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=519820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=522790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=523487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=524222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=524683\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=528427\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=531716\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=536467\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=540349\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=540997\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=541648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=542505\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=544760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=544779\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=547137\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=547357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548070\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548071\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=548807\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549567\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=549751\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=550648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=551142\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=551348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=551942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=552602\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=552775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=554122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=556532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=556864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2005-4881.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2903.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-2910.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3286.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3547.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3612.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3620.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3621.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3726.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 1581 / 1588 / 1591 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 200, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-vmi-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-extra-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-extra-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-source-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-syms-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-extra-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-extra-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-source-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-syms-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-extra-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ext4dev-kmp-default-0_2.6.27.39_0.3-7.1.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-default-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-default-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-source-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-syms-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-pae-0_2.6.27.39_0.3-7.1.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-vmi-0_2.6.27.39_0.3-7.1.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-xen-0_2.6.27.39_0.3-7.1.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-vmi-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-vmi-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-base-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"kernel-default-man-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"ext4dev-kmp-xen-0_2.6.27.39_0.3-7.1.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-2.6.27.39-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-base-2.6.27.39-0.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:27:46", "description": "The openSUSE 11.1 Kernel was updated to 2.6.27.39 fixing various bugs and security issues.\n\nFollowing security issues have been fixed: CVE-2009-3547: A race condition during pipe open could be used by local attackers to cause a denial of service. (Due to mmap_min_addr protection enabled by default, code execution is not possible.)\n\nCVE-2009-2910: On x86_64 systems a information leak of high register contents (upper 32bit) was fixed.\n\nCVE-2009-2903: Memory leak in the appletalk subsystem in the Linux kernel when the appletalk and ipddp modules are loaded but the ipddp'N' device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.\n\nCVE-2009-3621: net/unix/af_unix.c in the Linux kernel allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.\n\nCVE-2009-3612 / CVE-2005-4881: The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue existed because of an incomplete fix for CVE-2005-4881.\n\nCVE-2009-3620: The ATI Rage 128 (aka r128) driver in the Linux kernel does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.\n\nCVE-2009-3726: The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state.\n\nCVE-2009-3286: Sv4 in the Linux kernel does not properly clean up an inode when an O_EXCL create fails, which causes files to be created with insecure settings such as setuid bits, and possibly allows local users to gain privileges, related to the execution of the do_open_permission function even when a create fails.", "cvss3": {}, "published": "2009-12-01T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-1593)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-4881", "CVE-2009-2903", "CVE-2009-2910", "CVE-2009-3286", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base",

SuSE9 Security Update : Linux kernel (YOU Patch Number 12541)

Description

Related