Lucene search
This script is Copyright (C) 2010-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_11_2_KERNEL-101026.NASLHistoryOct 29, 2010 - 12:00 a.m.
openSUSE Security Update : kernel (openSUSE-SU-2010:0919-1)
2010-10-2900:00:00
This script is Copyright (C) 2010-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
33
This update of the openSUSE 11.2 Linux kernel fixes two critical security issues and some bugs.
Following security issues were fixed: CVE-2010-3904: A local privilege escalation in RDS sockets allowed local attackers to gain root privileges.
CVE-2010-2963: A problem in the compat ioctl handling in video4linux allowed local attackers with a video device plugged in to gain root privileges on x86_64 systems.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update kernel-3398.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(50409);
script_version("1.13");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/05/14");
script_cve_id("CVE-2010-2963", "CVE-2010-3904");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2023/06/02");
script_name(english:"openSUSE Security Update : kernel (openSUSE-SU-2010:0919-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
script_set_attribute(attribute:"description", value:
"This update of the openSUSE 11.2 Linux kernel fixes two critical
security issues and some bugs.
Following security issues were fixed: CVE-2010-3904: A local privilege
escalation in RDS sockets allowed local attackers to gain root
privileges.
CVE-2010-2963: A problem in the compat ioctl handling in video4linux
allowed local attackers with a video device plugged in to gain root
privileges on x86_64 systems.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=409504");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=441062");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=564324");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=646045");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=647322");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=647392");
script_set_attribute(attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2010-10/msg00044.html");
script_set_attribute(attribute:"solution", value:
"Update the affected kernel packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Reliable Datagram Sockets (RDS) Privilege Escalation');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:"CANVAS");
script_set_attribute(attribute:"patch_publication_date", value:"2010/10/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2010/10/29");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-desktop-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source-vanilla");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-syms");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-trace-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:preload-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:preload-kmp-desktop");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2010-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-debug-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-debug-base-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-debug-devel-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-default-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-default-base-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-default-devel-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-desktop-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-desktop-base-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-desktop-devel-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-pae-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-pae-base-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-pae-devel-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-source-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-source-vanilla-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-syms-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-trace-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-trace-base-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-trace-devel-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-vanilla-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-vanilla-base-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-vanilla-devel-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-xen-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-xen-base-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"kernel-xen-devel-2.6.31.14-0.4.1") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"preload-kmp-default-1.1_2.6.31.14_0.4-6.9.32") ) flag++;
if ( rpm_check(release:"SUSE11.2", reference:"preload-kmp-desktop-1.1_2.6.31.14_0.4-6.9.32") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel-debug / kernel-debug-base / kernel-debug-devel / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | kernel-debug | p-cpe:/a:novell:opensuse:kernel-debug |
| novell | opensuse | kernel-debug-base | p-cpe:/a:novell:opensuse:kernel-debug-base |
| novell | opensuse | kernel-debug-devel | p-cpe:/a:novell:opensuse:kernel-debug-devel |
| novell | opensuse | kernel-default | p-cpe:/a:novell:opensuse:kernel-default |
| novell | opensuse | kernel-default-base | p-cpe:/a:novell:opensuse:kernel-default-base |
| novell | opensuse | kernel-default-devel | p-cpe:/a:novell:opensuse:kernel-default-devel |
| novell | opensuse | kernel-desktop | p-cpe:/a:novell:opensuse:kernel-desktop |
| novell | opensuse | kernel-desktop-base | p-cpe:/a:novell:opensuse:kernel-desktop-base |
| novell | opensuse | kernel-desktop-devel | p-cpe:/a:novell:opensuse:kernel-desktop-devel |
| novell | opensuse | kernel-pae | p-cpe:/a:novell:opensuse:kernel-pae |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2963
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3904
bugzilla.novell.com/show_bug.cgi?id=409504
bugzilla.novell.com/show_bug.cgi?id=441062
bugzilla.novell.com/show_bug.cgi?id=564324
bugzilla.novell.com/show_bug.cgi?id=646045
bugzilla.novell.com/show_bug.cgi?id=647322
bugzilla.novell.com/show_bug.cgi?id=647392
lists.opensuse.org/opensuse-updates/2010-10/msg00044.html
Related
nessus
nessus
openSUSE Security Update : kernel (openSUSE-SU-2010:0902-1)
2014-06-13 00:00:00
SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3462 / 3463)
2011-01-21 00:00:00
openvas
openvas
SuSE Update for kernel SUSE-SA:2010:053
2010-11-16 00:00:00
SuSE Update for kernel SUSE-SA:2010:053
2010-11-16 00:00:00
Fedora Update for kernel FEDORA-2010-16826
2010-12-02 00:00:00
suse
suse
local privilege escalation in kernel
2010-10-28 16:14:32
local privilege escalation in kernel
2010-11-11 15:47:32
remote denial of service, local privilege in kernel-rt
2011-02-07 11:58:56
fedora
fedora
[SECURITY] Fedora 14 Update: kernel-2.6.35.6-48.fc14
2010-10-28 06:10:03
[SECURITY] Fedora 14 Update: kernel-2.6.35.9-64.fc14
2010-12-05 00:42:46
[SECURITY] Fedora 14 Update: kernel-2.6.35.13-92.fc14
2011-06-11 04:22:38
seebug
seebug
Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability
2010-10-29 00:00:00
Linux RDS Protocol Local Privilege Escalation
2010-10-26 00:00:00
Linux Kernel <= 2.6.36-rc8 - RDS Protocol Local Privilege Escalation
2014-07-01 00:00:00
prion
prion
Design/Logic Flaw
2010-12-06 20:13:00
Memory corruption
2010-11-26 19:00:00
altlinux
altlinux
cve
cve
CVE-2010-2963
2010-11-26 19:00:00
CVE-2010-3904
2010-12-06 20:13:00
ubuntucve
ubuntucve
CVE-2010-2963
2010-10-19 00:00:00
CVE-2010-3904
2010-10-19 00:00:00
redhat
redhat
(RHSA-2010:0792) Important: kernel security update
2010-10-25 00:00:00
(RHSA-2010:0842) Important: kernel security and bug fix update
2010-11-10 00:00:00
zdt
zdt
Linux 2.6.30 < 2.6.36-rc8 - Reliable Datagram Sockets (RDS) Privilege Escalation Exploit
2018-05-21 00:00:00
Reliable Datagram Sockets (RDS) Privilege Escalation Exploit
2018-05-19 00:00:00
securityvulns
securityvulns
Linux kernel RDS protocol privilege escalation
2010-10-24 00:00:00
VSR Advisories: Linux RDS Protocol Local Privilege Escalation
2010-10-24 00:00:00
centos
centos
kernel security update
2010-10-26 06:38:54
metasploit
metasploit
Reliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation
2019-12-18 20:05:19
Reliable Datagram Sockets (RDS) Privilege Escalation
2018-05-03 12:51:21
exploitpack
exploitpack
Linux Kernel 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite
2010-10-28 00:00:00
Linux Kernel 2.6.36-rc8 - RDS Protocol Local Privilege Escalation
2010-10-19 00:00:00
packetstorm
packetstorm
Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite
2010-10-29 00:00:00
Reliable Datagram Sockets (RDS) Privilege Escalation
2018-05-19 00:00:00
vReliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation
2019-12-23 00:00:00
oraclelinux
oraclelinux
kernel security update
2010-10-22 00:00:00
kernel security update
2010-10-27 00:00:00
kernel security and bug fix update
2010-11-09 00:00:00
canvas
canvas
Immunity Canvas: LINUX_RDS
2010-12-06 20:13:00
cert
cert
Linux kernel RDS protocol vulnerability
2010-10-25 00:00:00
attackerkb
attackerkb
CVE-2010-3904
2010-12-06 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:50:15
cisa_kev
cisa_kev
Linux Kernel Improper Input Validation Vulnerability
2023-05-12 00:00:00
exploitdb
exploitdb
thn
thn
Two Linux vulnerabilities to get root access
2010-10-30 07:21:00
Warning: Samsung Devices Under Attack! New Security Flaw Exposed
2023-05-20 04:15:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2010-10-19 00:00:00
Linux kernel (OMAP4) vulnerabilities
2011-04-20 00:00:00
Linux kernel vulnerabilities
2011-02-28 00:00:00
debian
debian
[SECURITY] [DSA 2126-1] New Linux 2.6.26 packages fix several issues
2010-11-27 04:49:43
osv
osv
linux-2.6 - several issues
2010-11-26 00:00:00
vmware
vmware
VMware ESXi and ESX updates to third party libraries and ESX Service Console
2011-10-12 00:00:00
VMware ESX third party updates for Service Console packages glibc and dhcp
2011-10-12 00:00:00
Related for SUSE_11_2_KERNEL-101026.NASL