SuSE 10 Security Update : the Linux Kernel (x86) (ZYPP Patch Number 5566)

2008-10-02T00:00:00

Description

This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel contains lots of bugfixes and several security fixes : - Added missing capability checks in sbni_ioctl(). (CVE-2008-3525) - On AMD64 some string operations could leak kernel information into userspace. (CVE-2008-0598) - Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules. (CVE-2008-1673) - Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel. (CVE-2008-3272) - Fixed a memory leak when looking up deleted directories which could be used to run the system out of memory. (CVE-2008-3275) - The do_change_type function in fs/namespace.c did not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. (CVE-2008-2931) - Various NULL ptr checks have been added to tty op functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited. (CVE-2008-2812)

{"id": "SUSE_KERNEL-5566.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "SuSE 10 Security Update : the Linux Kernel (x86) (ZYPP Patch Number 5566)", "description": "This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel contains lots of bugfixes and several security fixes :\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\n - On AMD64 some string operations could leak kernel information into userspace. (CVE-2008-0598)\n\n - Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules. (CVE-2008-1673)\n\n - Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel.\n (CVE-2008-3272)\n\n - Fixed a memory leak when looking up deleted directories which could be used to run the system out of memory.\n (CVE-2008-3275)\n\n - The do_change_type function in fs/namespace.c did not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. (CVE-2008-2931)\n\n - Various NULL ptr checks have been added to tty op functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited.\n (CVE-2008-2812)", "published": "2008-10-02T00:00:00", "modified": "2021-01-14T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/34331", "reporter": "This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.", "references": ["http://support.novell.com/security/cve/CVE-2008-3272.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2812", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3275", "http://support.novell.com/security/cve/CVE-2008-0598.html", "http://support.novell.com/security/cve/CVE-2008-2931.html", "http://support.novell.com/security/cve/CVE-2008-3275.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1673", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3272", "http://support.novell.com/security/cve/CVE-2008-1673.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2931", "http://support.novell.com/security/cve/CVE-2008-2812.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3525", "http://support.novell.com/security/cve/CVE-2008-3525.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0598"], "cvelist": ["CVE-2008-0598", "CVE-2008-1673", "CVE-2008-2812", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275", "CVE-2008-3525"], "immutableFields": [], "lastseen": "2023-05-18T14:46:09", "viewCount": 11, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2008:0508", "CESA-2008:0519", "CESA-2008:0612", "CESA-2008:0885", "CESA-2008:0972", "CESA-2008:0973", "CESA-2009:0001-01", "CESA-2009:0014"]}, {"type": "cve", "idList": ["CVE-2008-0598", "CVE-2008-1673", "CVE-2008-2812", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275", "CVE-2008-3525"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1592-1:BE103", "DEBIAN:DSA-1592-2:CB6D2", "DEBIAN:DSA-1630-1:8E4BC", "DEBIAN:DSA-1636-1:2F315", "DEBIAN:DSA-1653-1:79C02", "DEBIAN:DSA-1655-1:FE487"]}, {"type": "fedora", "idList": ["FEDORA:0A08C10F8CD", "FEDORA:2A46A208DA7", "FEDORA:3F37F208972", "FEDORA:6D5F810F87F", "FEDORA:B7B94208D5F", "FEDORA:EA327208DDB", "FEDORA:M5KJ4HAM015709"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2008-0508.NASL", "CENTOS_RHSA-2008-0519.NASL", "CENTOS_RHSA-2008-0612.NASL", "CENTOS_RHSA-2008-0885.NASL", "CENTOS_RHSA-2008-0972.NASL", "CENTOS_RHSA-2008-0973.NASL", "CENTOS_RHSA-2009-0014.NASL", "DEBIAN_DSA-1592.NASL", "DEBIAN_DSA-1630.NASL", "DEBIAN_DSA-1636.NASL", "DEBIAN_DSA-1653.NASL", "DEBIAN_DSA-1655.NASL", "FEDORA_2008-5308.NASL", "FEDORA_2008-5454.NASL", "FEDORA_2008-8929.NASL", "FEDORA_2008-8980.NASL", "MANDRIVA_MDVSA-2008-113.NASL", "MANDRIVA_MDVSA-2008-223.NASL", "ORACLELINUX_ELSA-2008-0508.NASL", "ORACLELINUX_ELSA-2008-0519.NASL", "ORACLELINUX_ELSA-2008-0612.NASL", "ORACLELINUX_ELSA-2008-0885.NASL", "ORACLELINUX_ELSA-2008-0972.NASL", "ORACLELINUX_ELSA-2008-0973.NASL", "ORACLELINUX_ELSA-2009-0014.NASL", "ORACLEVM_OVMSA-2008-2005.NASL", "ORACLEVM_OVMSA-2008-2006.NASL", "REDHAT-RHSA-2008-0508.NASL", "REDHAT-RHSA-2008-0519.NASL", "REDHAT-RHSA-2008-0612.NASL", "REDHAT-RHSA-2008-0665.NASL", "REDHAT-RHSA-2008-0885.NASL", "REDHAT-RHSA-2008-0972.NASL", "REDHAT-RHSA-2008-0973.NASL", "REDHAT-RHSA-2009-0001.NASL", "REDHAT-RHSA-2009-0014.NASL", "SL_20080625_KERNEL_ON_SL4_X.NASL", "SL_20080625_KERNEL_ON_SL5_X.NASL", "SL_20080804_KERNEL_ON_SL5_X.NASL", "SL_20080924_KERNEL_ON_SL5_X.NASL", "SL_20081119_KERNEL_ON_SL4_X.NASL", "SL_20081216_KERNEL_ON_SL3_X.NASL", "SL_20090114_KERNEL_ON_SL4_X.NASL", "SUSE9_12636.NASL", "SUSE_11_0_KERNEL-080721.NASL", "SUSE_11_0_KERNEL-080822.NASL", "SUSE_11_0_KERNEL-081022.NASL", "SUSE_KERNEL-5473.NASL", "SUSE_KERNEL-5477.NASL", "SUSE_KERNEL-5565.NASL", "SUSE_KERNEL-5605.NASL", "SUSE_KERNEL-5608.NASL", "SUSE_KERNEL-5667.NASL", "SUSE_KERNEL-5668.NASL", "SUSE_KERNEL-5700.NASL", "SUSE_KERNEL-5751.NASL", "SUSE_KERNEL-7059.NASL", "SUSE_KERNEL-7063.NASL", "UBUNTU_USN-625-1.NASL", "UBUNTU_USN-637-1.NASL", "UBUNTU_USN-659-1.NASL", "VMWARE_VMSA-2009-0014.NASL", "VMWARE_VMSA-2009-0014_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122555", "OPENVAS:1361412562310122564", "OPENVAS:1361412562310122573", "OPENVAS:136141256231063097", "OPENVAS:136141256231063132", "OPENVAS:136141256231063191", "OPENVAS:136141256231063245", "OPENVAS:136141256231063250", "OPENVAS:136141256231063290", "OPENVAS:136141256231063344", "OPENVAS:136141256231064077", "OPENVAS:136141256231064296", "OPENVAS:136141256231065175", "OPENVAS:136141256231065876", "OPENVAS:136141256231065914", "OPENVAS:136141256231065920", "OPENVAS:1361412562310830632", "OPENVAS:1361412562310830738", "OPENVAS:1361412562310850140", "OPENVAS:1361412562310870017", "OPENVAS:1361412562310870022", "OPENVAS:1361412562310870042", "OPENVAS:1361412562310870087", "OPENVAS:1361412562310870088", "OPENVAS:1361412562310870138", "OPENVAS:1361412562310880015", "OPENVAS:1361412562310880041", "OPENVAS:1361412562310880043", "OPENVAS:1361412562310880079", "OPENVAS:1361412562310880082", "OPENVAS:1361412562310880111", "OPENVAS:1361412562310880928", "OPENVAS:1361412562310880937", "OPENVAS:61108", "OPENVAS:61109", "OPENVAS:61436", "OPENVAS:61594", "OPENVAS:61775", "OPENVAS:61777", "OPENVAS:63097", "OPENVAS:63132", "OPENVAS:63191", "OPENVAS:63245", "OPENVAS:63250", "OPENVAS:63290", "OPENVAS:63344", "OPENVAS:64077", "OPENVAS:64296", "OPENVAS:65175", "OPENVAS:65876", "OPENVAS:65914", "OPENVAS:65920", "OPENVAS:830632", "OPENVAS:830738", "OPENVAS:840224", "OPENVAS:840264", "OPENVAS:840325", "OPENVAS:850005", "OPENVAS:850008", "OPENVAS:850019", "OPENVAS:850021", "OPENVAS:850035", "OPENVAS:850037", "OPENVAS:850045", "OPENVAS:850140", "OPENVAS:860468", "OPENVAS:860537", "OPENVAS:860557", "OPENVAS:860598", "OPENVAS:860945", "OPENVAS:870017", "OPENVAS:870022", "OPENVAS:870042", "OPENVAS:870087", "OPENVAS:870088", "OPENVAS:870138", "OPENVAS:880015", "OPENVAS:880041", "OPENVAS:880043", "OPENVAS:880079", "OPENVAS:880082", "OPENVAS:880111", "OPENVAS:880928", "OPENVAS:880937"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0508", "ELSA-2008-0519", "ELSA-2008-0612", "ELSA-2008-0665", "ELSA-2008-0885", "ELSA-2008-0972", "ELSA-2008-0973", "ELSA-2009-0014", "ELSA-2009-0225"]}, {"type": "osv", "idList": ["OSV:DSA-1592-1", "OSV:DSA-1630-1", "OSV:DSA-1636-1", "OSV:DSA-1653-1", "OSV:DSA-1655-1"]}, {"type": "redhat", "idList": ["RHSA-2008:0508", "RHSA-2008:0519", "RHSA-2008:0612", "RHSA-2008:0665", "RHSA-2008:0787", "RHSA-2008:0857", "RHSA-2008:0885", "RHSA-2008:0972", "RHSA-2008:0973", "RHSA-2009:0001", "RHSA-2009:0009", "RHSA-2009:0014"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:19991", "SECURITYVULNS:DOC:20387", "SECURITYVULNS:DOC:20515", "SECURITYVULNS:DOC:20702", "SECURITYVULNS:DOC:20734", "SECURITYVULNS:VULN:9065", "SECURITYVULNS:VULN:9235", "SECURITYVULNS:VULN:9285", "SECURITYVULNS:VULN:9357"]}, {"type": "seebug", "idList": ["SSV:3393", "SSV:3495", "SSV:3554", "SSV:3609", "SSV:3801", "SSV:3896", "SSV:3898", "SSV:4138", "SSV:4139"]}, {"type": "suse", "idList": ["SUSE-SA:2008:035", "SUSE-SA:2008:037", "SUSE-SA:2008:038", "SUSE-SA:2008:044", "SUSE-SA:2008:047", "SUSE-SA:2008:048", "SUSE-SA:2008:049", "SUSE-SA:2008:051", "SUSE-SA:2008:052", "SUSE-SA:2008:053", "SUSE-SA:2010:036"]}, {"type": "ubuntu", "idList": ["USN-625-1", "USN-637-1", "USN-659-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-0598", "UB:CVE-2008-1673", "UB:CVE-2008-2812", "UB:CVE-2008-2931", "UB:CVE-2008-3272", "UB:CVE-2008-3275", "UB:CVE-2008-3525"]}, {"type": "veracode", "idList": ["VERACODE:23320", "VERACODE:23387", "VERACODE:23412", "VERACODE:23413", "VERACODE:23414"]}, {"type": "vmware", "idList": ["VMSA-2009-0014", "VMSA-2009-0014.3"]}]}, "score": {"value": -0.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2008:0508", "CESA-2008:0519", "CESA-2008:0612", "CESA-2008:0885", "CESA-2008:0972", "CESA-2008:0973", "CESA-2009:0001-01", "CESA-2009:0014"]}, {"type": "cve", "idList": ["CVE-2008-0598", "CVE-2008-1673", "CVE-2008-2812", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275", "CVE-2008-3525"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1655-1:FE487"]}, {"type": "fedora", "idList": ["FEDORA:2A46A208DA7"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/LINUXRPM-ELSA-2008-0519/"]}, {"type": "nessus", "idList": ["FEDORA_2008-5308.NASL", "ORACLELINUX_ELSA-2008-0508.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231065920", "OPENVAS:870042"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0508", "ELSA-2008-0519", "ELSA-2008-0612", "ELSA-2008-0665", "ELSA-2008-0885", "ELSA-2008-0972", "ELSA-2008-0973", "ELSA-2009-0014", "ELSA-2009-0225"]}, {"type": "redhat", "idList": ["RHSA-2008:0508", "RHSA-2008:0519", "RHSA-2008:0612", "RHSA-2008:0665", "RHSA-2008:0885", "RHSA-2008:0972", "RHSA-2008:0973", "RHSA-2009:0014"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:20387"]}, {"type": "seebug", "idList": ["SSV:3898"]}, {"type": "suse", "idList": ["SUSE-SA:2008:038"]}, {"type": "ubuntu", "idList": ["USN-625-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-3525"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2008-0598", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-07"}, {"cve": "CVE-2008-1673", "epss": 0.08927, "percentile": 0.93645, "modified": "2023-05-07"}, {"cve": "CVE-2008-2812", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-07"}, {"cve": "CVE-2008-2931", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-07"}, {"cve": "CVE-2008-3272", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-07"}, {"cve": "CVE-2008-3275", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-07"}, {"cve": "CVE-2008-3525", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-07"}], "vulnersScore": -0.0}, "_state": {"dependencies": 1684423147, "score": 1684421634, "epss": 0}, "_internal": {"score_hash": "4ada726a59b5592885bfd307b32ed324"}, "pluginID": "34331", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34331);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-1673\", \"CVE-2008-2812\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\", \"CVE-2008-3525\");\n\n script_name(english:\"SuSE 10 Security Update : the Linux Kernel (x86) (ZYPP Patch Number 5566)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel\ncontains lots of bugfixes and several security fixes :\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\n - On AMD64 some string operations could leak kernel\n information into userspace. (CVE-2008-0598)\n\n - Added range checking in ASN.1 handling for the CIFS and\n SNMP NAT netfilter modules. (CVE-2008-1673)\n\n - Fixed range checking in the snd_seq OSS ioctl, which\n could be used to leak information from the kernel.\n (CVE-2008-3272)\n\n - Fixed a memory leak when looking up deleted directories\n which could be used to run the system out of memory.\n (CVE-2008-3275)\n\n - The do_change_type function in fs/namespace.c did not\n verify that the caller has the CAP_SYS_ADMIN capability,\n which allows local users to gain privileges or cause a\n denial of service by modifying the properties of a\n mountpoint. (CVE-2008-2931)\n\n - Various NULL ptr checks have been added to tty op\n functions, which might have been used by local attackers\n to execute code. We think that this affects only devices\n openable by root, so the impact is limited.\n (CVE-2008-2812)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0598.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1673.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2812.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2931.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3272.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3275.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3525.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5566.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-default-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-smp-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-source-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-syms-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-xen-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-debug-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-default-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-smp-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-source-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-syms-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-xen-2.6.16.54-0.2.10\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.54-0.2.10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["cpe:/o:suse:suse_linux"], "solution": "Apply ZYPP patch number 5566.", "nessusSeverity": "Critical", "cvssScoreSource": "", "vendor_cvss2": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": "2008-09-03T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": []}

{"nessus": [{"lastseen": "2023-05-19T14:18:35", "description": "This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel contains lots of bugfixes and several security fixes :\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\n - On AMD64 some string operations could leak kernel information into userspace. (CVE-2008-0598)\n\n - Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules. (CVE-2008-1673)\n\n - Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel.\n (CVE-2008-3272)\n\n - Fixed a memory leak when looking up deleted directories which could be used to run the system out of memory.\n (CVE-2008-3275)\n\n - The do_change_type function in fs/namespace.c did not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. (CVE-2008-2931)\n\n - Various NULL ptr checks have been added to the tty ops functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited.\n (CVE-2008-2812)", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5608)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-1673", "CVE-2008-2812", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275", "CVE-2008-3525"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5608.NASL", "href": "https://www.tenable.com/plugins/nessus/59131", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59131);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-1673\", \"CVE-2008-2812\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\", \"CVE-2008-3525\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5608)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel\ncontains lots of bugfixes and several security fixes :\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\n - On AMD64 some string operations could leak kernel\n information into userspace. (CVE-2008-0598)\n\n - Added range checking in ASN.1 handling for the CIFS and\n SNMP NAT netfilter modules. (CVE-2008-1673)\n\n - Fixed range checking in the snd_seq OSS ioctl, which\n could be used to leak information from the kernel.\n (CVE-2008-3272)\n\n - Fixed a memory leak when looking up deleted directories\n which could be used to run the system out of memory.\n (CVE-2008-3275)\n\n - The do_change_type function in fs/namespace.c did not\n verify that the caller has the CAP_SYS_ADMIN capability,\n which allows local users to gain privileges or cause a\n denial of service by modifying the properties of a\n mountpoint. (CVE-2008-2931)\n\n - Various NULL ptr checks have been added to the tty ops\n functions, which might have been used by local attackers\n to execute code. We think that this affects only devices\n openable by root, so the impact is limited.\n (CVE-2008-2812)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0598.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1673.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2812.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2931.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3272.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3275.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3525.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5608.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.54-0.2.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.54-0.2.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:45:46", "description": "It was discovered that there were multiple NULL pointer function dereferences in the Linux kernel terminal handling code. A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service. (CVE-2008-2812)\n\nThe do_change_type routine did not correctly validation administrative users. A local attacker could exploit this to block mount points or cause private mounts to be shared, leading to denial of service or a possible loss of privacy. (CVE-2008-2931)\n\nTobias Klein discovered that the OSS interface through ALSA did not correctly validate the device number. A local attacker could exploit this to access sensitive kernel memory, leading to a denial of service or a loss of privacy. (CVE-2008-3272)\n\nZoltan Sogor discovered that new directory entries could be added to already deleted directories. A local attacker could exploit this, filling up available memory and disk space, leading to a denial of service. (CVE-2008-3275)\n\nIn certain situations, the fix for CVE-2008-0598 from USN-623-1 was causing infinite loops in the writev syscall. This update corrects the mistake. We apologize for the inconvenience.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2008-08-26T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/20/22 vulnerabilities (USN-637-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-2812", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.20", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.20", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:7.04", "cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-637-1.NASL", "href": "https://www.tenable.com/plugins/nessus/34048", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-637-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34048);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-2812\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n script_bugtraq_id(30076, 30126, 30559, 30647);\n script_xref(name:\"USN\", value:\"637-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/20/22 vulnerabilities (USN-637-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there were multiple NULL pointer function\ndereferences in the Linux kernel terminal handling code. A local\nattacker could exploit this to execute arbitrary code as root, or\ncrash the system, leading to a denial of service. (CVE-2008-2812)\n\nThe do_change_type routine did not correctly validation administrative\nusers. A local attacker could exploit this to block mount points or\ncause private mounts to be shared, leading to denial of service or a\npossible loss of privacy. (CVE-2008-2931)\n\nTobias Klein discovered that the OSS interface through ALSA did not\ncorrectly validate the device number. A local attacker could exploit\nthis to access sensitive kernel memory, leading to a denial of service\nor a loss of privacy. (CVE-2008-3272)\n\nZoltan Sogor discovered that new directory entries could be added to\nalready deleted directories. A local attacker could exploit this,\nfilling up available memory and disk space, leading to a denial of\nservice. (CVE-2008-3275)\n\nIn certain situations, the fix for CVE-2008-0598 from USN-623-1 was\ncausing infinite loops in the writev syscall. This update corrects the\nmistake. We apologize for the inconvenience.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/637-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2021 Canonical, Inc. / NASL script (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|7\\.04|7\\.10|8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 7.04 / 7.10 / 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-0598\", \"CVE-2008-2812\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-637-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-386\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-686\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-amd64-generic\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-amd64-k8\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-amd64-server\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-amd64-xeon\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-52-server\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-386\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-686\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-amd64-generic\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-amd64-k8\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-amd64-server\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-amd64-xeon\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-52-server\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-52.71\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-doc-2.6.20\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-headers-2.6.20-17\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-headers-2.6.20-17-386\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-headers-2.6.20-17-generic\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-headers-2.6.20-17-lowlatency\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-headers-2.6.20-17-server\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-2.6.20-17-386\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-2.6.20-17-generic\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-2.6.20-17-lowlatency\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-2.6.20-17-server\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-debug-2.6.20-17-386\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-debug-2.6.20-17-generic\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-debug-2.6.20-17-lowlatency\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-image-debug-2.6.20-17-server\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"linux-source-2.6.20\", pkgver:\"2.6.20-17.39\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-doc-2.6.22\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-386\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-generic\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-rt\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-server\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-ume\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-virtual\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-15-xen\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-386\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-cell\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-generic\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-lpia\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-lpiacompat\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-rt\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-server\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-ume\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-virtual\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-15-xen\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-15-386\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-15-generic\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-15-server\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-15-virtual\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-source-2.6.22\", pkgver:\"2.6.22-15.58\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19-386\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19-generic\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19-openvz\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19-rt\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19-server\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19-virtual\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-19-xen\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-386\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-generic\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-lpia\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-lpiacompat\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-openvz\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-rt\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-server\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-virtual\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-19-xen\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-19-386\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-19-generic\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-19-server\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-19-virtual\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-19.41\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-19.41\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.15 / linux-doc-2.6.20 / linux-doc-2.6.22 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:32", "description": "This kernel security update fixes lots of bugs and some", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5605)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-1673", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5605.NASL", "href": "https://www.tenable.com/plugins/nessus/59130", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59130);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-1673\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5605)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"This kernel security update fixes lots of bugs and some\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0598.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1673.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3272.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3275.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5605.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.30\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.30\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:53", "description": "This kernel security update fixes lots of bugs and some", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 5565)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-1673", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5565.NASL", "href": "https://www.tenable.com/plugins/nessus/41534", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41534);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-1673\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n\n script_name(english:\"SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 5565)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"This kernel security update fixes lots of bugs and some\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0598.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1673.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3272.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3275.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5565.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.29\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.29\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:45:34", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2007-6282 Dirk Nehring discovered a vulnerability in the IPsec code that allows remote users to cause a denial of service by sending a specially crafted ESP packet.\n\n - CVE-2008-0598 Tavis Ormandy discovered a vulnerability that allows local users to access uninitialized kernel memory, possibly leaking sensitive data. This issue is specific to the amd64-flavour kernel images.\n\n - CVE-2008-2729 Andi Kleen discovered an issue where uninitialized kernel memory was being leaked to userspace during an exception. This issue may allow local users to gain access to sensitive data. Only the amd64-flavour Debian kernel images are affected.\n\n - CVE-2008-2812 Alan Cox discovered an issue in multiple tty drivers that allows local users to trigger a denial of service (NULL pointer dereference) and possibly obtain elevated privileges.\n\n - CVE-2008-2826 Gabriel Campana discovered an integer overflow in the sctp code that can be exploited by local users to cause a denial of service.\n\n - CVE-2008-2931 Miklos Szeredi reported a missing privilege check in the do_change_type() function. This allows local, unprivileged users to change the properties of mount points.\n\n - CVE-2008-3272 Tobias Klein reported a locally exploitable data leak in the snd_seq_oss_synth_make_info() function. This may allow local users to gain access to sensitive information.\n\n - CVE-2008-3275 Zoltan Sogor discovered a coding error in the VFS that allows local users to exploit a kernel memory leak resulting in a denial of service.", "cvss3": {}, "published": "2008-08-24T00:00:00", "type": "nessus", "title": "Debian DSA-1630-1 : linux-2.6 - denial of service/information leak", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6282", "CVE-2008-0598", "CVE-2008-2729", "CVE-2008-2812", "CVE-2008-2826", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1630.NASL", "href": "https://www.tenable.com/plugins/nessus/34032", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1630. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34032);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-6282\", \"CVE-2008-0598\", \"CVE-2008-2729\", \"CVE-2008-2812\", \"CVE-2008-2826\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n script_bugtraq_id(29081, 29942, 30076, 30126, 30559, 30647);\n script_xref(name:\"DSA\", value:\"1630\");\n\n script_name(english:\"Debian DSA-1630-1 : linux-2.6 - denial of service/information leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or arbitrary code execution. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2007-6282\n Dirk Nehring discovered a vulnerability in the IPsec\n code that allows remote users to cause a denial of\n service by sending a specially crafted ESP packet.\n\n - CVE-2008-0598\n Tavis Ormandy discovered a vulnerability that allows\n local users to access uninitialized kernel memory,\n possibly leaking sensitive data. This issue is specific\n to the amd64-flavour kernel images.\n\n - CVE-2008-2729\n Andi Kleen discovered an issue where uninitialized\n kernel memory was being leaked to userspace during an\n exception. This issue may allow local users to gain\n access to sensitive data. Only the amd64-flavour Debian\n kernel images are affected.\n\n - CVE-2008-2812\n Alan Cox discovered an issue in multiple tty drivers\n that allows local users to trigger a denial of service\n (NULL pointer dereference) and possibly obtain elevated\n privileges.\n\n - CVE-2008-2826\n Gabriel Campana discovered an integer overflow in the\n sctp code that can be exploited by local users to cause\n a denial of service.\n\n - CVE-2008-2931\n Miklos Szeredi reported a missing privilege check in the\n do_change_type() function. This allows local,\n unprivileged users to change the properties of mount\n points.\n\n - CVE-2008-3272\n Tobias Klein reported a locally exploitable data leak in\n the snd_seq_oss_synth_make_info() function. This may\n allow local users to gain access to sensitive\n information.\n\n - CVE-2008-3275\n Zoltan Sogor discovered a coding error in the VFS that\n allows local users to exploit a kernel memory leak\n resulting in a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6282\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-0598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-2729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-2812\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-2826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-2931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1630\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6, fai-kernels, and user-mode-linux packages.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-22etch2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16, 20, 189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"fai-kernels\", reference:\"1.17+etch.22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.18\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-alpha\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-amd64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-arm\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-hppa\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-i386\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-ia64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mips\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mipsel\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-powerpc\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-s390\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-sparc\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390-tape\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.18\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.18\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.18\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.18-6\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.18\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"user-mode-linux\", reference:\"2.6.18-1um-2etch.22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-22etch2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:17:25", "description": "The openSUSE 11.0 kernel was updated to 2.6.25.16.\n\nIt fixes various stability bugs and also security bugs.\n\nCVE-2008-1673: Fixed the range checking in the ASN.1 decoder in NAT for SNMP and CIFS, which could have been used by a remote attacker to crash the machine.\n\nCVE-2008-3276: An integer overflow flaw was found in the Linux kernel dccp_setsockopt_change() function. An attacker may leverage this vulnerability to trigger a kernel panic on a victim's machine remotely.\n\nCVE-2008-3272: The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.\n\nCVE-2008-3275: The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ('overflow' of the UBIFS orphan area) via a series of attempted file creations within deleted directories.\n\nAlso lots of bugs were fixed.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-171)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1673", "CVE-2008-3272", "CVE-2008-3275", "CVE-2008-3276"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-rt", "p-cpe:/a:novell:opensuse:kernel-rt_debug", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_KERNEL-080822.NASL", "href": "https://www.tenable.com/plugins/nessus/40009", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-171.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40009);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1673\", \"CVE-2008-3272\", \"CVE-2008-3275\", \"CVE-2008-3276\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-171)\");\n script_summary(english:\"Check for the kernel-171 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE 11.0 kernel was updated to 2.6.25.16.\n\nIt fixes various stability bugs and also security bugs.\n\nCVE-2008-1673: Fixed the range checking in the ASN.1 decoder in NAT\nfor SNMP and CIFS, which could have been used by a remote attacker to\ncrash the machine.\n\nCVE-2008-3276: An integer overflow flaw was found in the Linux kernel\ndccp_setsockopt_change() function. An attacker may leverage this\nvulnerability to trigger a kernel panic on a victim's machine\nremotely.\n\nCVE-2008-3272: The snd_seq_oss_synth_make_info function in\nsound/core/seq/oss/seq_oss_synth.c in the sound subsystem does not\nverify that the device number is within the range defined by\nmax_synthdev before returning certain data to the caller, which allows\nlocal users to obtain sensitive information.\n\nCVE-2008-3275: The (1) real_lookup and (2) __lookup_hash functions in\nfs/namei.c in the vfs implementation do not prevent creation of a\nchild dentry for a deleted (aka S_DEAD) directory, which allows local\nusers to cause a denial of service ('overflow' of the UBIFS orphan\narea) via a series of attempted file creations within deleted\ndirectories.\n\nAlso lots of bugs were fixed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=216857\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=374099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=394667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=400815\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=400874\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=404892\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=406637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=407689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=408734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=412823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=415607\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=415690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=417505\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-debug-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-default-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-pae-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt_debug-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-source-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-syms-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-vanilla-2.6.25.16-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-xen-2.6.25.16-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-default / kernel-pae / kernel-rt / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:25:43", "description": "From Red Hat Security Advisory 2008:0973 :\n\nUpdated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local, unprivileged user to prepare and run a specially crafted binary which would use this deficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* missing capability checks were found in the SBNI WAN driver which could allow a local user to bypass intended capability restrictions.\n(CVE-2008-3525, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local, unprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* a buffer overflow flaw was found in Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2007-6063, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n* the incorrect kunmap function was used in nfs_xdr_readlinkres.\nkunmap() was used where kunmap_atomic() should have been. As a consequence, if an NFSv2 or NFSv3 server exported a volume containing a symlink which included a path equal to or longer than the local system's PATH_MAX, accessing the link caused a kernel oops. This has been corrected in this update.\n\n* mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a pointer. This caused a kernel panic in mptctl_gettargetinfo in some circumstances. A check has been added which prevents this.\n\n* lost tick compensation code in the timer interrupt routine triggered without apparent cause. When running as a fully-virtualized client, this spurious triggering caused the 64-bit version of Red Hat Enterprise Linux 3 to present highly inaccurate times. With this update the lost tick compensation code is turned off when the operating system is running as a fully-virtualized client under Xen or VMware(r).\n\nAll Red Hat Enterprise Linux 3 users should install this updated kernel which addresses these vulnerabilities and fixes these bugs.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 : kernel (ELSA-2008-0973)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6063", "CVE-2008-0598", "CVE-2008-2136", "CVE-2008-2812", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-boot", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-hugemem-unsupported", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-smp-unsupported", "p-cpe:/a:oracle:linux:kernel-source", "p-cpe:/a:oracle:linux:kernel-unsupported", "cpe:/o:oracle:linux:3"], "id": "ORACLELINUX_ELSA-2008-0973.NASL", "href": "https://www.tenable.com/plugins/nessus/67763", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0973 and \n# Oracle Linux Security Advisory ELSA-2008-0973 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67763);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_bugtraq_id(26605, 29235, 29942, 30076, 30647, 31368);\n script_xref(name:\"RHSA\", value:\"2008:0973\");\n\n script_name(english:\"Oracle Linux 3 : kernel (ELSA-2008-0973)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0973 :\n\nUpdated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local, unprivileged user to\nprepare and run a specially crafted binary which would use this\ndeficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2008-2136,\nImportant)\n\n* missing capability checks were found in the SBNI WAN driver which\ncould allow a local user to bypass intended capability restrictions.\n(CVE-2008-3525, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not\nclear the setuid and setgid bits. This could allow a local,\nunprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* a buffer overflow flaw was found in Integrated Services Digital\nNetwork (ISDN) subsystem. A local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2007-6063, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux\nkernel network drivers. These drivers were missing checks for terminal\nvalidity, which could allow privilege escalation. (CVE-2008-2812,\nModerate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local, unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n* the incorrect kunmap function was used in nfs_xdr_readlinkres.\nkunmap() was used where kunmap_atomic() should have been. As a\nconsequence, if an NFSv2 or NFSv3 server exported a volume containing\na symlink which included a path equal to or longer than the local\nsystem's PATH_MAX, accessing the link caused a kernel oops. This has\nbeen corrected in this update.\n\n* mptctl_gettargetinfo did not check if pIoc3 was NULL before using it\nas a pointer. This caused a kernel panic in mptctl_gettargetinfo in\nsome circumstances. A check has been added which prevents this.\n\n* lost tick compensation code in the timer interrupt routine triggered\nwithout apparent cause. When running as a fully-virtualized client,\nthis spurious triggering caused the 64-bit version of Red Hat\nEnterprise Linux 3 to present highly inaccurate times. With this\nupdate the lost tick compensation code is turned off when the\noperating system is running as a fully-virtualized client under Xen or\nVMware(r).\n\nAll Red Hat Enterprise Linux 3 users should install this updated\nkernel which addresses these vulnerabilities and fixes these bugs.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-December/000840.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2008-0973\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.4\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-BOOT-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-doc-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-doc-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-doc-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-doc-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-hugemem-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-hugemem-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-smp-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-smp-unsupported-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-source-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-source-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-source-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-source-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-unsupported-2.4.21-58.0.0.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-unsupported-2.4.21-58.0.0.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:47:10", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local, unprivileged user to prepare and run a specially crafted binary which would use this deficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* missing capability checks were found in the SBNI WAN driver which could allow a local user to bypass intended capability restrictions.\n(CVE-2008-3525, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local, unprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* a buffer overflow flaw was found in Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2007-6063, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n* the incorrect kunmap function was used in nfs_xdr_readlinkres.\nkunmap() was used where kunmap_atomic() should have been. As a consequence, if an NFSv2 or NFSv3 server exported a volume containing a symlink which included a path equal to or longer than the local system's PATH_MAX, accessing the link caused a kernel oops. This has been corrected in this update.\n\n* mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a pointer. This caused a kernel panic in mptctl_gettargetinfo in some circumstances. A check has been added which prevents this.\n\n* lost tick compensation code in the timer interrupt routine triggered without apparent cause. When running as a fully-virtualized client, this spurious triggering caused the 64-bit version of Red Hat Enterprise Linux 3 to present highly inaccurate times. With this update the lost tick compensation code is turned off when the operating system is running as a fully-virtualized client under Xen or VMware(r).\n\nAll Red Hat Enterprise Linux 3 users should install this updated kernel which addresses these vulnerabilities and fixes these bugs.", "cvss3": {}, "published": "2008-12-17T00:00:00", "type": "nessus", "title": "CentOS 3 : kernel (CESA-2008:0973)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6063", "CVE-2008-0598", "CVE-2008-2136", "CVE-2008-2812", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-hugemem-unsupported", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-smp-unsupported", "p-cpe:/a:centos:centos:kernel-source", "p-cpe:/a:centos:centos:kernel-unsupported", "cpe:/o:centos:centos:3", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-boot"], "id": "CENTOS_RHSA-2008-0973.NASL", "href": "https://www.tenable.com/plugins/nessus/35186", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0973 and \n# CentOS Errata and Security Advisory 2008:0973 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35186);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_bugtraq_id(26605, 29235, 29942, 30076, 30647, 31368);\n script_xref(name:\"RHSA\", value:\"2008:0973\");\n\n script_name(english:\"CentOS 3 : kernel (CESA-2008:0973)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local, unprivileged user to\nprepare and run a specially crafted binary which would use this\ndeficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2008-2136,\nImportant)\n\n* missing capability checks were found in the SBNI WAN driver which\ncould allow a local user to bypass intended capability restrictions.\n(CVE-2008-3525, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not\nclear the setuid and setgid bits. This could allow a local,\nunprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* a buffer overflow flaw was found in Integrated Services Digital\nNetwork (ISDN) subsystem. A local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2007-6063, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux\nkernel network drivers. These drivers were missing checks for terminal\nvalidity, which could allow privilege escalation. (CVE-2008-2812,\nModerate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local, unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n* the incorrect kunmap function was used in nfs_xdr_readlinkres.\nkunmap() was used where kunmap_atomic() should have been. As a\nconsequence, if an NFSv2 or NFSv3 server exported a volume containing\na symlink which included a path equal to or longer than the local\nsystem's PATH_MAX, accessing the link caused a kernel oops. This has\nbeen corrected in this update.\n\n* mptctl_gettargetinfo did not check if pIoc3 was NULL before using it\nas a pointer. This caused a kernel panic in mptctl_gettargetinfo in\nsome circumstances. A check has been added which prevents this.\n\n* lost tick compensation code in the timer interrupt routine triggered\nwithout apparent cause. When running as a fully-virtualized client,\nthis spurious triggering caused the 64-bit version of Red Hat\nEnterprise Linux 3 to present highly inaccurate times. With this\nupdate the lost tick compensation code is turned off when the\noperating system is running as a fully-virtualized client under Xen or\nVMware(r).\n\nAll Red Hat Enterprise Linux 3 users should install this updated\nkernel which addresses these vulnerabilities and fixes these bugs.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-December/015501.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6d254e94\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-December/015502.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7e5400ed\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-February/015578.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?20f73922\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-doc-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-smp-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-smp-unsupported-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-source-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-unsupported-2.4.21-58.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:46:58", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local, unprivileged user to prepare and run a specially crafted binary which would use this deficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* missing capability checks were found in the SBNI WAN driver which could allow a local user to bypass intended capability restrictions.\n(CVE-2008-3525, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local, unprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* a buffer overflow flaw was found in Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2007-6063, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n* the incorrect kunmap function was used in nfs_xdr_readlinkres.\nkunmap() was used where kunmap_atomic() should have been. As a consequence, if an NFSv2 or NFSv3 server exported a volume containing a symlink which included a path equal to or longer than the local system's PATH_MAX, accessing the link caused a kernel oops. This has been corrected in this update.\n\n* mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a pointer. This caused a kernel panic in mptctl_gettargetinfo in some circumstances. A check has been added which prevents this.\n\n* lost tick compensation code in the timer interrupt routine triggered without apparent cause. When running as a fully-virtualized client, this spurious triggering caused the 64-bit version of Red Hat Enterprise Linux 3 to present highly inaccurate times. With this update the lost tick compensation code is turned off when the operating system is running as a fully-virtualized client under Xen or VMware(r).\n\nAll Red Hat Enterprise Linux 3 users should install this updated kernel which addresses these vulnerabilities and fixes these bugs.", "cvss3": {}, "published": "2008-12-17T00:00:00", "type": "nessus", "title": "RHEL 3 : kernel (RHSA-2008:0973)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6063", "CVE-2008-0598", "CVE-2008-2136", "CVE-2008-2812", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-boot", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-unsupported", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-unsupported", "p-cpe:/a:redhat:enterprise_linux:kernel-source", "p-cpe:/a:redhat:enterprise_linux:kernel-unsupported", "cpe:/o:redhat:enterprise_linux:3"], "id": "REDHAT-RHSA-2008-0973.NASL", "href": "https://www.tenable.com/plugins/nessus/35190", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0973. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35190);\n script_version(\"1.35\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_bugtraq_id(26605, 29235, 29942, 30076, 30647, 31368);\n script_xref(name:\"RHSA\", value:\"2008:0973\");\n\n script_name(english:\"RHEL 3 : kernel (RHSA-2008:0973)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local, unprivileged user to\nprepare and run a specially crafted binary which would use this\ndeficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2008-2136,\nImportant)\n\n* missing capability checks were found in the SBNI WAN driver which\ncould allow a local user to bypass intended capability restrictions.\n(CVE-2008-3525, Important)\n\n* the do_truncate() and generic_file_splice_write() functions did not\nclear the setuid and setgid bits. This could allow a local,\nunprivileged user to obtain access to privileged information.\n(CVE-2008-4210, Important)\n\n* a buffer overflow flaw was found in Integrated Services Digital\nNetwork (ISDN) subsystem. A local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2007-6063, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux\nkernel network drivers. These drivers were missing checks for terminal\nvalidity, which could allow privilege escalation. (CVE-2008-2812,\nModerate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local, unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n* the incorrect kunmap function was used in nfs_xdr_readlinkres.\nkunmap() was used where kunmap_atomic() should have been. As a\nconsequence, if an NFSv2 or NFSv3 server exported a volume containing\na symlink which included a path equal to or longer than the local\nsystem's PATH_MAX, accessing the link caused a kernel oops. This has\nbeen corrected in this update.\n\n* mptctl_gettargetinfo did not check if pIoc3 was NULL before using it\nas a pointer. This caused a kernel panic in mptctl_gettargetinfo in\nsome circumstances. A check has been added which prevents this.\n\n* lost tick compensation code in the timer interrupt routine triggered\nwithout apparent cause. When running as a fully-virtualized client,\nthis spurious triggering caused the 64-bit version of Red Hat\nEnterprise Linux 3 to present highly inaccurate times. With this\nupdate the lost tick compensation code is turned off when the\noperating system is running as a fully-virtualized client under Xen or\nVMware(r).\n\nAll Red Hat Enterprise Linux 3 users should install this updated\nkernel which addresses these vulnerabilities and fixes these bugs.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2136\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2812\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0973\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2008:0973\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0973\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-doc-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-hugemem-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-hugemem-unsupported-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-smp-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-smp-unsupported-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-source-2.4.21-58.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-unsupported-2.4.21-58.EL\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:32", "description": "This update addresses the following security issues :\n\n - Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local, unprivileged user to prepare and run a specially crafted binary which would use this deficiency to leak uninitialized and potentially sensitive data.\n (CVE-2008-0598, Important)\n\n - a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n - missing capability checks were found in the SBNI WAN driver which could allow a local user to bypass intended capability restrictions. (CVE-2008-3525, Important)\n\n - the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local, unprivileged user to obtain access to privileged information. (CVE-2008-4210, Important)\n\n - a buffer overflow flaw was found in Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a denial of service.\n (CVE-2007-6063, Moderate)\n\n - multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate)\n\n - a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n - the incorrect kunmap function was used in nfs_xdr_readlinkres. kunmap() was used where kunmap_atomic() should have been. As a consequence, if an NFSv2 or NFSv3 server exported a volume containing a symlink which included a path equal to or longer than the local system's PATH_MAX, accessing the link caused a kernel oops. This has been corrected in this update.\n\n - mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a pointer. This caused a kernel panic in mptctl_gettargetinfo in some circumstances. A check has been added which prevents this.\n\n - lost tick compensation code in the timer interrupt routine triggered without apparent cause. When running as a fully-virtualized client, this spurious triggering caused the 64-bit version of Red Hat Enterprise Linux 3 to present highly inaccurate times. With this update the lost tick compensation code is turned off when the operating system is running as a fully-virtualized client under Xen or VMware®.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL3.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6063", "CVE-2008-0598", "CVE-2008-2136", "CVE-2008-2812", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20081216_KERNEL_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60507", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60507);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6063\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL3.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses the following security issues :\n\n - Tavis Ormandy discovered a deficiency in the Linux\n kernel 32-bit and 64-bit emulation. This could allow a\n local, unprivileged user to prepare and run a specially\n crafted binary which would use this deficiency to leak\n uninitialized and potentially sensitive data.\n (CVE-2008-0598, Important)\n\n - a possible kernel memory leak was found in the Linux\n kernel Simple Internet Transition (SIT) INET6\n implementation. This could allow a local, unprivileged\n user to cause a denial of service. (CVE-2008-2136,\n Important)\n\n - missing capability checks were found in the SBNI WAN\n driver which could allow a local user to bypass intended\n capability restrictions. (CVE-2008-3525, Important)\n\n - the do_truncate() and generic_file_splice_write()\n functions did not clear the setuid and setgid bits. This\n could allow a local, unprivileged user to obtain access\n to privileged information. (CVE-2008-4210, Important)\n\n - a buffer overflow flaw was found in Integrated Services\n Digital Network (ISDN) subsystem. A local, unprivileged\n user could use this flaw to cause a denial of service.\n (CVE-2007-6063, Moderate)\n\n - multiple NULL pointer dereferences were found in various\n Linux kernel network drivers. These drivers were missing\n checks for terminal validity, which could allow\n privilege escalation. (CVE-2008-2812, Moderate)\n\n - a deficiency was found in the Linux kernel virtual\n filesystem (VFS) implementation. This could allow a\n local, unprivileged user to attempt file creation within\n deleted directories, possibly causing a denial of\n service. (CVE-2008-3275, Moderate)\n\nThis update also fixes the following bugs :\n\n - the incorrect kunmap function was used in\n nfs_xdr_readlinkres. kunmap() was used where\n kunmap_atomic() should have been. As a consequence, if\n an NFSv2 or NFSv3 server exported a volume containing a\n symlink which included a path equal to or longer than\n the local system's PATH_MAX, accessing the link caused a\n kernel oops. This has been corrected in this update.\n\n - mptctl_gettargetinfo did not check if pIoc3 was NULL\n before using it as a pointer. This caused a kernel panic\n in mptctl_gettargetinfo in some circumstances. A check\n has been added which prevents this.\n\n - lost tick compensation code in the timer interrupt\n routine triggered without apparent cause. When running\n as a fully-virtualized client, this spurious triggering\n caused the 64-bit version of Red Hat Enterprise Linux 3\n to present highly inaccurate times. With this update the\n lost tick compensation code is turned off when the\n operating system is running as a fully-virtualized\n client under Xen or VMware®.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0812&L=scientific-linux-errata&T=0&P=1505\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f6f8ef2e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"kernel-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-doc-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-smp-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-smp-unsupported-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-source-2.4.21-58.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-unsupported-2.4.21-58.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T15:23:08", "description": "From Red Hat Security Advisory 2008:0885 :\n\nUpdated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a missing capability check was found in the Linux kernel do_change_type routine. This could allow a local unprivileged user to gain privileged access or cause a denial of service. (CVE-2008-2931, Important)\n\n* a flaw was found in the Linux kernel Direct-IO implementation. This could allow a local unprivileged user to cause a denial of service.\n(CVE-2007-6716, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel Open Sound System (OSS) implementation. This deficiency could lead to a possible information leak. (CVE-2008-3272, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a flaw was found in the Linux kernel tmpfs implementation. This could allow a local unprivileged user to read sensitive information from the kernel. (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n* when copying a small IPoIB packet from the original skb it was received in to a new, smaller skb, all fields in the new skb were not initialized. This may have caused a kernel oops.\n\n* previously, data may have been written beyond the end of an array, causing memory corruption on certain systems, resulting in hypervisor crashes during context switching.\n\n* a kernel crash may have occurred on heavily-used Samba servers after 24 to 48 hours of use.\n\n* under heavy memory pressure, pages may have been swapped out from under the SGI Altix XPMEM driver, causing silent data corruption in the kernel.\n\n* the ixgbe driver is untested, but support was advertised for the Intel 82598 network card. If this card was present when the ixgbe driver was loaded, a NULL pointer dereference and a panic occurred.\n\n* on certain systems, if multiple InfiniBand queue pairs simultaneously fell into an error state, an overrun may have occurred, stopping traffic.\n\n* with bridging, when forward delay was set to zero, setting an interface to the forwarding state was delayed by one or possibly two timers, depending on whether STP was enabled. This may have caused long delays in moving an interface to the forwarding state. This issue caused packet loss when migrating virtual machines, preventing them from being migrated without interrupting applications.\n\n* on certain multinode systems, IPMI device nodes were created in reverse order of where they physically resided.\n\n* process hangs may have occurred while accessing application data files via asynchronous direct I/O system calls.\n\n* on systems with heavy lock traffic, a possible deadlock may have caused anything requiring locks over NFS to stop, or be very slow.\nErrors such as 'lockd: server [IP] not responding, timed out' were logged on client systems.\n\n* unexpected removals of USB devices may have caused a NULL pointer dereference in kobject_get_path.\n\n* on Itanium-based systems, repeatedly creating and destroying Windows guests may have caused Dom0 to crash, due to the 'XENMEM_add_to_physmap' hypercall, used by para-virtualized drivers on HVM, being SMP-unsafe.\n\n* when using an MD software RAID, crashes may have occurred when devices were removed or changed while being iterated through. Correct locking is now used.\n\n* break requests had no effect when using 'Serial Over Lan' with the Intel 82571 network card. This issue may have caused log in problems.\n\n* on Itanium-based systems, module_free() referred the first parameter before checking it was valid. This may have caused a kernel panic when exiting SystemTap.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2008-0885)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6417", "CVE-2007-6716", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-pae", "p-cpe:/a:oracle:linux:kernel-pae-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2008-0885.NASL", "href": "https://www.tenable.com/plugins/nessus/67747", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0885 and \n# Oracle Linux Security Advisory ELSA-2008-0885 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67747);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n script_bugtraq_id(27694, 30647, 31515);\n script_xref(name:\"RHSA\", value:\"2008:0885\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2008-0885)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0885 :\n\nUpdated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a missing capability check was found in the Linux kernel\ndo_change_type routine. This could allow a local unprivileged user to\ngain privileged access or cause a denial of service. (CVE-2008-2931,\nImportant)\n\n* a flaw was found in the Linux kernel Direct-IO implementation. This\ncould allow a local unprivileged user to cause a denial of service.\n(CVE-2007-6716, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel Open Sound\nSystem (OSS) implementation. This deficiency could lead to a possible\ninformation leak. (CVE-2008-3272, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\n* a flaw was found in the Linux kernel tmpfs implementation. This\ncould allow a local unprivileged user to read sensitive information\nfrom the kernel. (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n* when copying a small IPoIB packet from the original skb it was\nreceived in to a new, smaller skb, all fields in the new skb were not\ninitialized. This may have caused a kernel oops.\n\n* previously, data may have been written beyond the end of an array,\ncausing memory corruption on certain systems, resulting in hypervisor\ncrashes during context switching.\n\n* a kernel crash may have occurred on heavily-used Samba servers after\n24 to 48 hours of use.\n\n* under heavy memory pressure, pages may have been swapped out from\nunder the SGI Altix XPMEM driver, causing silent data corruption in\nthe kernel.\n\n* the ixgbe driver is untested, but support was advertised for the\nIntel 82598 network card. If this card was present when the ixgbe\ndriver was loaded, a NULL pointer dereference and a panic occurred.\n\n* on certain systems, if multiple InfiniBand queue pairs\nsimultaneously fell into an error state, an overrun may have occurred,\nstopping traffic.\n\n* with bridging, when forward delay was set to zero, setting an\ninterface to the forwarding state was delayed by one or possibly two\ntimers, depending on whether STP was enabled. This may have caused\nlong delays in moving an interface to the forwarding state. This issue\ncaused packet loss when migrating virtual machines, preventing them\nfrom being migrated without interrupting applications.\n\n* on certain multinode systems, IPMI device nodes were created in\nreverse order of where they physically resided.\n\n* process hangs may have occurred while accessing application data\nfiles via asynchronous direct I/O system calls.\n\n* on systems with heavy lock traffic, a possible deadlock may have\ncaused anything requiring locks over NFS to stop, or be very slow.\nErrors such as 'lockd: server [IP] not responding, timed out' were\nlogged on client systems.\n\n* unexpected removals of USB devices may have caused a NULL pointer\ndereference in kobject_get_path.\n\n* on Itanium-based systems, repeatedly creating and destroying Windows\nguests may have caused Dom0 to crash, due to the\n'XENMEM_add_to_physmap' hypercall, used by para-virtualized drivers on\nHVM, being SMP-unsafe.\n\n* when using an MD software RAID, crashes may have occurred when\ndevices were removed or changed while being iterated through. Correct\nlocking is now used.\n\n* break requests had no effect when using 'Serial Over Lan' with the\nIntel 82571 network card. This issue may have caused log in problems.\n\n* on Itanium-based systems, module_free() referred the first parameter\nbefore checking it was valid. This may have caused a kernel panic when\nexiting SystemTap.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-September/000742.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2008-0885\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-92.1.13.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-92.1.13.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T14:35:10", "description": "Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a missing capability check was found in the Linux kernel do_change_type routine. This could allow a local unprivileged user to gain privileged access or cause a denial of service. (CVE-2008-2931, Important)\n\n* a flaw was found in the Linux kernel Direct-IO implementation. This could allow a local unprivileged user to cause a denial of service.\n(CVE-2007-6716, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel Open Sound System (OSS) implementation. This deficiency could lead to a possible information leak. (CVE-2008-3272, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a flaw was found in the Linux kernel tmpfs implementation. This could allow a local unprivileged user to read sensitive information from the kernel. (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n* when copying a small IPoIB packet from the original skb it was received in to a new, smaller skb, all fields in the new skb were not initialized. This may have caused a kernel oops.\n\n* previously, data may have been written beyond the end of an array, causing memory corruption on certain systems, resulting in hypervisor crashes during context switching.\n\n* a kernel crash may have occurred on heavily-used Samba servers after 24 to 48 hours of use.\n\n* under heavy memory pressure, pages may have been swapped out from under the SGI Altix XPMEM driver, causing silent data corruption in the kernel.\n\n* the ixgbe driver is untested, but support was advertised for the Intel 82598 network card. If this card was present when the ixgbe driver was loaded, a NULL pointer dereference and a panic occurred.\n\n* on certain systems, if multiple InfiniBand queue pairs simultaneously fell into an error state, an overrun may have occurred, stopping traffic.\n\n* with bridging, when forward delay was set to zero, setting an interface to the forwarding state was delayed by one or possibly two timers, depending on whether STP was enabled. This may have caused long delays in moving an interface to the forwarding state. This issue caused packet loss when migrating virtual machines, preventing them from being migrated without interrupting applications.\n\n* on certain multinode systems, IPMI device nodes were created in reverse order of where they physically resided.\n\n* process hangs may have occurred while accessing application data files via asynchronous direct I/O system calls.\n\n* on systems with heavy lock traffic, a possible deadlock may have caused anything requiring locks over NFS to stop, or be very slow.\nErrors such as 'lockd: server [IP] not responding, timed out' were logged on client systems.\n\n* unexpected removals of USB devices may have caused a NULL pointer dereference in kobject_get_path.\n\n* on Itanium-based systems, repeatedly creating and destroying Windows guests may have caused Dom0 to crash, due to the 'XENMEM_add_to_physmap' hypercall, used by para-virtualized drivers on HVM, being SMP-unsafe.\n\n* when using an MD software RAID, crashes may have occurred when devices were removed or changed while being iterated through. Correct locking is now used.\n\n* break requests had no effect when using 'Serial Over Lan' with the Intel 82571 network card. This issue may have caused log in problems.\n\n* on Itanium-based systems, module_free() referred the first parameter before checking it was valid. This may have caused a kernel panic when exiting SystemTap.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2008:0885)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6417", "CVE-2007-6716", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-pae", "p-cpe:/a:centos:centos:kernel-pae-devel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-xen-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2008-0885.NASL", "href": "https://www.tenable.com/plugins/nessus/43710", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0885 and \n# CentOS Errata and Security Advisory 2008:0885 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43710);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n script_bugtraq_id(27694, 30647, 31515);\n script_xref(name:\"RHSA\", value:\"2008:0885\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2008:0885)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a missing capability check was found in the Linux kernel\ndo_change_type routine. This could allow a local unprivileged user to\ngain privileged access or cause a denial of service. (CVE-2008-2931,\nImportant)\n\n* a flaw was found in the Linux kernel Direct-IO implementation. This\ncould allow a local unprivileged user to cause a denial of service.\n(CVE-2007-6716, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel Open Sound\nSystem (OSS) implementation. This deficiency could lead to a possible\ninformation leak. (CVE-2008-3272, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\n* a flaw was found in the Linux kernel tmpfs implementation. This\ncould allow a local unprivileged user to read sensitive information\nfrom the kernel. (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n* when copying a small IPoIB packet from the original skb it was\nreceived in to a new, smaller skb, all fields in the new skb were not\ninitialized. This may have caused a kernel oops.\n\n* previously, data may have been written beyond the end of an array,\ncausing memory corruption on certain systems, resulting in hypervisor\ncrashes during context switching.\n\n* a kernel crash may have occurred on heavily-used Samba servers after\n24 to 48 hours of use.\n\n* under heavy memory pressure, pages may have been swapped out from\nunder the SGI Altix XPMEM driver, causing silent data corruption in\nthe kernel.\n\n* the ixgbe driver is untested, but support was advertised for the\nIntel 82598 network card. If this card was present when the ixgbe\ndriver was loaded, a NULL pointer dereference and a panic occurred.\n\n* on certain systems, if multiple InfiniBand queue pairs\nsimultaneously fell into an error state, an overrun may have occurred,\nstopping traffic.\n\n* with bridging, when forward delay was set to zero, setting an\ninterface to the forwarding state was delayed by one or possibly two\ntimers, depending on whether STP was enabled. This may have caused\nlong delays in moving an interface to the forwarding state. This issue\ncaused packet loss when migrating virtual machines, preventing them\nfrom being migrated without interrupting applications.\n\n* on certain multinode systems, IPMI device nodes were created in\nreverse order of where they physically resided.\n\n* process hangs may have occurred while accessing application data\nfiles via asynchronous direct I/O system calls.\n\n* on systems with heavy lock traffic, a possible deadlock may have\ncaused anything requiring locks over NFS to stop, or be very slow.\nErrors such as 'lockd: server [IP] not responding, timed out' were\nlogged on client systems.\n\n* unexpected removals of USB devices may have caused a NULL pointer\ndereference in kobject_get_path.\n\n* on Itanium-based systems, repeatedly creating and destroying Windows\nguests may have caused Dom0 to crash, due to the\n'XENMEM_add_to_physmap' hypercall, used by para-virtualized drivers on\nHVM, being SMP-unsafe.\n\n* when using an MD software RAID, crashes may have occurred when\ndevices were removed or changed while being iterated through. Correct\nlocking is now used.\n\n* break requests had no effect when using 'Serial Over Lan' with the\nIntel 82571 network card. This issue may have caused log in problems.\n\n* on Itanium-based systems, module_free() referred the first parameter\nbefore checking it was valid. This may have caused a kernel panic when\nexiting SystemTap.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-September/015273.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d39467ab\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-September/015274.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?979197fc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-92.1.13.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T14:51:48", "description": "Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a missing capability check was found in the Linux kernel do_change_type routine. This could allow a local unprivileged user to gain privileged access or cause a denial of service. (CVE-2008-2931, Important)\n\n* a flaw was found in the Linux kernel Direct-IO implementation. This could allow a local unprivileged user to cause a denial of service.\n(CVE-2007-6716, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel Open Sound System (OSS) implementation. This deficiency could lead to a possible information leak. (CVE-2008-3272, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n* a flaw was found in the Linux kernel tmpfs implementation. This could allow a local unprivileged user to read sensitive information from the kernel. (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n* when copying a small IPoIB packet from the original skb it was received in to a new, smaller skb, all fields in the new skb were not initialized. This may have caused a kernel oops.\n\n* previously, data may have been written beyond the end of an array, causing memory corruption on certain systems, resulting in hypervisor crashes during context switching.\n\n* a kernel crash may have occurred on heavily-used Samba servers after 24 to 48 hours of use.\n\n* under heavy memory pressure, pages may have been swapped out from under the SGI Altix XPMEM driver, causing silent data corruption in the kernel.\n\n* the ixgbe driver is untested, but support was advertised for the Intel 82598 network card. If this card was present when the ixgbe driver was loaded, a NULL pointer dereference and a panic occurred.\n\n* on certain systems, if multiple InfiniBand queue pairs simultaneously fell into an error state, an overrun may have occurred, stopping traffic.\n\n* with bridging, when forward delay was set to zero, setting an interface to the forwarding state was delayed by one or possibly two timers, depending on whether STP was enabled. This may have caused long delays in moving an interface to the forwarding state. This issue caused packet loss when migrating virtual machines, preventing them from being migrated without interrupting applications.\n\n* on certain multinode systems, IPMI device nodes were created in reverse order of where they physically resided.\n\n* process hangs may have occurred while accessing application data files via asynchronous direct I/O system calls.\n\n* on systems with heavy lock traffic, a possible deadlock may have caused anything requiring locks over NFS to stop, or be very slow.\nErrors such as 'lockd: server [IP] not responding, timed out' were logged on client systems.\n\n* unexpected removals of USB devices may have caused a NULL pointer dereference in kobject_get_path.\n\n* on Itanium-based systems, repeatedly creating and destroying Windows guests may have caused Dom0 to crash, due to the 'XENMEM_add_to_physmap' hypercall, used by para-virtualized drivers on HVM, being SMP-unsafe.\n\n* when using an MD software RAID, crashes may have occurred when devices were removed or changed while being iterated through. Correct locking is now used.\n\n* break requests had no effect when using 'Serial Over Lan' with the Intel 82571 network card. This issue may have caused log in problems.\n\n* on Itanium-based systems, module_free() referred the first parameter before checking it was valid. This may have caused a kernel panic when exiting SystemTap.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2008-09-25T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2008:0885)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6417", "CVE-2007-6716", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.2"], "id": "REDHAT-RHSA-2008-0885.NASL", "href": "https://www.tenable.com/plugins/nessus/34288", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0885. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34288);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n script_bugtraq_id(27694, 30647, 31515);\n script_xref(name:\"RHSA\", value:\"2008:0885\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2008:0885)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a missing capability check was found in the Linux kernel\ndo_change_type routine. This could allow a local unprivileged user to\ngain privileged access or cause a denial of service. (CVE-2008-2931,\nImportant)\n\n* a flaw was found in the Linux kernel Direct-IO implementation. This\ncould allow a local unprivileged user to cause a denial of service.\n(CVE-2007-6716, Important)\n\n* Tobias Klein reported a missing check in the Linux kernel Open Sound\nSystem (OSS) implementation. This deficiency could lead to a possible\ninformation leak. (CVE-2008-3272, Moderate)\n\n* a deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\n* a flaw was found in the Linux kernel tmpfs implementation. This\ncould allow a local unprivileged user to read sensitive information\nfrom the kernel. (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n* when copying a small IPoIB packet from the original skb it was\nreceived in to a new, smaller skb, all fields in the new skb were not\ninitialized. This may have caused a kernel oops.\n\n* previously, data may have been written beyond the end of an array,\ncausing memory corruption on certain systems, resulting in hypervisor\ncrashes during context switching.\n\n* a kernel crash may have occurred on heavily-used Samba servers after\n24 to 48 hours of use.\n\n* under heavy memory pressure, pages may have been swapped out from\nunder the SGI Altix XPMEM driver, causing silent data corruption in\nthe kernel.\n\n* the ixgbe driver is untested, but support was advertised for the\nIntel 82598 network card. If this card was present when the ixgbe\ndriver was loaded, a NULL pointer dereference and a panic occurred.\n\n* on certain systems, if multiple InfiniBand queue pairs\nsimultaneously fell into an error state, an overrun may have occurred,\nstopping traffic.\n\n* with bridging, when forward delay was set to zero, setting an\ninterface to the forwarding state was delayed by one or possibly two\ntimers, depending on whether STP was enabled. This may have caused\nlong delays in moving an interface to the forwarding state. This issue\ncaused packet loss when migrating virtual machines, preventing them\nfrom being migrated without interrupting applications.\n\n* on certain multinode systems, IPMI device nodes were created in\nreverse order of where they physically resided.\n\n* process hangs may have occurred while accessing application data\nfiles via asynchronous direct I/O system calls.\n\n* on systems with heavy lock traffic, a possible deadlock may have\ncaused anything requiring locks over NFS to stop, or be very slow.\nErrors such as 'lockd: server [IP] not responding, timed out' were\nlogged on client systems.\n\n* unexpected removals of USB devices may have caused a NULL pointer\ndereference in kobject_get_path.\n\n* on Itanium-based systems, repeatedly creating and destroying Windows\nguests may have caused Dom0 to crash, due to the\n'XENMEM_add_to_physmap' hypercall, used by para-virtualized drivers on\nHVM, being SMP-unsafe.\n\n* when using an MD software RAID, crashes may have occurred when\ndevices were removed or changed while being iterated through. Correct\nlocking is now used.\n\n* break requests had no effect when using 'Serial Over Lan' with the\nIntel 82571 network card. This issue may have caused log in problems.\n\n* on Itanium-based systems, module_free() referred the first parameter\nbefore checking it was valid. This may have caused a kernel panic when\nexiting SystemTap.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6716\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0885\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/09/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2008:0885\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0885\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-92.1.13.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-92.1.13.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T16:05:32", "description": "Security fixes :\n\n - a missing capability check was found in the Linux kernel do_change_type routine. This could allow a local unprivileged user to gain privileged access or cause a denial of service. (CVE-2008-2931, Important)\n\n - a flaw was found in the Linux kernel Direct-IO implementation. This could allow a local unprivileged user to cause a denial of service. (CVE-2007-6716, Important)\n\n - Tobias Klein reported a missing check in the Linux kernel Open Sound System (OSS) implementation. This deficiency could lead to a possible information leak.\n (CVE-2008-3272, Moderate)\n\n - a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\n - a flaw was found in the Linux kernel tmpfs implementation. This could allow a local unprivileged user to read sensitive information from the kernel.\n (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n - when copying a small IPoIB packet from the original skb it was received in to a new, smaller skb, all fields in the new skb were not initialized. This may have caused a kernel oops.\n\n - previously, data may have been written beyond the end of an array, causing memory corruption on certain systems, resulting in hypervisor crashes during context switching.\n\n - a kernel crash may have occurred on heavily-used Samba servers after 24 to 48 hours of use.\n\n - under heavy memory pressure, pages may have been swapped out from under the SGI Altix XPMEM driver, causing silent data corruption in the kernel.\n\n - the ixgbe driver is untested, but support was advertised for the Intel 82598 network card. If this card was present when the ixgbe driver was loaded, a NULL pointer dereference and a panic occurred.\n\n - on certain systems, if multiple InfiniBand queue pairs simultaneously fell into an error state, an overrun may have occurred, stopping traffic.\n\n - with bridging, when forward delay was set to zero, setting an interface to the forwarding state was delayed by one or possibly two timers, depending on whether STP was enabled. This may have caused long delays in moving an interface to the forwarding state. This issue caused packet loss when migrating virtual machines, preventing them from being migrated without interrupting applications.\n\n - on certain multinode systems, IPMI device nodes were created in reverse order of where they physically resided.\n\n - process hangs may have occurred while accessing application data files via asynchronous direct I/O system calls.\n\n - on systems with heavy lock traffic, a possible deadlock may have caused anything requiring locks over NFS to stop, or be very slow. Errors such as 'lockd: server [IP] not responding, timed out' were logged on client systems.\n\n - unexpected removals of USB devices may have caused a NULL pointer dereference in kobject_get_path.\n\n - on Itanium-based systems, repeatedly creating and destroying Windows guests may have caused Dom0 to crash, due to the 'XENMEM_add_to_physmap' hypercall, used by para-virtualized drivers on HVM, being SMP-unsafe.\n\n - when using an MD software RAID, crashes may have occurred when devices were removed or changed while being iterated through. Correct locking is now used.\n\n - break requests had no effect when using 'Serial Over Lan' with the Intel 82571 network card. This issue may have caused log in problems.\n\n - on Itanium-based systems, module_free() referred the first parameter before checking it was valid. This may have caused a kernel panic when exiting SystemTap.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6417", "CVE-2007-6716", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080924_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60477", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60477);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fixes :\n\n - a missing capability check was found in the Linux kernel\n do_change_type routine. This could allow a local\n unprivileged user to gain privileged access or cause a\n denial of service. (CVE-2008-2931, Important)\n\n - a flaw was found in the Linux kernel Direct-IO\n implementation. This could allow a local unprivileged\n user to cause a denial of service. (CVE-2007-6716,\n Important)\n\n - Tobias Klein reported a missing check in the Linux\n kernel Open Sound System (OSS) implementation. This\n deficiency could lead to a possible information leak.\n (CVE-2008-3272, Moderate)\n\n - a deficiency was found in the Linux kernel virtual\n filesystem (VFS) implementation. This could allow a\n local unprivileged user to attempt file creation within\n deleted directories, possibly causing a denial of\n service. (CVE-2008-3275, Moderate)\n\n - a flaw was found in the Linux kernel tmpfs\n implementation. This could allow a local unprivileged\n user to read sensitive information from the kernel.\n (CVE-2007-6417, Moderate)\n\nBug fixes :\n\n - when copying a small IPoIB packet from the original skb\n it was received in to a new, smaller skb, all fields in\n the new skb were not initialized. This may have caused a\n kernel oops.\n\n - previously, data may have been written beyond the end of\n an array, causing memory corruption on certain systems,\n resulting in hypervisor crashes during context\n switching.\n\n - a kernel crash may have occurred on heavily-used Samba\n servers after 24 to 48 hours of use.\n\n - under heavy memory pressure, pages may have been swapped\n out from under the SGI Altix XPMEM driver, causing\n silent data corruption in the kernel.\n\n - the ixgbe driver is untested, but support was advertised\n for the Intel 82598 network card. If this card was\n present when the ixgbe driver was loaded, a NULL pointer\n dereference and a panic occurred.\n\n - on certain systems, if multiple InfiniBand queue pairs\n simultaneously fell into an error state, an overrun may\n have occurred, stopping traffic.\n\n - with bridging, when forward delay was set to zero,\n setting an interface to the forwarding state was delayed\n by one or possibly two timers, depending on whether STP\n was enabled. This may have caused long delays in moving\n an interface to the forwarding state. This issue caused\n packet loss when migrating virtual machines, preventing\n them from being migrated without interrupting\n applications.\n\n - on certain multinode systems, IPMI device nodes were\n created in reverse order of where they physically\n resided.\n\n - process hangs may have occurred while accessing\n application data files via asynchronous direct I/O\n system calls.\n\n - on systems with heavy lock traffic, a possible deadlock\n may have caused anything requiring locks over NFS to\n stop, or be very slow. Errors such as 'lockd: server\n [IP] not responding, timed out' were logged on client\n systems.\n\n - unexpected removals of USB devices may have caused a\n NULL pointer dereference in kobject_get_path.\n\n - on Itanium-based systems, repeatedly creating and\n destroying Windows guests may have caused Dom0 to crash,\n due to the 'XENMEM_add_to_physmap' hypercall, used by\n para-virtualized drivers on HVM, being SMP-unsafe.\n\n - when using an MD software RAID, crashes may have\n occurred when devices were removed or changed while\n being iterated through. Correct locking is now used.\n\n - break requests had no effect when using 'Serial Over\n Lan' with the Intel 82571 network card. This issue may\n have caused log in problems.\n\n - on Itanium-based systems, module_free() referred the\n first parameter before checking it was valid. This may\n have caused a kernel panic when exiting SystemTap.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0809&L=scientific-linux-errata&T=0&P=805\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?92d7044b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-92.1.13.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-92.1.13.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-16T15:07:53", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - CVE-2008-2931: missing check before setting mount propagation\n\n - CVE-2007-6716: dio: use kzalloc to zero out struct dio\n\n - CVE-2008-3272: snd_seq_oss_synth_make_info leak\n\n - CVE-2008-3275: vfs: fix lookup on deleted directory\n\n - CVE-2007-6417: tmpfs: restore missing clear_highpage", "cvss3": {}, "published": "2014-11-26T00:00:00", "type": "nessus", "title": "OracleVM 2.1 : kernel (OVMSA-2008-2006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6417", "CVE-2007-6716", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3275"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-boot", "p-cpe:/a:oracle:vm:kernel-boot-devel", "p-cpe:/a:oracle:vm:kernel-kdump", "p-cpe:/a:oracle:vm:kernel-kdump-devel", "p-cpe:/a:oracle:vm:kernel-ovs", "p-cpe:/a:oracle:vm:kernel-ovs-devel", "cpe:/o:oracle:vm_server:2.1"], "id": "ORACLEVM_OVMSA-2008-2006.NASL", "href": "https://www.tenable.com/plugins/nessus/79448", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2008-2006.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79448);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n script_bugtraq_id(27694, 30126, 30559, 30647, 31515);\n\n script_name(english:\"OracleVM 2.1 : kernel (OVMSA-2008-2006)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - CVE-2008-2931: missing check before setting mount\n propagation\n\n - CVE-2007-6716: dio: use kzalloc to zero out struct dio\n\n - CVE-2008-3272: snd_seq_oss_synth_make_info leak\n\n - CVE-2008-3275: vfs: fix lookup on deleted directory\n\n - CVE-2007-6417: tmpfs: restore missing clear_highpage\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2008-September/000004.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6b54f55b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-BOOT-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-ovs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-ovs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"2\\.1\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 2.1\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-BOOT-2.6.18-8.1.15.1.20.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-BOOT-devel-2.6.18-8.1.15.1.20.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-kdump-2.6.18-8.1.15.1.20.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-kdump-devel-2.6.18-8.1.15.1.20.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-ovs-2.6.18-8.1.15.1.20.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-ovs-devel-2.6.18-8.1.15.1.20.el5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-BOOT / kernel-BOOT-devel / kernel-kdump / kernel-kdump-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:46:43", "description": "This kernel update fixes various bugs and also several security issues :\n\nCVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service (crash) attack.\n\nCVE-2008-3833: The generic_file_splice_write function in fs/splice.c in the Linux kernel does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by splicing into an inode in order to create an executable file in a setgid directory.\n\nCVE-2008-4210: fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O.\n\nCVE-2008-4302: fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool.\n\nCVE-2008-3528: The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.\n\nCVE-2007-6716: fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.\n\nCVE-2008-3525: Added missing capability checks in sbni_ioctl().\n\nCVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel.\n\nCVE-2008-2931: The do_change_type function in fs/namespace.c did not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.\n\nCVE-2008-2812: Various NULL ptr checks have been added to tty op functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited.\n\nCVE-2008-1673: Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules.\n\nCVE-2008-3527: arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 did not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the install_special_mapping, syscall, and syscall32_nopage functions.", "cvss3": {}, "published": "2008-11-12T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : kernel (kernel-5751)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6716", "CVE-2008-1673", "CVE-2008-2812", "CVE-2008-2931", "CVE-2008-3272", "CVE-2008-3525", "CVE-2008-3527", "CVE-2008-3528", "CVE-2008-3833", "CVE-2008-4210", "CVE-2008-4302", "CVE-2008-4576"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-bigsmp", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-kdump", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xenpae", "cpe:/o:novell:opensuse:10.2"], "id": "SUSE_KERNEL-5751.NASL", "href": "https://www.tenable.com/plugins/nessus/34755", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-5751.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34755);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-1673\", \"CVE-2008-2812\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3525\", \"CVE-2008-3527\", \"CVE-2008-3528\", \"CVE-2008-3833\", \"CVE-2008-4210\", \"CVE-2008-4302\", \"CVE-2008-4576\");\n\n script_name(english:\"openSUSE 10 Security Update : kernel (kernel-5751)\");\n script_summary(english:\"Check for the kernel-5751 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update fixes various bugs and also several security \nissues :\n\nCVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between\nSCTP AUTH availability. This might be exploited remotely for a denial\nof service (crash) attack.\n\nCVE-2008-3833: The generic_file_splice_write function in fs/splice.c\nin the Linux kernel does not properly strip setuid and setgid bits\nwhen there is a write to a file, which allows local users to gain the\nprivileges of a different group, and obtain sensitive information or\npossibly have unspecified other impact, by splicing into an inode in\norder to create an executable file in a setgid directory.\n\nCVE-2008-4210: fs/open.c in the Linux kernel before 2.6.22 does not\nproperly strip setuid and setgid bits when there is a write to a file,\nwhich allows local users to gain the privileges of a different group,\nand obtain sensitive information or possibly have unspecified other\nimpact, by creating an executable file in a setgid directory through\nthe (1) truncate or (2) ftruncate function in conjunction with\nmemory-mapped I/O.\n\nCVE-2008-4302: fs/splice.c in the splice subsystem in the Linux kernel\nbefore 2.6.22.2 does not properly handle a failure of the\nadd_to_page_cache_lru function, and subsequently attempts to unlock a\npage that was not locked, which allows local users to cause a denial\nof service (kernel BUG and system crash), as demonstrated by the fio\nI/O tool.\n\nCVE-2008-3528: The ext[234] filesystem code fails to properly handle\ncorrupted data structures. With a mounted filesystem image or\npartition that have corrupted dir->i_size and dir->i_blocks, a user\nperforming either a read or write operation on the mounted image or\npartition can lead to a possible denial of service by spamming the\nlogfile.\n\nCVE-2007-6716: fs/direct-io.c in the dio subsystem in the Linux kernel\ndid not properly zero out the dio struct, which allows local users to\ncause a denial of service (OOPS), as demonstrated by a certain fio\ntest.\n\nCVE-2008-3525: Added missing capability checks in sbni_ioctl().\n\nCVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which\ncould be used to leak information from the kernel.\n\nCVE-2008-2931: The do_change_type function in fs/namespace.c did not\nverify that the caller has the CAP_SYS_ADMIN capability, which allows\nlocal users to gain privileges or cause a denial of service by\nmodifying the properties of a mountpoint.\n\nCVE-2008-2812: Various NULL ptr checks have been added to tty op\nfunctions, which might have been used by local attackers to execute\ncode. We think that this affects only devices openable by root, so the\nimpact is limited.\n\nCVE-2008-1673: Added range checking in ASN.1 handling for the CIFS and\nSNMP NAT netfilter modules.\n\nCVE-2008-3527: arch/i386/kernel/sysenter.c in the Virtual Dynamic\nShared Objects (vDSO) implementation in the Linux kernel before 2.6.21\ndid not properly check boundaries, which allows local users to gain\nprivileges or cause a denial of service via unspecified vectors,\nrelated to the install_special_mapping, syscall, and syscall32_nopage\nfunctions.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 287, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xenpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/11/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-bigsmp-2.6.18.8-0.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-default-2.6.18.8-0.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-kdump-2.6.18.8-0.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-source-2.6.18.8-0.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-syms-2.6.18.8-0.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-xen-2.6.18.8-0.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kernel-xenpae-2.6.18.8-0.13\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-bigsmp / kernel-default / kernel-kdump / kernel-source / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:46:11", "description": "The openSUSE 10.3 kernel was update to 2.6.22.19. This includes bugs and security fixes.\n\nCVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service (crash) attack.\n\nCVE-2008-3528: The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.\n\nCVE-2007-6716: fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.\n\nCVE-2008-3525: Added missing capability checks in sbni_ioctl().\n\nCVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel.\n\nCVE-2008-3276: An integer overflow flaw was found in the Linux kernel dccp_setsockopt_change() function. An attacker may leverage this vulnerability to trigger a kernel panic on a victim's machine remotely.\n\nCVE-2008-1673: Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules.\n\nCVE-2008-2826: A integer overflow in SCTP was fixed, which might have been used by remote attackers to crash the machine or potentially execute code.\n\nCVE-2008-2812: Various NULL ptr checks have been added to tty op functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited.", "cvss3": {}, "published": "2008-10-21T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : kernel (kernel-5700)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6716", "CVE-2008-1673", "CVE-2008-2812", "CVE-2008-2826", "CVE-2008-3272", "CVE-2008-3276", "CVE-2008-3525", "CVE-2008-3528", "CVE-2008-4576"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-bigsmp", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xenpae", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_KERNEL-5700.NASL", "href": "https://www.tenable.com/plugins/nessus/34457", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-5700.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34457);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-1673\", \"CVE-2008-2812\", \"CVE-2008-2826\", \"CVE-2008-3272\", \"CVE-2008-3276\", \"CVE-2008-3525\", \"CVE-2008-3528\", \"CVE-2008-4576\");\n\n script_name(english:\"openSUSE 10 Security Update : kernel (kernel-5700)\");\n script_summary(english:\"Check for the kernel-5700 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE 10.3 kernel was update to 2.6.22.19. This includes bugs\nand security fixes.\n\nCVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between\nSCTP AUTH availability. This might be exploited remotely for a denial\nof service (crash) attack.\n\nCVE-2008-3528: The ext[234] filesystem code fails to properly handle\ncorrupted data structures. With a mounted filesystem image or\npartition that have corrupted dir->i_size and dir->i_blocks, a user\nperforming either a read or write operation on the mounted image or\npartition can lead to a possible denial of service by spamming the\nlogfile.\n\nCVE-2007-6716: fs/direct-io.c in the dio subsystem in the Linux kernel\ndid not properly zero out the dio struct, which allows local users to\ncause a denial of service (OOPS), as demonstrated by a certain fio\ntest.\n\nCVE-2008-3525: Added missing capability checks in sbni_ioctl().\n\nCVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which\ncould be used to leak information from the kernel.\n\nCVE-2008-3276: An integer overflow flaw was found in the Linux kernel\ndccp_setsockopt_change() function. An attacker may leverage this\nvulnerability to trigger a kernel panic on a victim's machine\nremotely.\n\nCVE-2008-1673: Added range checking in ASN.1 handling for the CIFS and\nSNMP NAT netfilter modules.\n\nCVE-2008-2826: A integer overflow in SCTP was fixed, which might have\nbeen used by remote attackers to crash the machine or potentially\nexecute code.\n\nCVE-2008-2812: Various NULL ptr checks have been added to tty op\nfunctions, which might have been used by local attackers to execute\ncode. We think that this affects only devices openable by root, so the\nimpact is limited.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 189, 264, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xenpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-bigsmp-2.6.22.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-debug-2.6.22.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-default-2.6.22.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-source-2.6.22.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-syms-2.6.22.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xen-2.6.22.19-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xenpae-2.6.22.19-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-bigsmp / kernel-debug / kernel-default / kernel-source / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:54", "description": "This is a respin of the previous kernel update, which got retracted due to an IDE-CDROM regression, where any IDE CDROM access would hang or crash the system. Only this problem was fixed additionally.\n\nThis kernel update fixes the following security problems :\n\n - On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine. (CVE-2008-1615)\n\n - Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking. (CVE-2008-1669)\n\n - Fixed a resource starvation problem in the handling of ZERO mmap pages. (CVE-2008-2372)\n\n - The asn1 implementation in (a) the Linux kernel, as used in the cifs and ip_nat_snmp_basic modules does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding.\n (CVE-2008-1673)\n\n - Various tty / serial devices did not check functionpointers for NULL before calling them, leading to potential crashes or code execution. The devices affected are usually only accessible by the root user though. (CVE-2008-2812)\n\n - A missing permission check in mount changing was added which could have been used by local attackers to change the mountdirectory. (CVE-2008-2931)\n\nAdditionally a very large number of bugs was fixed. Details can be found in the RPM changelog of the included packages.\n\nOCFS2 has been upgraded to the 1.4.1 release :\n\n - Endian fixes\n\n - Use slab caches for DLM objects\n\n - Export DLM state info to debugfs\n\n - Avoid ENOSPC in rare conditions when free inodes are reserved by other nodes\n\n - Error handling fix in ocfs2_start_walk_page_trans()\n\n - Cleanup lockres printing\n\n - Allow merging of extents\n\n - Fix to allow changing permissions of symlinks\n\n - Merged local fixes upstream (no code change)", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5473)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1615", "CVE-2008-1669", "CVE-2008-1673", "CVE-2008-2372", "CVE-2008-2812", "CVE-2008-2931"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5473.NASL", "href": "https://www.tenable.com/plugins/nessus/41533", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41533);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1615\", \"CVE-2008-1669\", \"CVE-2008-1673\", \"CVE-2008-2372\", \"CVE-2008-2812\", \"CVE-2008-2931\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5473)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a respin of the previous kernel update, which got retracted\ndue to an IDE-CDROM regression, where any IDE CDROM access would hang\nor crash the system. Only this problem was fixed additionally.\n\nThis kernel update fixes the following security problems :\n\n - On x86_64 a denial of service attack could be used by\n local attackers to immediately panic / crash the\n machine. (CVE-2008-1615)\n\n - Fixed a SMP ordering problem in fcntl_setlk could\n potentially allow local attackers to execute code by\n timing file locking. (CVE-2008-1669)\n\n - Fixed a resource starvation problem in the handling of\n ZERO mmap pages. (CVE-2008-2372)\n\n - The asn1 implementation in (a) the Linux kernel, as used\n in the cifs and ip_nat_snmp_basic modules does not\n properly validate length values during decoding of ASN.1\n BER data, which allows remote attackers to cause a\n denial of service (crash) or execute arbitrary code via\n (1) a length greater than the working buffer, which can\n lead to an unspecified overflow; (2) an oid length of\n zero, which can lead to an off-by-one error; or (3) an\n indefinite length for a primitive encoding.\n (CVE-2008-1673)\n\n - Various tty / serial devices did not check\n functionpointers for NULL before calling them, leading\n to potential crashes or code execution. The devices\n affected are usually only accessible by the root user\n though. (CVE-2008-2812)\n\n - A missing permission check in mount changing was added\n which could have been used by local attackers to change\n the mountdirectory. (CVE-2008-2931)\n\nAdditionally a very large number of bugs was fixed. Details can be\nfound in the RPM changelog of the included packages.\n\nOCFS2 has been upgraded to the 1.4.1 release :\n\n - Endian fixes\n\n - Use slab caches for DLM objects\n\n - Export DLM state info to debugfs\n\n - Avoid ENOSPC in rare conditions when free inodes are\n reserved by other nodes\n\n - Error handling fix in ocfs2_start_walk_page_trans()\n\n - Cleanup lockres printing\n\n - Allow merging of extents\n\n - Fix to allow changing permissions of symlinks\n\n - Merged local fixes upstream (no code change)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1615.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1669.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1673.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2372.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2812.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2931.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5473.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 94, 119, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.27\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:16", "description": "This is a respin of the previous kernel update, which got retracted due to an IDE-CDROM regression, where any IDE CDROM access would hang or crash the system. Only this problem was fixed additionally.\n\nThis kernel update fixes the following security problems :\n\n - On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine. (CVE-2008-1615)\n\n - Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking. (CVE-2008-1669)\n\n - Fixed a resource starvation problem in the handling of ZERO mmap pages. (CVE-2008-2372)\n\n - The asn1 implementation in (a) the Linux kernel, as used in the cifs and ip_nat_snmp_basic modules does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding.\n (CVE-2008-1673)\n\n - Various tty / serial devices did not check functionpointers for NULL before calling them, leading to potential crashes or code execution. The devices affected are usually only accessible by the root user though. (CVE-2008-2812)\n\n - A missing permission check in mount changing was added which could have been used by local attackers to change the mountdirectory. (CVE-2008-2931)\n\nAdditionally a very large number of bugs was fixed. Details can be found in the RPM changelog of the included packages.\n\nOCFS2 has been upgraded to the 1.4.1 release :\n\n - Endian fixes\n\n - Use slab caches for DLM objects\n\n - Export DLM state info to debugfs\n\n - Avoid ENOSPC in rare conditions when free inodes are reserved by other nodes\n\n - Error handling fix in ocfs2_start_walk_page_trans()\n\n - Cleanup lockres printing\n\n - Allow merging of extents\n\n - Fix to allow changing permissions of symlinks\n\n - Merged local fixes upstream (no code change)", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5477)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1615", "CVE-2008-1669", "CVE-2008-1673", "CVE-2008-2372", "CVE-2008-2812", "CVE-2008-2931"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5477.NASL", "href": "https://www.tenable.com/plugins/nessus/59129", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59129);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1615\", \"CVE-2008-1669\", \"CVE-2008-1673\", \"CVE-2008-2372\", \"CVE-2008-2812\", \"CVE-2008-2931\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5477)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a respin of the previous kernel update, which got retracted\ndue to an IDE-CDROM regression, where any IDE CDROM access would hang\nor crash the system. Only this problem was fixed additionally.\n\nThis kernel update fixes the following security problems :\n\n - On x86_64 a denial of service attack could be used by\n local attackers to immediately panic / crash the\n machine. (CVE-2008-1615)\n\n - Fixed a SMP ordering problem in fcntl_setlk could\n potentially allow local attackers to execute code by\n timing file locking. (CVE-2008-1669)\n\n - Fixed a resource starvation problem in the handling of\n ZERO mmap pages. (CVE-2008-2372)\n\n - The asn1 implementation in (a) the Linux kernel, as used\n in the cifs and ip_nat_snmp_basic modules does not\n properly validate length values during decoding of ASN.1\n BER data, which allows remote attackers to cause a\n denial of service (crash) or execute arbitrary code via\n (1) a length greater than the working buffer, which can\n lead to an unspecified overflow; (2) an oid length of\n zero, which can lead to an off-by-one error; or (3) an\n indefinite length for a primitive encoding.\n (CVE-2008-1673)\n\n - Various tty / serial devices did not check\n functionpointers for NULL before calling them, leading\n to potential crashes or code execution. The devices\n affected are usually only accessible by the root user\n though. (CVE-2008-2812)\n\n - A missing permission check in mount changing was added\n which could have been used by local attackers to change\n the mountdirectory. (CVE-2008-2931)\n\nAdditionally a very large number of bugs was fixed. Details can be\nfound in the RPM changelog of the included packages.\n\nOCFS2 has been upgraded to the 1.4.1 release :\n\n - Endian fixes\n\n - Use slab caches for DLM objects\n\n - Export DLM state info to debugfs\n\n - Avoid ENOSPC in rare conditions when free inodes are\n reserved by other nodes\n\n - Error handling fix in ocfs2_start_walk_page_trans()\n\n - Cleanup lockres printing\n\n - Allow merging of extents\n\n - Fix to allow changing permissions of symlinks\n\n - Merged local fixes upstream (no code change)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1615.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1669.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1673.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2372.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2812.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-2931.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5477.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 94, 119, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.27\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.27\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:15:20", "description": "A vulnerability was discovered and corrected in the Linux 2.6 kernel :\n\nThe asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2008:113)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1673"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:actuator-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:actuator-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:actuator-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:actuator-kernel-server-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-server-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-server-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:fcdsl-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdsl-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdsl-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdsl-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:fcusb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ipw3945-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ipw3945-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcusb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ipw3945-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcusb-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:ipw3945-kernel-server-latest", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcusb-kernel-server-latest", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-2.6.24.5-2mnb", "p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.24.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.24.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:fcusb2-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcusb2-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.24.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.24.5-2mnb", "p-cpe:/a:mandriva:linux:fcusb2-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:fcusb2-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:kernel-laptop-2.6.24.5-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:kernel-laptop-devel-2.6.24.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-laptop-devel-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:kernel-laptop-latest", "p-cpe:/a:mandriva:linux:kernel-server-2.6.24.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.24.5-2mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.24.5-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fxusb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:fxusb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:fxusb-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fxusb-kernel-server-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-server-latest", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:m560x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:gspca-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:m560x-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:gspca-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:m560x-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:m560x-kernel-server-latest", "p-cpe:/a:mandriva:linux:gspca-kernel-server-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-server-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:r5u870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:r5u870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:r5u870-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:r5u870-kernel-server-latest", "p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:realcrypt-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:realcrypt-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:realcrypt-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:realcrypt-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "cpe:/o:mandriva:linux:2008.1", "p-cpe:/a:mandriva:linux:syntek-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:unicorn-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:unicorn-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:unicorn-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:unicorn-kernel-server-latest", "p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:unionfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:unionfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:unionfs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:unionfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.5-desktop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.5-desktop586-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.5-laptop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.5-server-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.5-desktop-2mnb"], "id": "MANDRIVA_MDVSA-2008-113.NASL", "href": "https://www.tenable.com/plugins/nessus/36625", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:113. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36625);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-1673\");\n script_xref(name:\"MDVSA\", value:\"2008:113\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2008:113)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was discovered and corrected in the Linux 2.6 kernel :\n\nThe asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6\nand 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic\nmodules; and (b) the gxsnmp package; does not properly validate length\nvalues during decoding of ASN.1 BER data, which allows remote\nattackers to cause a denial of service (crash) or execute arbitrary\ncode via (1) a length greater than the working buffer, which can lead\nto an unspecified overflow; (2) an oid length of zero, which can lead\nto an off-by-one error; or (3) an indefinite length for a primitive\nencoding.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslsl-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslslusb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusb2-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdslusba-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcusb2-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fxusb_CZ-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gspca-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gspca-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gspca-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ipw3945-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iwlwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.24.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.24.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.24.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.24.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.24.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-laptop-2.6.24.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-laptop-devel-2.6.24.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-laptop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.24.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.24.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.24.5-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:m560x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ndiswrapper-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:r5u870-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:realcrypt-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unicorn-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:unionfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.5-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.5-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.5-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.5-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", reference:\"actuator-kernel-2.6.24.5-desktop-2mnb-1.0.5-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"actuator-kernel-2.6.24.5-desktop586-2mnb-1.0.5-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"actuator-kernel-2.6.24.5-laptop-2mnb-1.0.5-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"actuator-kernel-2.6.24.5-server-2mnb-1.0.5-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"actuator-kernel-desktop-latest-1.0.5-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"actuator-kernel-desktop586-latest-1.0.5-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"actuator-kernel-laptop-latest-1.0.5-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"actuator-kernel-server-latest-1.0.5-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"alsa_raoppcm-kernel-2.6.24.5-desktop-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-2.6.24.5-desktop586-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"alsa_raoppcm-kernel-2.6.24.5-laptop-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"alsa_raoppcm-kernel-2.6.24.5-server-2mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20080612.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20080612.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"alsa_raoppcm-kernel-laptop-latest-0.5.1-1.20080612.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"alsa_raoppcm-kernel-server-latest-0.5.1-1.20080612.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dkms-pcc-acpi-kernel-2.6.24.5-desktop-2mnb-0.9-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"dkms-pcc-acpi-kernel-2.6.24.5-desktop586-2mnb-0.9-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dkms-pcc-acpi-kernel-2.6.24.5-laptop-2mnb-0.9-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dkms-pcc-acpi-kernel-2.6.24.5-server-2mnb-0.9-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dkms-pcc-acpi-kernel-desktop-latest-0.9-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"dkms-pcc-acpi-kernel-desktop586-latest-0.9-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dkms-pcc-acpi-kernel-laptop-latest-0.9-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"dkms-pcc-acpi-kernel-server-latest-0.9-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"drm-experimental-kernel-2.6.24.5-desktop-2mnb-2.3.0-1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"drm-experimental-kernel-2.6.24.5-desktop586-2mnb-2.3.0-1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"drm-experimental-kernel-2.6.24.5-laptop-2mnb-2.3.0-1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"drm-experimental-kernel-2.6.24.5-server-2mnb-2.3.0-1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"drm-experimental-kernel-desktop-latest-2.3.0-1.20080612.1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"drm-experimental-kernel-desktop586-latest-2.3.0-1.20080612.1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"drm-experimental-kernel-laptop-latest-2.3.0-1.20080612.1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"drm-experimental-kernel-server-latest-2.3.0-1.20080612.1.20080223.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"em8300-kernel-2.6.24.5-desktop-2mnb-0.16.4-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"em8300-kernel-2.6.24.5-desktop586-2mnb-0.16.4-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"em8300-kernel-2.6.24.5-laptop-2mnb-0.16.4-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"em8300-kernel-2.6.24.5-server-2mnb-0.16.4-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"em8300-kernel-desktop-latest-0.16.4-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"em8300-kernel-desktop586-latest-0.16.4-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"em8300-kernel-laptop-latest-0.16.4-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"em8300-kernel-server-latest-0.16.4-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"et131x-kernel-2.6.24.5-desktop-2mnb-1.2.3-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"et131x-kernel-2.6.24.5-desktop586-2mnb-1.2.3-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"et131x-kernel-2.6.24.5-laptop-2mnb-1.2.3-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"et131x-kernel-2.6.24.5-server-2mnb-1.2.3-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"et131x-kernel-desktop-latest-1.2.3-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"et131x-kernel-desktop586-latest-1.2.3-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"et131x-kernel-laptop-latest-1.2.3-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"et131x-kernel-server-latest-1.2.3-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-2.6.24.5-desktop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-2.6.24.5-desktop586-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-2.6.24.5-laptop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-2.6.24.5-server-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-desktop-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-desktop586-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-laptop-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl-kernel-server-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-2.6.24.5-desktop-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-2.6.24.5-desktop586-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-2.6.24.5-laptop-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-2.6.24.5-server-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-desktop-latest-3.11.07-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-desktop586-latest-3.11.07-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-laptop-latest-3.11.07-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdsl2-kernel-server-latest-3.11.07-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-2.6.24.5-desktop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-2.6.24.5-desktop586-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-2.6.24.5-laptop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-2.6.24.5-server-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-desktop-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-desktop586-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-laptop-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslsl-kernel-server-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-2.6.24.5-desktop-2mnb-3.11.05-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-2.6.24.5-desktop586-2mnb-3.11.05-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-2.6.24.5-laptop-2mnb-3.11.05-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-2.6.24.5-server-2mnb-3.11.05-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-desktop-latest-3.11.05-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-desktop586-latest-3.11.05-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-laptop-latest-3.11.05-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslslusb-kernel-server-latest-3.11.05-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-2.6.24.5-desktop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-2.6.24.5-desktop586-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-2.6.24.5-laptop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-2.6.24.5-server-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-desktop-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-desktop586-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-laptop-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb-kernel-server-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-2.6.24.5-desktop-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-2.6.24.5-desktop586-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-2.6.24.5-laptop-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-2.6.24.5-server-2mnb-3.11.07-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-desktop-latest-3.11.07-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-desktop586-latest-3.11.07-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-laptop-latest-3.11.07-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusb2-kernel-server-latest-3.11.07-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-2.6.24.5-desktop-2mnb-3.11.05-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-2.6.24.5-desktop586-2mnb-3.11.05-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-2.6.24.5-laptop-2mnb-3.11.05-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-2.6.24.5-server-2mnb-3.11.05-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-desktop-latest-3.11.05-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-desktop586-latest-3.11.05-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-laptop-latest-3.11.05-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcdslusba-kernel-server-latest-3.11.05-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.24.5-desktop-2mnb-3.11.07-6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.24.5-desktop586-2mnb-3.11.07-6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.24.5-laptop-2mnb-3.11.07-6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.24.5-server-2mnb-3.11.07-6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20080612.6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20080612.6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-laptop-latest-3.11.07-1.20080612.6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20080612.6.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-2.6.24.5-desktop-2mnb-3.11.04-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-2.6.24.5-desktop586-2mnb-3.11.04-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-2.6.24.5-laptop-2mnb-3.11.04-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-2.6.24.5-server-2mnb-3.11.04-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-desktop-latest-3.11.04-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-desktop586-latest-3.11.04-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-laptop-latest-3.11.04-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb-kernel-server-latest-3.11.04-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-2.6.24.5-desktop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-2.6.24.5-desktop586-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-2.6.24.5-laptop-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-2.6.24.5-server-2mnb-3.11.07-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-desktop-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-desktop586-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-laptop-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fcusb2-kernel-server-latest-3.11.07-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"fglrx-kernel-2.6.24.5-desktop-2mnb-8.471-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.24.5-desktop586-2mnb-8.471-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"fglrx-kernel-2.6.24.5-laptop-2mnb-8.471-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"fglrx-kernel-2.6.24.5-server-2mnb-8.471-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"fglrx-kernel-desktop-latest-8.471-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.471-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"fglrx-kernel-laptop-latest-8.471-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"fglrx-kernel-server-latest-8.471-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-2.6.24.5-desktop-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-2.6.24.5-desktop586-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-2.6.24.5-laptop-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-2.6.24.5-server-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-desktop-latest-3.11.06-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-desktop586-latest-3.11.06-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-laptop-latest-3.11.06-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb-kernel-server-latest-3.11.06-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-2.6.24.5-desktop-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-2.6.24.5-desktop586-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-2.6.24.5-laptop-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-2.6.24.5-server-2mnb-3.11.06-6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-desktop-latest-3.11.06-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-desktop586-latest-3.11.06-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-laptop-latest-3.11.06-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"fxusb_CZ-kernel-server-latest-3.11.06-1.20080612.6mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"gspca-kernel-2.6.24.5-desktop-2mnb-1.00.20-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"gspca-kernel-2.6.24.5-laptop-2mnb-1.00.20-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"gspca-kernel-2.6.24.5-server-2mnb-1.00.20-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"gspca-kernel-desktop-latest-1.00.20-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"gspca-kernel-laptop-latest-1.00.20-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"gspca-kernel-server-latest-1.00.20-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"hsfmodem-kernel-2.6.24.5-desktop-2mnb-7.68.00.07-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.24.5-desktop586-2mnb-7.68.00.07-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"hsfmodem-kernel-2.6.24.5-laptop-2mnb-7.68.00.07-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"hsfmodem-kernel-2.6.24.5-server-2mnb-7.68.00.07-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"hsfmodem-kernel-desktop-latest-7.68.00.07-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.68.00.07-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"hsfmodem-kernel-laptop-latest-7.68.00.07-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"hsfmodem-kernel-server-latest-7.68.00.07-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ipw3945-kernel-2.6.24.5-desktop-2mnb-1.2.2-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"ipw3945-kernel-2.6.24.5-desktop586-2mnb-1.2.2-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ipw3945-kernel-2.6.24.5-laptop-2mnb-1.2.2-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ipw3945-kernel-2.6.24.5-server-2mnb-1.2.2-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ipw3945-kernel-desktop-latest-1.2.2-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"ipw3945-kernel-desktop586-latest-1.2.2-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ipw3945-kernel-laptop-latest-1.2.2-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ipw3945-kernel-server-latest-1.2.2-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"iwlwifi-kernel-2.6.24.5-desktop-2mnb-1.2.25-5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"iwlwifi-kernel-2.6.24.5-desktop586-2mnb-1.2.25-5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"iwlwifi-kernel-2.6.24.5-laptop-2mnb-1.2.25-5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"iwlwifi-kernel-2.6.24.5-server-2mnb-1.2.25-5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"iwlwifi-kernel-desktop-latest-1.2.25-1.20080612.5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"iwlwifi-kernel-desktop586-latest-1.2.25-1.20080612.5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"iwlwifi-kernel-laptop-latest-1.2.25-1.20080612.5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"iwlwifi-kernel-server-latest-1.2.25-1.20080612.5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-2.6.24.5-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-desktop-2.6.24.5-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-desktop-devel-2.6.24.5-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-desktop-devel-latest-2.6.24.5-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-desktop-latest-2.6.24.5-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.24.5-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.24.5-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.24.5-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.24.5-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-doc-2.6.24.5-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-laptop-2.6.24.5-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-laptop-devel-2.6.24.5-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-laptop-devel-latest-2.6.24.5-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-laptop-latest-2.6.24.5-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-server-2.6.24.5-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-server-devel-2.6.24.5-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-server-devel-latest-2.6.24.5-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-server-latest-2.6.24.5-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-source-2.6.24.5-2mnb-1-1mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kernel-source-latest-2.6.24.5-2mnb1\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kqemu-kernel-2.6.24.5-desktop-2mnb-1.3.0pre11-15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"kqemu-kernel-2.6.24.5-desktop586-2mnb-1.3.0pre11-15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kqemu-kernel-2.6.24.5-laptop-2mnb-1.3.0pre11-15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kqemu-kernel-2.6.24.5-server-2mnb-1.3.0pre11-15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kqemu-kernel-desktop-latest-1.3.0pre11-1.20080612.15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"kqemu-kernel-desktop586-latest-1.3.0pre11-1.20080612.15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kqemu-kernel-laptop-latest-1.3.0pre11-1.20080612.15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"kqemu-kernel-server-latest-1.3.0pre11-1.20080612.15\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"libafs-kernel-2.6.24.5-desktop-2mnb-1.4.6-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libafs-kernel-2.6.24.5-desktop586-2mnb-1.4.6-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"libafs-kernel-2.6.24.5-laptop-2mnb-1.4.6-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"libafs-kernel-2.6.24.5-server-2mnb-1.4.6-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"libafs-kernel-desktop-latest-1.4.6-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libafs-kernel-desktop586-latest-1.4.6-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"libafs-kernel-laptop-latest-1.4.6-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"libafs-kernel-server-latest-1.4.6-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lirc-kernel-2.6.24.5-desktop-2mnb-0.8.2-1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"lirc-kernel-2.6.24.5-desktop586-2mnb-0.8.2-1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lirc-kernel-2.6.24.5-laptop-2mnb-0.8.2-1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lirc-kernel-2.6.24.5-server-2mnb-0.8.2-1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lirc-kernel-desktop-latest-0.8.2-1.20080612.1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.2-1.20080612.1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lirc-kernel-laptop-latest-0.8.2-1.20080612.1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lirc-kernel-server-latest-0.8.2-1.20080612.1.20080310.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lzma-kernel-2.6.24.5-desktop-2mnb-4.43-21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"lzma-kernel-2.6.24.5-desktop586-2mnb-4.43-21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lzma-kernel-2.6.24.5-laptop-2mnb-4.43-21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lzma-kernel-2.6.24.5-server-2mnb-4.43-21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lzma-kernel-desktop-latest-4.43-1.20080612.21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20080612.21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lzma-kernel-laptop-latest-4.43-1.20080612.21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"lzma-kernel-server-latest-4.43-1.20080612.21mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"m560x-kernel-2.6.24.5-desktop-2mnb-0.4.0-0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"m560x-kernel-2.6.24.5-desktop586-2mnb-0.4.0-0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"m560x-kernel-2.6.24.5-laptop-2mnb-0.4.0-0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"m560x-kernel-2.6.24.5-server-2mnb-0.4.0-0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"m560x-kernel-desktop-latest-0.4.0-1.20080612.0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"m560x-kernel-desktop586-latest-0.4.0-1.20080612.0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"m560x-kernel-laptop-latest-0.4.0-1.20080612.0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"m560x-kernel-server-latest-0.4.0-1.20080612.0.20080229.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"madwifi-kernel-2.6.24.5-desktop-2mnb-0.9.3.3-5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.24.5-desktop586-2mnb-0.9.3.3-5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"madwifi-kernel-2.6.24.5-laptop-2mnb-0.9.3.3-5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"madwifi-kernel-2.6.24.5-server-2mnb-0.9.3.3-5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"madwifi-kernel-desktop-latest-0.9.3.3-1.20080612.5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.3.3-1.20080612.5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"madwifi-kernel-laptop-latest-0.9.3.3-1.20080612.5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"madwifi-kernel-server-latest-0.9.3.3-1.20080612.5.r3114mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ndiswrapper-kernel-2.6.24.5-desktop-2mnb-1.52-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"ndiswrapper-kernel-2.6.24.5-desktop586-2mnb-1.52-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ndiswrapper-kernel-2.6.24.5-laptop-2mnb-1.52-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ndiswrapper-kernel-2.6.24.5-server-2mnb-1.52-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ndiswrapper-kernel-desktop-latest-1.52-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"ndiswrapper-kernel-desktop586-latest-1.52-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ndiswrapper-kernel-laptop-latest-1.52-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ndiswrapper-kernel-server-latest-1.52-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia-current-kernel-2.6.24.5-desktop-2mnb-169.12-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.24.5-desktop586-2mnb-169.12-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia-current-kernel-2.6.24.5-laptop-2mnb-169.12-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia-current-kernel-2.6.24.5-server-2mnb-169.12-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia-current-kernel-desktop-latest-169.12-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-169.12-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia-current-kernel-laptop-latest-169.12-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia-current-kernel-server-latest-169.12-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia71xx-kernel-2.6.24.5-desktop-2mnb-71.86.04-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"nvidia71xx-kernel-2.6.24.5-desktop586-2mnb-71.86.04-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia71xx-kernel-2.6.24.5-laptop-2mnb-71.86.04-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia71xx-kernel-2.6.24.5-server-2mnb-71.86.04-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia71xx-kernel-desktop-latest-71.86.04-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"nvidia71xx-kernel-desktop586-latest-71.86.04-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia71xx-kernel-laptop-latest-71.86.04-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia71xx-kernel-server-latest-71.86.04-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia96xx-kernel-2.6.24.5-desktop-2mnb-96.43.05-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.24.5-desktop586-2mnb-96.43.05-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia96xx-kernel-2.6.24.5-laptop-2mnb-96.43.05-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia96xx-kernel-2.6.24.5-server-2mnb-96.43.05-4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.05-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.05-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia96xx-kernel-laptop-latest-96.43.05-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"nvidia96xx-kernel-server-latest-96.43.05-1.20080612.4mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"omfs-kernel-2.6.24.5-desktop-2mnb-0.7.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"omfs-kernel-2.6.24.5-desktop586-2mnb-0.7.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"omfs-kernel-2.6.24.5-laptop-2mnb-0.7.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"omfs-kernel-2.6.24.5-server-2mnb-0.7.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"omfs-kernel-desktop-latest-0.7.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"omfs-kernel-desktop586-latest-0.7.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"omfs-kernel-laptop-latest-0.7.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"omfs-kernel-server-latest-0.7.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"opencbm-kernel-2.6.24.5-desktop-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"opencbm-kernel-2.6.24.5-desktop586-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"opencbm-kernel-2.6.24.5-laptop-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"opencbm-kernel-2.6.24.5-server-2mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"opencbm-kernel-desktop-latest-0.4.2a-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"opencbm-kernel-desktop586-latest-0.4.2a-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"opencbm-kernel-laptop-latest-0.4.2a-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"opencbm-kernel-server-latest-0.4.2a-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ov51x-jpeg-kernel-2.6.24.5-desktop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-2.6.24.5-desktop586-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ov51x-jpeg-kernel-2.6.24.5-laptop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ov51x-jpeg-kernel-2.6.24.5-server-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ov51x-jpeg-kernel-desktop-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-desktop586-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ov51x-jpeg-kernel-laptop-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"ov51x-jpeg-kernel-server-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"qc-usb-messenger-kernel-2.6.24.5-desktop-2mnb-1.7-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"qc-usb-messenger-kernel-2.6.24.5-desktop586-2mnb-1.7-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"qc-usb-messenger-kernel-2.6.24.5-laptop-2mnb-1.7-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"qc-usb-messenger-kernel-2.6.24.5-server-2mnb-1.7-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"qc-usb-messenger-kernel-desktop-latest-1.7-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"qc-usb-messenger-kernel-desktop586-latest-1.7-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"qc-usb-messenger-kernel-laptop-latest-1.7-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"qc-usb-messenger-kernel-server-latest-1.7-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"r5u870-kernel-2.6.24.5-desktop-2mnb-0.11.0-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"r5u870-kernel-2.6.24.5-desktop586-2mnb-0.11.0-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"r5u870-kernel-2.6.24.5-laptop-2mnb-0.11.0-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"r5u870-kernel-2.6.24.5-server-2mnb-0.11.0-3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"r5u870-kernel-desktop-latest-0.11.0-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"r5u870-kernel-desktop586-latest-0.11.0-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"r5u870-kernel-laptop-latest-0.11.0-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"r5u870-kernel-server-latest-0.11.0-1.20080612.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"realcrypt-kernel-2.6.24.5-desktop-2mnb-4.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"realcrypt-kernel-2.6.24.5-desktop586-2mnb-4.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"realcrypt-kernel-2.6.24.5-laptop-2mnb-4.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"realcrypt-kernel-2.6.24.5-server-2mnb-4.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"realcrypt-kernel-desktop-latest-4.3-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"realcrypt-kernel-desktop586-latest-4.3-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"realcrypt-kernel-laptop-latest-4.3-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"realcrypt-kernel-server-latest-4.3-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.24.5-desktop-2mnb-2.9.11-0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.24.5-desktop586-2mnb-2.9.11-0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.24.5-laptop-2mnb-2.9.11-0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.24.5-server-2mnb-2.9.11-0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20080612.0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20080612.0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-laptop-latest-2.9.11-1.20080612.0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20080612.0.20070813.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-kernel-2.6.24.5-desktop-2mnb-3.3-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"squashfs-kernel-2.6.24.5-desktop586-2mnb-3.3-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-kernel-2.6.24.5-laptop-2mnb-3.3-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-kernel-2.6.24.5-server-2mnb-3.3-2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-kernel-desktop-latest-3.3-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"squashfs-kernel-desktop586-latest-3.3-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-kernel-laptop-latest-3.3-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-kernel-server-latest-3.3-1.20080612.2mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-lzma-kernel-2.6.24.5-desktop-2mnb-3.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.24.5-desktop586-2mnb-3.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-lzma-kernel-2.6.24.5-laptop-2mnb-3.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-lzma-kernel-2.6.24.5-server-2mnb-3.3-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-lzma-kernel-laptop-latest-3.3-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"syntek-kernel-2.6.24.5-desktop-2mnb-1.3.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"syntek-kernel-2.6.24.5-desktop586-2mnb-1.3.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"syntek-kernel-2.6.24.5-laptop-2mnb-1.3.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"syntek-kernel-2.6.24.5-server-2mnb-1.3.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"syntek-kernel-desktop-latest-1.3.1-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"syntek-kernel-desktop586-latest-1.3.1-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"syntek-kernel-laptop-latest-1.3.1-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"syntek-kernel-server-latest-1.3.1-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tp_smapi-kernel-2.6.24.5-desktop-2mnb-0.36-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"tp_smapi-kernel-2.6.24.5-desktop586-2mnb-0.36-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tp_smapi-kernel-2.6.24.5-laptop-2mnb-0.36-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tp_smapi-kernel-2.6.24.5-server-2mnb-0.36-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tp_smapi-kernel-desktop-latest-0.36-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"tp_smapi-kernel-desktop586-latest-0.36-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tp_smapi-kernel-laptop-latest-0.36-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tp_smapi-kernel-server-latest-0.36-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-2.6.24.5-desktop-2mnb-0.9.3-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-2.6.24.5-desktop586-2mnb-0.9.3-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-2.6.24.5-laptop-2mnb-0.9.3-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-2.6.24.5-server-2mnb-0.9.3-7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-desktop-latest-0.9.3-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-desktop586-latest-0.9.3-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-laptop-latest-0.9.3-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unicorn-kernel-server-latest-0.9.3-1.20080612.7mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"unionfs-kernel-2.6.24.5-desktop-2mnb-1.4.1mdv2008.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unionfs-kernel-2.6.24.5-desktop586-2mnb-1.4.1mdv2008.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"unionfs-kernel-2.6.24.5-laptop-2mnb-1.4.1mdv2008.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"unionfs-kernel-2.6.24.5-server-2mnb-1.4.1mdv2008.1-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"unionfs-kernel-desktop-latest-1.4.1mdv2008.1-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"unionfs-kernel-desktop586-latest-1.4.1mdv2008.1-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"unionfs-kernel-laptop-latest-1.4.1mdv2008.1-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"unionfs-kernel-server-latest-1.4.1mdv2008.1-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.24.5-desktop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.24.5-desktop586-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.24.5-laptop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.24.5-server-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-desktop-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-desktop586-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-laptop-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxadd-kernel-server-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.24.5-desktop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.24.5-desktop586-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.24.5-laptop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.24.5-server-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-desktop-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-desktop586-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-laptop-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vboxvfs-kernel-server-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"virtualbox-kernel-2.6.24.5-desktop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.24.5-desktop586-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"virtualbox-kernel-2.6.24.5-laptop-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"virtualbox-kernel-2.6.24.5-server-2mnb-1.5.6-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"virtualbox-kernel-desktop-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"virtualbox-kernel-laptop-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"virtualbox-kernel-server-latest-1.5.6-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"vpnclient-kernel-2.6.24.5-desktop-2mnb-4.8.01.0640-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.24.5-desktop586-2mnb-4.8.01.0640-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"vpnclient-kernel-2.6.24.5-laptop-2mnb-4.8.01.0640-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"vpnclient-kernel-2.6.24.5-server-2mnb-4.8.01.0640-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"vpnclient-kernel-laptop-latest-4.8.01.0640-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20080612.1mdv2008.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:44:34", "description": "Update to kernel 2.6.25.6:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.6 CVE-2008-1673: The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding. Bugs fixed: 447518 - Call to capget() overflows buffers 448056 - applesmc filling log file 450191 - DMA mode disabled for DVD drive, reverts to PIO4 439197 - thinkpad x61t crash when undocking 445761 - MacBook4,1 keyboard and trackpad do not work properly 447812 - Netlink messages from 'tc' to sch_netem module are not interpreted correctly 449817 - SD card reader causes kernel panic during startup if card inserted 242208 - Freeze On Boot w/ Audigy PCMCIA 443552 - Kernel 2.6.25 + Wine = hang Additional bugs fixed:\nF8#224005 - pata_pcmcia fails F8#450499 - kernel-2.6.25.4-10.fc8 breaks setkey -m tunnel options in ipsec F8#445553 - DMAR (intel_iommu) broken on yet another machine Additional updates/fixes:\n- Upstream wireless updates from 2008-05-22 (http://marc.info/?l=linux-wireless&m=121146112404515&w=2) - Upstream wireless fixes from 2008-05-28 (http://marc.info/?l=linux- wireless&m=121201250110162&w=2) - Fix oops in lirc_i2c module - Add lirc support for additional MCE receivers - Upstream wireless fixes from 2008-06-03 (http://marc.info/?l=linux-wireless&m=121252137324941&w=2) - Add kernel 3D support for ATI Radeon R500 (X1300-X1950)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2008-06-16T00:00:00", "type": "nessus", "title": "Fedora 9 : kernel-2.6.25.6-55.fc9 (2008-5308)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1673"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2008-5308.NASL", "href": "https://www.tenable.com/plugins/nessus/33182", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-5308.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33182);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-1673\");\n script_bugtraq_id(29589);\n script_xref(name:\"FEDORA\", value:\"2008-5308\");\n\n script_name(english:\"Fedora 9 : kernel-2.6.25.6-55.fc9 (2008-5308)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to kernel 2.6.25.6:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.6\nCVE-2008-1673: The asn1 implementation in (a) the Linux kernel 2.4\nbefore 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and\nip_nat_snmp_basic modules; and (b) the gxsnmp package; does not\nproperly validate length values during decoding of ASN.1 BER data,\nwhich allows remote attackers to cause a denial of service (crash) or\nexecute arbitrary code via (1) a length greater than the working\nbuffer, which can lead to an unspecified overflow; (2) an oid length\nof zero, which can lead to an off-by-one error; or (3) an indefinite\nlength for a primitive encoding. Bugs fixed: 447518 - Call to capget()\noverflows buffers 448056 - applesmc filling log file 450191 - DMA mode\ndisabled for DVD drive, reverts to PIO4 439197 - thinkpad x61t crash\nwhen undocking 445761 - MacBook4,1 keyboard and trackpad do not work\nproperly 447812 - Netlink messages from 'tc' to sch_netem module are\nnot interpreted correctly 449817 - SD card reader causes kernel panic\nduring startup if card inserted 242208 - Freeze On Boot w/ Audigy\nPCMCIA 443552 - Kernel 2.6.25 + Wine = hang Additional bugs fixed:\nF8#224005 - pata_pcmcia fails F8#450499 - kernel-2.6.25.4-10.fc8\nbreaks setkey -m tunnel options in ipsec F8#445553 - DMAR\n(intel_iommu) broken on yet another machine Additional updates/fixes:\n- Upstream wireless updates from 2008-05-22\n(http://marc.info/?l=linux-wireless&m=121146112404515&w=2) - Upstream\nwireless fixes from 2008-05-28 (http://marc.info/?l=linux-\nwireless&m=121201250110162&w=2) - Fix oops in lirc_i2c module - Add\nlirc support for additional MCE receivers - Upstream wireless fixes\nfrom 2008-06-03\n(http://marc.info/?l=linux-wireless&m=121252137324941&w=2) - Add\nkernel 3D support for ATI Radeon R500 (X1300-X1950)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://marc.info/?l=linux-\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=linux-\"\n );\n # http://marc.info/?l=linux-wireless&m=121146112404515&w=2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=linux-wireless&m=121146112404515&w=2\"\n );\n # http://marc.info/?l=linux-wireless&m=121252137324941&w=2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=linux-wireless&m=121252137324941&w=2\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?497677c6\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.6\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6881f29a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=242208\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=439197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=443552\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=445761\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=447518\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=447812\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=448056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=449817\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=450191\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-June/011330.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?16fa2d19\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"kernel-2.6.25.6-55.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:44:35", "description": "Update to kernel 2.6.25.6:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.6 CVE-2008-1673: The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding. Bugs fixed: 224005 - pata_pcmcia fails 326411 - Freeze On Boot w/ Audigy PCMCIA 450332 - F8 - System Lockup after kernel 2.6.25.4-10 450499 - kernel-2.6.25.4-10.fc8 breaks setkey -m tunnel options in ipsec 450501\n\n - User Mode Linux (UML) broken on Fedora 9 (and now F8, too) Additional bugs fixed: F9#447518 - Call to capget() overflows buffers F9#450191 - DMA mode disabled for DVD drive, reverts to PIO4 F9#439197 - thinkpad x61t crash when undocking F9#447812 - Netlink messages from 'tc' to sch_netem module are not interpreted correctly F9#449817\n - SD card reader causes kernel panic during startup if card inserted Additional updates/fixes: - Fix oops in lirc_i2c module - Add lirc support for additional MCE receivers - Upstream wireless updates from 2008-05-22 (http://marc.info/?l=linux- wireless&m=121146112404515&w=2) - Upstream wireless fixes from 2008-05-28 (http://marc.info/?l=linux-wireless&m=121201250110162&w= 2) - Upstream wireless fixes from 2008-06-03 (http://marc.info/?l=linux- wireless&m=121252137324941&w=2) - Upstream wireless fixes from 2008-06-09 (http://marc.info/?l=linux-kernel&m=121304710726632&w=2)\n - Upstream wireless updates from 2008-06-09 (http://marc.info/?l=linux- netdev&m=121304710526613&w=2)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2008-06-24T00:00:00", "type": "nessus", "title": "Fedora 8 : kernel-2.6.25.6-27.fc8 (2008-5454)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1673"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:8"], "id": "FEDORA_2008-5454.NASL", "href": "https://www.tenable.com/plugins/nessus/33234", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-5454.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33234);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-1673\");\n script_bugtraq_id(29589);\n script_xref(name:\"FEDORA\", value:\"2008-5454\");\n\n script_name(english:\"Fedora 8 : kernel-2.6.25.6-27.fc8 (2008-5454)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to kernel 2.6.25.6:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.6\nCVE-2008-1673: The asn1 implementation in (a) the Linux kernel 2.4\nbefore 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and\nip_nat_snmp_basic modules; and (b) the gxsnmp package; does not\nproperly validate length values during decoding of ASN.1 BER data,\nwhich allows remote attackers to cause a denial of service (crash) or\nexecute arbitrary code via (1) a length greater than the working\nbuffer, which can lead to an unspecified overflow; (2) an oid length\nof zero, which can lead to an off-by-one error; or (3) an indefinite\nlength for a primitive encoding. Bugs fixed: 224005 - pata_pcmcia\nfails 326411 - Freeze On Boot w/ Audigy PCMCIA 450332 - F8 - System\nLockup after kernel 2.6.25.4-10 450499 - kernel-2.6.25.4-10.fc8 breaks\nsetkey -m tunnel options in ipsec 450501\n\n - User Mode Linux (UML) broken on Fedora 9 (and now F8,\n too) Additional bugs fixed: F9#447518 - Call to capget()\n overflows buffers F9#450191 - DMA mode disabled for DVD\n drive, reverts to PIO4 F9#439197 - thinkpad x61t crash\n when undocking F9#447812 - Netlink messages from 'tc' to\n sch_netem module are not interpreted correctly F9#449817\n - SD card reader causes kernel panic during startup if\n card inserted Additional updates/fixes: - Fix oops in\n lirc_i2c module - Add lirc support for additional MCE\n receivers - Upstream wireless updates from 2008-05-22\n (http://marc.info/?l=linux-\n wireless&m=121146112404515&w=2) - Upstream wireless\n fixes from 2008-05-28\n (http://marc.info/?l=linux-wireless&m=121201250110162&w=\n 2) - Upstream wireless fixes from 2008-06-03\n (http://marc.info/?l=linux-\n wireless&m=121252137324941&w=2) - Upstream wireless\n fixes from 2008-06-09\n (http://marc.info/?l=linux-kernel&m=121304710726632&w=2)\n - Upstream wireless updates from 2008-06-09\n (http://marc.info/?l=linux-\n netdev&m=121304710526613&w=2)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://marc.info/?l=linux-\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=linux-\"\n );\n # http://marc.info/?l=linux-kernel&m=121304710726632&w=2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=linux-kernel&m=121304710726632&w=2\"\n );\n # http://marc.info/?l=linux-wireless&m=121201250110162&w=2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=linux-wireless&m=121201250110162&w=2\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?497677c6\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.6\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6881f29a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=443962\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-June/011486.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4ecddb40\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"kernel-2.6.25.6-27.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:44:49", "description": "Two vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-1673 Wei Wang from McAfee reported a potential heap overflow in the ASN.1 decode code that is used by the SNMP NAT and CIFS subsystem. Exploitation of this issue may lead to arbitrary code execution. This issue is not believed to be exploitable with the pre-built kernel images provided by Debian, but it might be an issue for custom images built from the Debian-provided source package.\n\n - CVE-2008-2358 Brandon Edwards of McAfee Avert labs discovered an issue in the DCCP subsystem. Due to missing feature length checks it is possible to cause an overflow that may result in remote arbitrary code execution.", "cvss3": {}, "published": "2008-06-16T00:00:00", "type": "nessus", "title": "Debian DSA-1592-1 : linux-2.6 - heap overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1673", "CVE-2008-2358"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1592.NASL", "href": "https://www.tenable.com/plugins/nessus/33173", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1592. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33173);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-1673\", \"CVE-2008-2358\");\n script_bugtraq_id(29589);\n script_xref(name:\"DSA\", value:\"1592\");\n\n script_name(english:\"Debian DSA-1592-1 : linux-2.6 - heap overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two vulnerabilities have been discovered in the Linux kernel that may\nlead to a denial of service or arbitrary code execution. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2008-1673\n Wei Wang from McAfee reported a potential heap overflow\n in the ASN.1 decode code that is used by the SNMP NAT\n and CIFS subsystem. Exploitation of this issue may lead\n to arbitrary code execution. This issue is not believed\n to be exploitable with the pre-built kernel images\n provided by Debian, but it might be an issue for custom\n images built from the Debian-provided source package.\n\n - CVE-2008-2358\n Brandon Edwards of McAfee Avert labs discovered an issue\n in the DCCP subsystem. Due to missing feature length\n checks it is possible to cause an overflow that may\n result in remote arbitrary code execution.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-1673\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-2358\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1592\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6, fai-kernels, and user-mode-linux packages.\n\nFor the stable distribution (etch) these problems have been fixed in\nversion 2.6.18.dfsg.1-18etch6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/06/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"fai-kernels\", reference:\"1.17+etch.18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.18\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-alpha\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-amd64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-arm\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-hppa\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-i386\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-ia64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mips\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-powerpc\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-s390\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-sparc\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390-tape\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.18\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.18\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.18\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.18-6\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.18\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"user-mode-linux\", reference:\"2.6.18-1um-2etch.18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-18etch6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:35", "description": "This SUSE Linux Enterprise 10 SP3 kernel update fixes a severe regression introduced by previous bugfix updates that would corrupt NFSv4 mounted data.\n\nThe update also fixes several other bugs and following security issue :\n\n - drivers/net/r8169.c in the r8169 driver of Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the maximum transmission unit (MTU), which allows remote attackers to.\n (CVE-2009-4537)\n\n 1. cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or 2. cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register.\n\n - An information leak in 32bit emulation on x86_64 machines could disclose sensitive information to local attackers. (CVE-2008-0598)", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : the Linux kernel (x86_64) (ZYPP Patch Number 7063)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2009-4537"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-7063.NASL", "href": "https://www.tenable.com/plugins/nessus/59149", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59149);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2009-4537\");\n\n script_name(english:\"SuSE 10 Security Update : the Linux kernel (x86_64) (ZYPP Patch Number 7063)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This SUSE Linux Enterprise 10 SP3 kernel update fixes a severe\nregression introduced by previous bugfix updates that would corrupt\nNFSv4 mounted data.\n\nThe update also fixes several other bugs and following security \nissue :\n\n - drivers/net/r8169.c in the r8169 driver of Linux kernel\n 2.6.32.3 and earlier does not properly check the size of\n an Ethernet frame that exceeds the maximum transmission\n unit (MTU), which allows remote attackers to.\n (CVE-2009-4537)\n\n 1. cause a denial of service (temporary network outage)\n via a packet with a crafted size, in conjunction with\n certain packets containing A characters and certain\n packets containing E characters; or 2. cause a denial of\n service (system crash) via a packet with a crafted size,\n in conjunction with certain packets containing '0'\n characters, related to the value of the status register\n and erroneous behavior associated with the RxMaxSize\n register.\n\n - An information leak in 32bit emulation on x86_64\n machines could disclose sensitive information to local\n attackers. (CVE-2008-0598)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0598.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4537.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7063.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.66.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:53:25", "description": "This SUSE Linux Enterprise 10 SP3 kernel update fixes a severe regression introduced by previous bugfix updates that would corrupt NFSv4 mounted data.\n\nThe update also fixes several other bugs and following security issue :\n\n - drivers/net/r8169.c in the r8169 driver of Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the maximum transmission unit (MTU), which allows remote attackers to.\n (CVE-2009-4537)\n\n 1. cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or 2. cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register.\n\n - An information leak in 32bit emulation on x86_64 machines could disclose sensitive information to local attackers. (CVE-2008-0598)", "cvss3": {}, "published": "2010-10-11T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (i386) (ZYPP Patch Number 7059)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2009-4537"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-7059.NASL", "href": "https://www.tenable.com/plugins/nessus/49871", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49871);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2009-4537\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (i386) (ZYPP Patch Number 7059)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This SUSE Linux Enterprise 10 SP3 kernel update fixes a severe\nregression introduced by previous bugfix updates that would corrupt\nNFSv4 mounted data.\n\nThe update also fixes several other bugs and following security \nissue :\n\n - drivers/net/r8169.c in the r8169 driver of Linux kernel\n 2.6.32.3 and earlier does not properly check the size of\n an Ethernet frame that exceeds the maximum transmission\n unit (MTU), which allows remote attackers to.\n (CVE-2009-4537)\n\n 1. cause a denial of service (temporary network outage)\n via a packet with a crafted size, in conjunction with\n certain packets containing A characters and certain\n packets containing E characters; or 2. cause a denial of\n service (system crash) via a packet with a crafted size,\n in conjunction with certain packets containing '0'\n characters, related to the value of the status register\n and erroneous behavior associated with the RxMaxSize\n register.\n\n - An information leak in 32bit emulation on x86_64\n machines could disclose sensitive information to local\n attackers. (CVE-2008-0598)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0598.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4537.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7059.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-kdumppae-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.66.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.66.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:45:20", "description": "Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux 4. This is the seventh regular update.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nKernel Feature Support: * iostat displays I/O performance for partitions * I/O task accounting added to getrusage(), allowing comprehensive core statistics * page cache pages count added to show_mem() output * tux O_ATOMICLOOKUP flag removed from the open() system call: replaced with O_CLOEXEC * the kernel now exports process limit information to /proc/[PID]/limits * implement udp_poll() to reduce likelihood of false positives returned from select() * the TCP_RTO_MIN parameter can now be configured to a maximum of 3000 milliseconds. This is configured using 'ip route' * update CIFS to version 1.50\n\nAdded Features: * nfs.enable_ino64 boot command line parameter: enable and disable 32-bit inode numbers when using NFS * tick 'divider' kernel boot parameter: reduce CPU overhead, and increase efficiency at the cost of lowering timing accuracy * /proc/sys/vm/nfs-writeback-lowmem-only tunable parameter: resolve NFS read performance * /proc/sys/vm/write-mapped tunable option, allowing the option of faster NFS reads * support for Large Receive Offload as a networking module * core dump masking, allowing a core dump process to skip the shared memory segments of a process\n\nVirtualization: * para-virtualized network and block device drivers, to increase fully-virtualized guest performance * support for more than three VNIF numbers per guest domain\n\nPlatform Support: * AMD ATI SB800 SATA controller, AMD ATI SB600 and SB700 40-pin IDE cable * 64-bit DMA support on AMD ATI SB700 * PCI device IDs to support Intel ICH10 * /dev/msr[0-n] device files * powernow-k8 as a module * SLB shadow buffer support for IBM POWER6 systems * support for CPU frequencies greater than 32-bit on IBM POWER5, IBM POWER6 * floating point load and store handler for IBM POWER6\n\nAdded Drivers and Updates: * ixgbe 1.1.18, for the Intel 82598 10GB ethernet controller * bnx2x 1.40.22, for network adapters on the Broadcom 5710 chipset * dm-hp-sw 1.0.0, for HP Active/Standby * zfcp version and bug fixes * qdio to fix FCP/SCSI write I/O expiring on LPARs * cio bug fixes * eHEA latest upstream, and netdump and netconsole support * ipr driver support for dual SAS RAID controllers\n* correct CPU cache info and SATA support for Intel Tolapai * i5000_edac support for Intel 5000 chipsets * i3000_edac support for Intel 3000 and 3010 chipsets * add i2c_piix4 module on 64-bit systems to support AMD ATI SB600, 700 and 800 * i2c-i801 support for Intel Tolapai * qla4xxx: 5.01.01-d2 to 5.01.02-d4-rhel4.7-00 * qla2xxx:\n8.01.07-d4 to 8.01.07-d4-rhel4.7-02 * cciss: 2.6.16 to 2.6.20 * mptfusion: 3.02.99.00rh to 3.12.19.00rh * lpfc:0: 8.0.16.34 to 8.0.16.40 * megaraid_sas: 00.00.03.13 to 00.00.03.18-rh1 * stex:\n3.0.0.1 to 3.6.0101.2 * arcmsr: 1.20.00.13 to 1.20.00.15.rh4u7 * aacraid: 1.1-5[2441] to 1.1.5[2455]\n\nMiscellaneous Updates: * OFED 1.3 support * wacom driver to add support for Cintiq 20WSX, Wacom Intuos3 12x19, 12x12 and 4x6 tablets * sata_svw driver to support Broadcom HT-1100 chipsets * libata to un-blacklist Hitachi drives to enable NCQ * ide driver allows command line option to disable ide drivers * psmouse support for cortps protocol\n\nThese updated packages fix the following security issues :\n\n* NULL pointer access due to missing checks for terminal validity.\n(CVE-2008-2812, Moderate)\n\n* a security flaw was found in the Linux kernel Universal Disk Format file system. (CVE-2006-4145, Low)\n\nFor further details, refer to the latest Red Hat Enterprise Linux 4.7 release notes: redhat.com/docs/manuals/enterprise", "cvss3": {}, "published": "2008-07-25T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2008:0665)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4145", "CVE-2008-2812"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu-devel", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2008-0665.NASL", "href": "https://www.tenable.com/plugins/nessus/33581", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0665. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33581);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-4145\", \"CVE-2008-2812\");\n script_bugtraq_id(19562, 30076);\n script_xref(name:\"RHSA\", value:\"2008:0665\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2008:0665)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages are now available as part of ongoing support\nand maintenance of Red Hat Enterprise Linux 4. This is the seventh\nregular update.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nKernel Feature Support: * iostat displays I/O performance for\npartitions * I/O task accounting added to getrusage(), allowing\ncomprehensive core statistics * page cache pages count added to\nshow_mem() output * tux O_ATOMICLOOKUP flag removed from the open()\nsystem call: replaced with O_CLOEXEC * the kernel now exports process\nlimit information to /proc/[PID]/limits * implement udp_poll() to\nreduce likelihood of false positives returned from select() * the\nTCP_RTO_MIN parameter can now be configured to a maximum of 3000\nmilliseconds. This is configured using 'ip route' * update CIFS to\nversion 1.50\n\nAdded Features: * nfs.enable_ino64 boot command line parameter: enable\nand disable 32-bit inode numbers when using NFS * tick 'divider'\nkernel boot parameter: reduce CPU overhead, and increase efficiency at\nthe cost of lowering timing accuracy *\n/proc/sys/vm/nfs-writeback-lowmem-only tunable parameter: resolve NFS\nread performance * /proc/sys/vm/write-mapped tunable option, allowing\nthe option of faster NFS reads * support for Large Receive Offload as\na networking module * core dump masking, allowing a core dump process\nto skip the shared memory segments of a process\n\nVirtualization: * para-virtualized network and block device drivers,\nto increase fully-virtualized guest performance * support for more\nthan three VNIF numbers per guest domain\n\nPlatform Support: * AMD ATI SB800 SATA controller, AMD ATI SB600 and\nSB700 40-pin IDE cable * 64-bit DMA support on AMD ATI SB700 * PCI\ndevice IDs to support Intel ICH10 * /dev/msr[0-n] device files *\npowernow-k8 as a module * SLB shadow buffer support for IBM POWER6\nsystems * support for CPU frequencies greater than 32-bit on IBM\nPOWER5, IBM POWER6 * floating point load and store handler for IBM\nPOWER6\n\nAdded Drivers and Updates: * ixgbe 1.1.18, for the Intel 82598 10GB\nethernet controller * bnx2x 1.40.22, for network adapters on the\nBroadcom 5710 chipset * dm-hp-sw 1.0.0, for HP Active/Standby * zfcp\nversion and bug fixes * qdio to fix FCP/SCSI write I/O expiring on\nLPARs * cio bug fixes * eHEA latest upstream, and netdump and\nnetconsole support * ipr driver support for dual SAS RAID controllers\n* correct CPU cache info and SATA support for Intel Tolapai *\ni5000_edac support for Intel 5000 chipsets * i3000_edac support for\nIntel 3000 and 3010 chipsets * add i2c_piix4 module on 64-bit systems\nto support AMD ATI SB600, 700 and 800 * i2c-i801 support for Intel\nTolapai * qla4xxx: 5.01.01-d2 to 5.01.02-d4-rhel4.7-00 * qla2xxx:\n8.01.07-d4 to 8.01.07-d4-rhel4.7-02 * cciss: 2.6.16 to 2.6.20 *\nmptfusion: 3.02.99.00rh to 3.12.19.00rh * lpfc:0: 8.0.16.34 to\n8.0.16.40 * megaraid_sas: 00.00.03.13 to 00.00.03.18-rh1 * stex:\n3.0.0.1 to 3.6.0101.2 * arcmsr: 1.20.00.13 to 1.20.00.15.rh4u7 *\naacraid: 1.1-5[2441] to 1.1.5[2455]\n\nMiscellaneous Updates: * OFED 1.3 support * wacom driver to add\nsupport for Cintiq 20WSX, Wacom Intuos3 12x19, 12x12 and 4x6 tablets *\nsata_svw driver to support Broadcom HT-1100 chipsets * libata to\nun-blacklist Hitachi drives to enable NCQ * ide driver allows command\nline option to disable ide drivers * psmouse support for cortps\nprotocol\n\nThese updated packages fix the following security issues :\n\n* NULL pointer access due to missing checks for terminal validity.\n(CVE-2008-2812, Moderate)\n\n* a security flaw was found in the Linux kernel Universal Disk Format\nfile system. (CVE-2006-4145, Low)\n\nFor further details, refer to the latest Red Hat Enterprise Linux 4.7\nrelease notes: redhat.com/docs/manuals/enterprise\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2812\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0665\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/08/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/07/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2006-4145\", \"CVE-2008-2812\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2008:0665\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0665\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-78.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-78.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-78.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-78.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-78.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-78.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-78.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-78.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-78.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.EL\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:25", "description": "The openSUSE 11.0 kernel was updated to 2.6.25.11.\n\nIt fixes following security problems: CVE-2008-2812: Various tty / serial devices did not check functionpointers for NULL before calling them, leading to potential crashes or code execution. The devices affected are usually only accessible by the root user though.\n\nCVE-2008-2750: The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux kernel allows remote attackers to cause a denial of service (kernel heap memory corruption and system crash) and possibly have unspecified other impact via a crafted PPPOL2TP packet that results in a large value for a certain length variable.\n\nNo CVE yet: On x86_64 systems, a incorrect buffersize in LDT handling might lead to local untrusted attackers causing a crash of the machine or potentially execute code with kernel privileges.\n\nThe update also has lots of other bugfixes that are listed in the RPM changelog.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-111)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2750", "CVE-2008-2812"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-rt", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_KERNEL-080721.NASL", "href": "https://www.tenable.com/plugins/nessus/40008", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-111.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40008);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-2750\", \"CVE-2008-2812\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-111)\");\n script_summary(english:\"Check for the kernel-111 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE 11.0 kernel was updated to 2.6.25.11.\n\nIt fixes following security problems: CVE-2008-2812: Various tty /\nserial devices did not check functionpointers for NULL before calling\nthem, leading to potential crashes or code execution. The devices\naffected are usually only accessible by the root user though.\n\nCVE-2008-2750: The pppol2tp_recvmsg function in drivers/net/pppol2tp.c\nin the Linux kernel allows remote attackers to cause a denial of\nservice (kernel heap memory corruption and system crash) and possibly\nhave unspecified other impact via a crafted PPPOL2TP packet that\nresults in a large value for a certain length variable.\n\nNo CVE yet: On x86_64 systems, a incorrect buffersize in LDT handling\nmight lead to local untrusted attackers causing a crash of the machine\nor potentially execute code with kernel privileges.\n\nThe update also has lots of other bugfixes that are listed in the RPM\nchangelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=216857\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=400815\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=400874\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=404892\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=408734\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-debug-2.6.25.11-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-default-2.6.25.11-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-pae-2.6.25.11-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-rt-2.6.25.11-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-source-2.6.25.11-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-syms-2.6.25.11-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-vanilla-2.6.25.11-0.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-xen-2.6.25.11-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-default / kernel-pae / kernel-rt / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:13:13", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or leak sensitive data. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-3272 Tobias Klein reported a locally exploitable data leak in the snd_seq_oss_synth_make_info() function. This may allow local users to gain access to sensitive information.\n\n - CVE-2008-3275 Zoltan Sogor discovered a coding error in the VFS that allows local users to exploit a kernel memory leak resulting in a denial of service.\n\n - CVE-2008-3276 Eugene Teo reported an integer overflow in the DCCP subsystem that may allow remote attackers to cause a denial of service in the form of a kernel panic.\n\n - CVE-2008-3526 Eugene Teo reported a missing bounds check in the SCTP subsystem. By exploiting an integer overflow in the SCTP_AUTH_KEY handling code, remote attackers may be able to cause a denial of service in the form of a kernel panic.\n\n - CVE-2008-3534 Kel Modderman reported an issue in the tmpfs filesystem that allows local users to crash a system by triggering a kernel BUG() assertion.\n\n - CVE-2008-3535 Alexey Dobriyan discovered an off-by-one-error in the iov_iter_advance function which can be exploited by local users to crash a system, resulting in a denial of service.\n\n - CVE-2008-3792 Vlad Yasevich reported several NULL pointer reference conditions in the SCTP subsystem that can be triggered by entering sctp-auth codepaths when the AUTH feature is inactive. This may allow attackers to cause a denial of service condition via a system panic.\n\n - CVE-2008-3915 Johann Dahm and David Richter reported an issue in the nfsd subsystem that may allow remote attackers to cause a denial of service via a buffer overflow.", "cvss3": {}, "published": "2008-09-12T00:00:00", "type": "nessus", "title": "Debian DSA-1636-1 : linux-2.6.24 - denial of service/information leak", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3272", "CVE-2008-3275", "CVE-2008-3276", "CVE-2008-3526", "CVE-2008-3534", "CVE-2008-3535", "CVE-2008-3792", "CVE-2008-3915"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6.24", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1636.NASL", "href": "https://www.tenable.com/plugins/nessus/34171", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1636. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34171);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-3272\", \"CVE-2008-3275\", \"CVE-2008-3276\", \"CVE-2008-3526\", \"CVE-2008-3534\", \"CVE-2008-3535\", \"CVE-2008-3792\", \"CVE-2008-3915\");\n script_xref(name:\"DSA\", value:\"1636\");\n\n script_name(english:\"Debian DSA-1636-1 : linux-2.6.24 - denial of service/information leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or leak sensitive data. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2008-3272\n Tobias Klein reported a locally exploitable data leak in\n the snd_seq_oss_synth_make_info() function. This may\n allow local users to gain access to sensitive\n information.\n\n - CVE-2008-3275\n Zoltan Sogor discovered a coding error in the VFS that\n allows local users to exploit a kernel memory leak\n resulting in a denial of service.\n\n - CVE-2008-3276\n Eugene Teo reported an integer overflow in the DCCP\n subsystem that may allow remote attackers to cause a\n denial of service in the form of a kernel panic.\n\n - CVE-2008-3526\n Eugene Teo reported a missing bounds check in the SCTP\n subsystem. By exploiting an integer overflow in the\n SCTP_AUTH_KEY handling code, remote attackers may be\n able to cause a denial of service in the form of a\n kernel panic.\n\n - CVE-2008-3534\n Kel Modderman reported an issue in the tmpfs filesystem\n that allows local users to crash a system by triggering\n a kernel BUG() assertion.\n\n - CVE-2008-3535\n Alexey Dobriyan discovered an off-by-one-error in the\n iov_iter_advance function which can be exploited by\n local users to crash a system, resulting in a denial of\n service.\n\n - CVE-2008-3792\n Vlad Yasevich reported several NULL pointer reference\n conditions in the SCTP subsystem that can be triggered\n by entering sctp-auth codepaths when the AUTH feature is\n inactive. This may allow attackers to cause a denial of\n service condition via a system panic.\n\n - CVE-2008-3915\n Johann Dahm and David Richter reported an issue in the\n nfsd subsystem that may allow remote attackers to cause\n a denial of service via a buffer overflow.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3276\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3526\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3535\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1636\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6.24 packages.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 2.6.24-6~etchnhalf.5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/09/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.24\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-alpha\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-amd64\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-arm\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-hppa\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-i386\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-ia64\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mips\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mipsel\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-powerpc\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-s390\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-sparc\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-common\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r4k-ip22\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-ip32\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r4k-ip22\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-ip32\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390-tape\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.24\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.24\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.24\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.24-etchnhalf.1\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.24\", reference:\"2.6.24-6~etchnhalf.5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:39:47", "description": "From Red Hat Security Advisory 2008:0519 :\n\nUpdated kernel packages that fix various security issues and a bug are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated packages fix the following security issues :\n\n* A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important)\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* Brandon Edwards discovered a missing length validation check in the Linux kernel DCCP module reconciliation feature. This could allow a local unprivileged user to cause a heap overflow, gaining privileges for arbitrary code execution. (CVE-2008-2358, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n* Due to a regression, 'gettimeofday' may have gone backwards on certain x86 hardware. This issue was quite dangerous for time-sensitive systems, such as those used for transaction systems and databases, and may have caused applications to produce incorrect results, or even crash.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2008-0519)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-2358", "CVE-2008-2729"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-pae", "p-cpe:/a:oracle:linux:kernel-pae-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2008-0519.NASL", "href": "https://www.tenable.com/plugins/nessus/67706", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0519 and \n# Oracle Linux Security Advisory ELSA-2008-0519 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67706);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-2358\", \"CVE-2008-2729\");\n script_bugtraq_id(29603, 29942);\n script_xref(name:\"RHSA\", value:\"2008:0519\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2008-0519)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0519 :\n\nUpdated kernel packages that fix various security issues and a bug are\nnow available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* A security flaw was found in the Linux kernel memory copy routines,\nwhen running on certain AMD64 systems. If an unsuccessful attempt to\ncopy kernel memory from source to destination memory locations\noccurred, the copy routines did not zero the content at the\ndestination memory location. This could allow a local unprivileged\nuser to view potentially sensitive data. (CVE-2008-2729, Important)\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local unprivileged user to\nprepare and run a specially crafted binary, which would use this\ndeficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* Brandon Edwards discovered a missing length validation check in the\nLinux kernel DCCP module reconciliation feature. This could allow a\nlocal unprivileged user to cause a heap overflow, gaining privileges\nfor arbitrary code execution. (CVE-2008-2358, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n* Due to a regression, 'gettimeofday' may have gone backwards on\ncertain x86 hardware. This issue was quite dangerous for\ntime-sensitive systems, such as those used for transaction systems and\ndatabases, and may have caused applications to produce incorrect\nresults, or even crash.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-June/000658.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2008-0598\", \"CVE-2008-2358\", \"CVE-2008-2729\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2008-0519\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-92.1.6.0.2.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.6.0.2.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.6.0.2.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-92.1.6.0.2.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-92.1.6.0.2.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-92.1.6.0.2.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-92.1.6.0.2.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-92.1.6.0.2.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-92.1.6.0.2.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-92.1.6.0.2.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:43:55", "description": "Updated kernel packages that fix various security issues and a bug are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated packages fix the following security issues :\n\n* A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important)\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* Brandon Edwards discovered a missing length validation check in the Linux kernel DCCP module reconciliation feature. This could allow a local unprivileged user to cause a heap overflow, gaining privileges for arbitrary code execution. (CVE-2008-2358, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n* Due to a regression, 'gettimeofday' may have gone backwards on certain x86 hardware. This issue was quite dangerous for time-sensitive systems, such as those used for transaction systems and databases, and may have caused applications to produce incorrect results, or even crash.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2008:0519)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-2358", "CVE-2008-2729"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-pae", "p-cpe:/a:centos:centos:kernel-pae-devel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-xen-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2008-0519.NASL", "href": "https://www.tenable.com/plugins/nessus/43692", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0519 and \n# CentOS Errata and Security Advisory 2008:0519 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43692);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-2358\", \"CVE-2008-2729\");\n script_bugtraq_id(29603, 29942);\n script_xref(name:\"RHSA\", value:\"2008:0519\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2008:0519)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix various security issues and a bug are\nnow available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* A security flaw was found in the Linux kernel memory copy routines,\nwhen running on certain AMD64 systems. If an unsuccessful attempt to\ncopy kernel memory from source to destination memory locations\noccurred, the copy routines did not zero the content at the\ndestination memory location. This could allow a local unprivileged\nuser to view potentially sensitive data. (CVE-2008-2729, Important)\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local unprivileged user to\nprepare and run a specially crafted binary, which would use this\ndeficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* Brandon Edwards discovered a missing length validation check in the\nLinux kernel DCCP module reconciliation feature. This could allow a\nlocal unprivileged user to cause a heap overflow, gaining privileges\nfor arbitrary code execution. (CVE-2008-2358, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n* Due to a regression, 'gettimeofday' may have gone backwards on\ncertain x86 hardware. This issue was quite dangerous for\ntime-sensitive systems, such as those used for transaction systems and\ndatabases, and may have caused applications to produce incorrect\nresults, or even crash.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/015036.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?81e6500d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/015037.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?140a32f4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-92.1.6.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:09", "description": "These updated packages fix the following security issues :\n\n - a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n - a flaw was found in the Linux kernel setrlimit system call, when setting RLIMIT_CPU to a certain value. This could allow a local unprivileged user to bypass the CPU time limit. (CVE-2008-1294, Moderate)\n\n - multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate)\n\nThese updated packages fix the following bugs :\n\n - the GNU libc stub resolver is a minimal resolver that works with Domain Name System (DNS) servers to satisfy requests from applications for names. The GNU libc stub resolver did not specify a source UDP port, and therefore used predictable port numbers. This could have made DNS spoofing attacks easier.\n\nThe Linux kernel has been updated to implement random UDP source ports where none are specified by an application. This allows applications, such as those using the GNU libc stub resolver, to use random UDP source ports, helping to make DNS spoofing attacks harder.\n\n - when using certain hardware, a bug in UART_BUG_TXEN may have caused incorrect hardware detection, causing data flow to '/dev/ttyS1' to hang.\n\n - a 50-75% drop in NFS server rewrite performance, compared to Red Hat Enterprise Linux 4.6, has been resolved.\n\n - due a bug in the fast userspace mutex code, while one thread fetched a pointer, another thread may have removed it, causing the first thread to fetch the wrong pointer, possibly causing a system crash.\n\n - on certain Hitachi hardware, removing the 'uhci_hcd' module caused a kernel oops, and the following error :\n\nBUG: warning at arch/ia64/kernel/iosapic.c:1001/iosapic_unregister_intr()\n\nEven after the 'uhci_hcd' module was reloaded, there was no access to USB devices. As well, on systems that have legacy interrupts, 'acpi_unregister_gsi' incorrectly called 'iosapci_unregister_intr()', causing warning messages to be logged.\n\n - when a page was mapped with mmap(), and 'PROT_WRITE' was the only 'prot' argument, the first read of that page caused a segmentation fault. If the page was read after it was written to, no fault occurred. This was incompatible with the Red Hat Enterprise Linux 4 behavior.\n\n - due to a NULL pointer dereference in powernowk8_init(), a panic may have occurred.\n\n - certain error conditions handled by the bonding sysfs interface could have left rtnl_lock() unbalanced, either by locking and returning without unlocking, or by unlocking when it did not lock, possibly causing a 'kernel: RTNL: assertion failed at net/core/fib_rules.c' error.\n\n - the kernel currently expects a maximum of six Machine Check Exception (MCE) banks to be exposed by a CPU.\n Certain CPUs have 7 or more, which may have caused the MCE to be incorrectly reported.\n\n - a race condition in UNIX domain sockets may have caused recv() to return zero. For clusters, this may have caused unexpected failovers.\n\n - msgrcv() frequently returned an incorrect 'ERESTARTNOHAND (514)' error number.\n\n - on certain Intel Itanium-based systems, when kdump was configured to halt the system after a dump operation, after the 'System halted.' output, the kernel continued to output endless 'soft lockup' messages.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1294", "CVE-2008-2136", "CVE-2008-2812"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080804_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60459", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60459);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1294\", \"CVE-2008-2136\", \"CVE-2008-2812\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"These updated packages fix the following security issues :\n\n - a possible kernel memory leak was found in the Linux\n kernel Simple Internet Transition (SIT) INET6\n implementation. This could allow a local unprivileged\n user to cause a denial of service. (CVE-2008-2136,\n Important)\n\n - a flaw was found in the Linux kernel setrlimit system\n call, when setting RLIMIT_CPU to a certain value. This\n could allow a local unprivileged user to bypass the CPU\n time limit. (CVE-2008-1294, Moderate)\n\n - multiple NULL pointer dereferences were found in various\n Linux kernel network drivers. These drivers were missing\n checks for terminal validity, which could allow\n privilege escalation. (CVE-2008-2812, Moderate)\n\nThese updated packages fix the following bugs :\n\n - the GNU libc stub resolver is a minimal resolver that\n works with Domain Name System (DNS) servers to satisfy\n requests from applications for names. The GNU libc stub\n resolver did not specify a source UDP port, and\n therefore used predictable port numbers. This could have\n made DNS spoofing attacks easier.\n\nThe Linux kernel has been updated to implement random UDP source ports\nwhere none are specified by an application. This allows applications,\nsuch as those using the GNU libc stub resolver, to use random UDP\nsource ports, helping to make DNS spoofing attacks harder.\n\n - when using certain hardware, a bug in UART_BUG_TXEN may\n have caused incorrect hardware detection, causing data\n flow to '/dev/ttyS1' to hang.\n\n - a 50-75% drop in NFS server rewrite performance,\n compared to Red Hat Enterprise Linux 4.6, has been\n resolved.\n\n - due a bug in the fast userspace mutex code, while one\n thread fetched a pointer, another thread may have\n removed it, causing the first thread to fetch the wrong\n pointer, possibly causing a system crash.\n\n - on certain Hitachi hardware, removing the 'uhci_hcd'\n module caused a kernel oops, and the following error :\n\nBUG: warning at\narch/ia64/kernel/iosapic.c:1001/iosapic_unregister_intr()\n\nEven after the 'uhci_hcd' module was reloaded, there was no access to\nUSB devices. As well, on systems that have legacy interrupts,\n'acpi_unregister_gsi' incorrectly called 'iosapci_unregister_intr()',\ncausing warning messages to be logged.\n\n - when a page was mapped with mmap(), and 'PROT_WRITE' was\n the only 'prot' argument, the first read of that page\n caused a segmentation fault. If the page was read after\n it was written to, no fault occurred. This was\n incompatible with the Red Hat Enterprise Linux 4\n behavior.\n\n - due to a NULL pointer dereference in powernowk8_init(),\n a panic may have occurred.\n\n - certain error conditions handled by the bonding sysfs\n interface could have left rtnl_lock() unbalanced, either\n by locking and returning without unlocking, or by\n unlocking when it did not lock, possibly causing a\n 'kernel: RTNL: assertion failed at net/core/fib_rules.c'\n error.\n\n - the kernel currently expects a maximum of six Machine\n Check Exception (MCE) banks to be exposed by a CPU.\n Certain CPUs have 7 or more, which may have caused the\n MCE to be incorrectly reported.\n\n - a race condition in UNIX domain sockets may have caused\n recv() to return zero. For clusters, this may have\n caused unexpected failovers.\n\n - msgrcv() frequently returned an incorrect\n 'ERESTARTNOHAND (514)' error number.\n\n - on certain Intel Itanium-based systems, when kdump was\n configured to halt the system after a dump operation,\n after the 'System halted.' output, the kernel continued\n to output endless 'soft lockup' messages.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0808&L=scientific-linux-errata&T=0&P=819\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?49f0c6c1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/05/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-headers-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-92.1.10.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:25:15", "description": "From Red Hat Security Advisory 2008:0612 :\n\nUpdated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated packages fix the following security issues :\n\n* a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* a flaw was found in the Linux kernel setrlimit system call, when setting RLIMIT_CPU to a certain value. This could allow a local unprivileged user to bypass the CPU time limit. (CVE-2008-1294, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate)\n\nThese updated packages fix the following bugs :\n\n* the GNU libc stub resolver is a minimal resolver that works with Domain Name System (DNS) servers to satisfy requests from applications for names. The GNU libc stub resolver did not specify a source UDP port, and therefore used predictable port numbers. This could have made DNS spoofing attacks easier.\n\nThe Linux kernel has been updated to implement random UDP source ports where none are specified by an application. This allows applications, such as those using the GNU libc stub resolver, to use random UDP source ports, helping to make DNS spoofing attacks harder.\n\n* when using certain hardware, a bug in UART_BUG_TXEN may have caused incorrect hardware detection, causing data flow to '/dev/ttyS1' to hang.\n\n* a 50-75% drop in NFS server rewrite performance, compared to Red Hat Enterprise Linux 4.6, has been resolved.\n\n* due a bug in the fast userspace mutex code, while one thread fetched a pointer, another thread may have removed it, causing the first thread to fetch the wrong pointer, possibly causing a system crash.\n\n* on certain Hitachi hardware, removing the 'uhci_hcd' module caused a kernel oops, and the following error :\n\nBUG: warning at arch/ia64/kernel/iosapic.c:1001/iosapic_unregister_intr()\n\nEven after the 'uhci_hcd' module was reloaded, there was no access to USB devices. As well, on systems that have legacy interrupts, 'acpi_unregister_gsi' incorrectly called 'iosapci_unregister_intr()', causing warning messages to be logged.\n\n* when a page was mapped with mmap(), and 'PROT_WRITE' was the only 'prot' argument, the first read of that page caused a segmentation fault. If the page was read after it was written to, no fault occurred. This was incompatible with the Red Hat Enterprise Linux 4 behavior.\n\n* due to a NULL pointer dereference in powernowk8_init(), a panic may have occurred.\n\n* certain error conditions handled by the bonding sysfs interface could have left rtnl_lock() unbalanced, either by locking and returning without unlocking, or by unlocking when it did not lock, possibly causing a 'kernel: RTNL: assertion failed at net/core/fib_rules.c' error.\n\n* the kernel currently expects a maximum of six Machine Check Exception (MCE) banks to be exposed by a CPU. Certain CPUs have 7 or more, which may have caused the MCE to be incorrectly reported.\n\n* a race condition in UNIX domain sockets may have caused recv() to return zero. For clusters, this may have caused unexpected failovers.\n\n* msgrcv() frequently returned an incorrect 'ERESTARTNOHAND (514)' error number.\n\n* on certain Intel Itanium-based systems, when kdump was configured to halt the system after a dump operation, after the 'System halted.' output, the kernel continued to output endless 'soft lockup' messages.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2008-0612)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1294", "CVE-2008-2136", "CVE-2008-2812"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-pae", "p-cpe:/a:oracle:linux:kernel-pae-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2008-0612.NASL", "href": "https://www.tenable.com/plugins/nessus/67730", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0612 and \n# Oracle Linux Security Advisory ELSA-2008-0612 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67730);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2008-1294\", \"CVE-2008-2136\", \"CVE-2008-2812\");\n script_bugtraq_id(29235, 30076);\n script_xref(name:\"RHSA\", value:\"2008:0612\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2008-0612)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0612 :\n\nUpdated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a\nlocal unprivileged user to cause a denial of service. (CVE-2008-2136,\nImportant)\n\n* a flaw was found in the Linux kernel setrlimit system call, when\nsetting RLIMIT_CPU to a certain value. This could allow a local\nunprivileged user to bypass the CPU time limit. (CVE-2008-1294,\nModerate)\n\n* multiple NULL pointer dereferences were found in various Linux\nkernel network drivers. These drivers were missing checks for terminal\nvalidity, which could allow privilege escalation. (CVE-2008-2812,\nModerate)\n\nThese updated packages fix the following bugs :\n\n* the GNU libc stub resolver is a minimal resolver that works with\nDomain Name System (DNS) servers to satisfy requests from applications\nfor names. The GNU libc stub resolver did not specify a source UDP\nport, and therefore used predictable port numbers. This could have\nmade DNS spoofing attacks easier.\n\nThe Linux kernel has been updated to implement random UDP source ports\nwhere none are specified by an application. This allows applications,\nsuch as those using the GNU libc stub resolver, to use random UDP\nsource ports, helping to make DNS spoofing attacks harder.\n\n* when using certain hardware, a bug in UART_BUG_TXEN may have caused\nincorrect hardware detection, causing data flow to '/dev/ttyS1' to\nhang.\n\n* a 50-75% drop in NFS server rewrite performance, compared to Red Hat\nEnterprise Linux 4.6, has been resolved.\n\n* due a bug in the fast userspace mutex code, while one thread fetched\na pointer, another thread may have removed it, causing the first\nthread to fetch the wrong pointer, possibly causing a system crash.\n\n* on certain Hitachi hardware, removing the 'uhci_hcd' module caused a\nkernel oops, and the following error :\n\nBUG: warning at\narch/ia64/kernel/iosapic.c:1001/iosapic_unregister_intr()\n\nEven after the 'uhci_hcd' module was reloaded, there was no access to\nUSB devices. As well, on systems that have legacy interrupts,\n'acpi_unregister_gsi' incorrectly called 'iosapci_unregister_intr()',\ncausing warning messages to be logged.\n\n* when a page was mapped with mmap(), and 'PROT_WRITE' was the only\n'prot' argument, the first read of that page caused a segmentation\nfault. If the page was read after it was written to, no fault\noccurred. This was incompatible with the Red Hat Enterprise Linux 4\nbehavior.\n\n* due to a NULL pointer dereference in powernowk8_init(), a panic may\nhave occurred.\n\n* certain error conditions handled by the bonding sysfs interface\ncould have left rtnl_lock() unbalanced, either by locking and\nreturning without unlocking, or by unlocking when it did not lock,\npossibly causing a 'kernel: RTNL: assertion failed at\nnet/core/fib_rules.c' error.\n\n* the kernel currently expects a maximum of six Machine Check\nException (MCE) banks to be exposed by a CPU. Certain CPUs have 7 or\nmore, which may have caused the MCE to be incorrectly reported.\n\n* a race condition in UNIX domain sockets may have caused recv() to\nreturn zero. For clusters, this may have caused unexpected failovers.\n\n* msgrcv() frequently returned an incorrect 'ERESTARTNOHAND (514)'\nerror number.\n\n* on certain Intel Itanium-based systems, when kdump was configured to\nhalt the system after a dump operation, after the 'System halted.'\noutput, the kernel continued to output endless 'soft lockup' messages.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-August/000702.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/05/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2008-1294\", \"CVE-2008-2136\", \"CVE-2008-2812\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2008-0612\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-92.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-92.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-92.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-92.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-92.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-92.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-92.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-92.1.10.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:45:15", "description": "Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated packages fix the following security issues :\n\n* a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* a flaw was found in the Linux kernel setrlimit system call, when setting RLIMIT_CPU to a certain value. This could allow a local unprivileged user to bypass the CPU time limit. (CVE-2008-1294, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate)\n\nThese updated packages fix the following bugs :\n\n* the GNU libc stub resolver is a minimal resolver that works with Domain Name System (DNS) servers to satisfy requests from applications for names. The GNU libc stub resolver did not specify a source UDP port, and therefore used predictable port numbers. This could have made DNS spoofing attacks easier.\n\nThe Linux kernel has been updated to implement random UDP source ports where none are specified by an application. This allows applications, such as those using the GNU libc stub resolver, to use random UDP source ports, helping to make DNS spoofing attacks harder.\n\n* when using certain hardware, a bug in UART_BUG_TXEN may have caused incorrect hardware detection, causing data flow to '/dev/ttyS1' to hang.\n\n* a 50-75% drop in NFS server rewrite performance, compared to Red Hat Enterprise Linux 4.6, has been resolved.\n\n* due a bug in the fast userspace mutex code, while one thread fetched a pointer, another thread may have removed it, causing the first thread to fetch the wrong pointer, possibly causing a system crash.\n\n* on certain Hitachi hardware, removing the 'uhci_hcd' module caused a kernel oops, and the following error :\n\nBUG: warning at arch/ia64/kernel/iosapic.c:1001/iosapic_unregister_intr()\n\nEven after the 'uhci_hcd' module was reloaded, there was no access to USB devices. As well, on systems that have legacy interrupts, 'acpi_unregister_gsi' incorrectly called 'iosapci_unregister_intr()', causing warning messages to be logged.\n\n* when a page was mapped with mmap(), and 'PROT_WRITE' was the only 'prot' argument, the first read of that page caused a segmentation fault. If the page was read after it was written to, no fault occurred. This was incompatible with the Red Hat Enterprise Linux 4 behavior.\n\n* due to a NULL pointer dereference in powernowk8_init(), a panic may have occurred.\n\n* certain error conditions handled by the bonding sysfs interface could have left rtnl_lock() unbalanced, either by locking and returning without unlocking, or by unlocking when it did not lock, possibly causing a 'kernel: RTNL: assertion failed at net/core/fib_rules.c' error.\n\n* the kernel currently expects a maximum of six Machine Check Exception (MCE) banks to be exposed by a CPU. Certain CPUs have 7 or more, which may have caused the MCE to be incorrectly reported.\n\n* a race condition in UNIX domain sockets may have caused recv() to return zero. For clusters, this may have caused unexpected failovers.\n\n* msgrcv() frequently returned an incorrect 'ERESTARTNOHAND (514)' error number.\n\n* on certain Intel Itanium-based systems, when kdump was configured to halt the system after a dump operation, after the 'System halted.' output, the kernel continued to output endless 'soft lockup' messages.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2008:0612)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1294", "CVE-2008-2136", "CVE-2008-2812"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-pae", "p-cpe:/a:centos:centos:kernel-pae-devel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-xen-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2008-0612.NASL", "href": "https://www.tenable.com/plugins/nessus/43701", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0612 and \n# CentOS Errata and Security Advisory 2008:0612 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43701);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-1294\", \"CVE-2008-2136\", \"CVE-2008-2812\");\n script_bugtraq_id(29235, 30076);\n script_xref(name:\"RHSA\", value:\"2008:0612\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2008:0612)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a\nlocal unprivileged user to cause a denial of service. (CVE-2008-2136,\nImportant)\n\n* a flaw was found in the Linux kernel setrlimit system call, when\nsetting RLIMIT_CPU to a certain value. This could allow a local\nunprivileged user to bypass the CPU time limit. (CVE-2008-1294,\nModerate)\n\n* multiple NULL pointer dereferences were found in various Linux\nkernel network drivers. These drivers were missing checks for terminal\nvalidity, which could allow privilege escalation. (CVE-2008-2812,\nModerate)\n\nThese updated packages fix the following bugs :\n\n* the GNU libc stub resolver is a minimal resolver that works with\nDomain Name System (DNS) servers to satisfy requests from applications\nfor names. The GNU libc stub resolver did not specify a source UDP\nport, and therefore used predictable port numbers. This could have\nmade DNS spoofing attacks easier.\n\nThe Linux kernel has been updated to implement random UDP source ports\nwhere none are specified by an application. This allows applications,\nsuch as those using the GNU libc stub resolver, to use random UDP\nsource ports, helping to make DNS spoofing attacks harder.\n\n* when using certain hardware, a bug in UART_BUG_TXEN may have caused\nincorrect hardware detection, causing data flow to '/dev/ttyS1' to\nhang.\n\n* a 50-75% drop in NFS server rewrite performance, compared to Red Hat\nEnterprise Linux 4.6, has been resolved.\n\n* due a bug in the fast userspace mutex code, while one thread fetched\na pointer, another thread may have removed it, causing the first\nthread to fetch the wrong pointer, possibly causing a system crash.\n\n* on certain Hitachi hardware, removing the 'uhci_hcd' module caused a\nkernel oops, and the following error :\n\nBUG: warning at\narch/ia64/kernel/iosapic.c:1001/iosapic_unregister_intr()\n\nEven after the 'uhci_hcd' module was reloaded, there was no access to\nUSB devices. As well, on systems that have legacy interrupts,\n'acpi_unregister_gsi' incorrectly called 'iosapci_unregister_intr()',\ncausing warning messages to be logged.\n\n* when a page was mapped with mmap(), and 'PROT_WRITE' was the only\n'prot' argument, the first read of that page caused a segmentation\nfault. If the page was read after it was written to, no fault\noccurred. This was incompatible with the Red Hat Enterprise Linux 4\nbehavior.\n\n* due to a NULL pointer dereference in powernowk8_init(), a panic may\nhave occurred.\n\n* certain error conditions handled by the bonding sysfs interface\ncould have left rtnl_lock() unbalanced, either by locking and\nreturning without unlocking, or by unlocking when it did not lock,\npossibly causing a 'kernel: RTNL: assertion failed at\nnet/core/fib_rules.c' error.\n\n* the kernel currently expects a maximum of six Machine Check\nException (MCE) banks to be exposed by a CPU. Certain CPUs have 7 or\nmore, which may have caused the MCE to be incorrectly reported.\n\n* a race condition in UNIX domain sockets may have caused recv() to\nreturn zero. For clusters, this may have caused unexpected failovers.\n\n* msgrcv() frequently returned an incorrect 'ERESTARTNOHAND (514)'\nerror number.\n\n* on certain Intel Itanium-based systems, when kdump was configured to\nhalt the system after a dump operation, after the 'System halted.'\noutput, the kernel continued to output endless 'soft lockup' messages.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-August/015181.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1743cd03\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-August/015182.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d3470ba2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/05/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-92.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-92.1.10.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:45:40", "description": "Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated packages fix the following security issues :\n\n* a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* a flaw was found in the Linux kernel setrlimit system call, when setting RLIMIT_CPU to a certain value. This could allow a local unprivileged user to bypass the CPU time limit. (CVE-2008-1294, Moderate)\n\n* multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate)\n\nThese updated packages fix the following bugs :\n\n* the GNU libc stub resolver is a minimal resolver that works with Domain Name System (DNS) servers to satisfy requests from applications for names. The GNU libc stub resolver did not specify a source UDP port, and therefore used predictable port numbers. This could have made DNS spoofing attacks easier.\n\nThe Linux kernel has been updated to implement random UDP source ports where none are specified by an application. This allows applications, such as those using the GNU libc stub resolver, to use random UDP source ports, helping to make DNS spoofing attacks harder.\n\n* when using certain hardware, a bug in UART_BUG_TXEN may have caused incorrect hardware detection, causing data flow to '/dev/ttyS1' to hang.\n\n* a 50-75% drop in NFS server rewrite performance, compared to Red Hat Enterprise Linux 4.6, has been resolved.\n\n* due a bug in the fast userspace mutex code, while one thread fetched a pointer, another thread may have removed it, causing the first thread to fetch the wrong pointer, possibly causing a system crash.\n\n* on certain Hitachi hardware, removing the 'uhci_hcd' module caused a kernel oops, and the following error :\n\nBUG: warning at arch/ia64/kernel/iosapic.c:1001/iosapic_unregister_intr()\n\nEven after the 'uhci_hcd' module was reloaded, there was no access to USB devices. As well, on systems that have legacy interrupts, 'acpi_unregister_gsi' incorrectly called 'iosapci_unregister_intr()', causing warning messages to be logged.\n\n* when a page was mapped with mmap(), and 'PROT_WRITE' was the only 'prot' argument, the first read of that page caused a segmentation fault. If the page was read after it was written to, no fault occurred. This was incompatible with the Red Hat Enterprise Linux 4 behavior.\n\n* due to a NULL pointer dereference in powernowk8_init(), a panic may have occurred.\n\n* certain error conditions handled by the bonding sysfs interface could have left rtnl_lock() unbalanced, either by locking and returning without unlocking, or by unlocking when it did not lock, possibly causing a 'kernel: RTNL: assertion failed at net/core/fib_rules.c' error.\n\n* the kernel currently expects a maximum of six Machine Check Exception (MCE) banks to be exposed by a CPU. Certain CPUs have 7 or more, which may have caused the MCE to be incorrectly reported.\n\n* a race condition in UNIX domain sockets may have caused recv() to return zero. For clusters, this may have caused unexpected failovers.\n\n* msgrcv() frequently returned an incorrect 'ERESTARTNOHAND (514)' error number.\n\n* on certain Intel Itanium-based systems, when kdump was configured to halt the system after a dump operation, after the 'System halted.' output, the kernel continued to output endless 'soft lockup' messages.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2008-08-05T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2008:0612)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1294", "CVE-2008-2136", "CVE-2008-2812"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.2"], "id": "REDHAT-RHSA-2008-0612.NASL", "href": "https://www.tenable.com/plugins/nessus/33830", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0612. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33830);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1294\", \"CVE-2008-2136\", \"CVE-2008-2812\");\n script_bugtraq_id(29235, 30076);\n script_xref(name:\"RHSA\", value:\"2008:0612\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2008:0612)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a\nlocal unprivileged user to cause a denial of service. (CVE-2008-2136,\nImportant)\n\n* a flaw was found in the Linux kernel setrlimit system call, when\nsetting RLIMIT_CPU to a certain value. This could allow a local\nunprivileged user to bypass the CPU time limit. (CVE-2008-1294,\nModerate)\n\n* multiple NULL pointer dereferences were found in various Linux\nkernel network drivers. These drivers were missing checks for terminal\nvalidity, which could allow privilege escalation. (CVE-2008-2812,\nModerate)\n\nThese updated packages fix the following bugs :\n\n* the GNU libc stub resolver is a minimal resolver that works with\nDomain Name System (DNS) servers to satisfy requests from applications\nfor names. The GNU libc stub resolver did not specify a source UDP\nport, and therefore used predictable port numbers. This could have\nmade DNS spoofing attacks easier.\n\nThe Linux kernel has been updated to implement random UDP source ports\nwhere none are specified by an application. This allows applications,\nsuch as those using the GNU libc stub resolver, to use random UDP\nsource ports, helping to make DNS spoofing attacks harder.\n\n* when using certain hardware, a bug in UART_BUG_TXEN may have caused\nincorrect hardware detection, causing data flow to '/dev/ttyS1' to\nhang.\n\n* a 50-75% drop in NFS server rewrite performance, compared to Red Hat\nEnterprise Linux 4.6, has been resolved.\n\n* due a bug in the fast userspace mutex code, while one thread fetched\na pointer, another thread may have removed it, causing the first\nthread to fetch the wrong pointer, possibly causing a system crash.\n\n* on certain Hitachi hardware, removing the 'uhci_hcd' module caused a\nkernel oops, and the following error :\n\nBUG: warning at\narch/ia64/kernel/iosapic.c:1001/iosapic_unregister_intr()\n\nEven after the 'uhci_hcd' module was reloaded, there was no access to\nUSB devices. As well, on systems that have legacy interrupts,\n'acpi_unregister_gsi' incorrectly called 'iosapci_unregister_intr()',\ncausing warning messages to be logged.\n\n* when a page was mapped with mmap(), and 'PROT_WRITE' was the only\n'prot' argument, the first read of that page caused a segmentation\nfault. If the page was read after it was written to, no fault\noccurred. This was incompatible with the Red Hat Enterprise Linux 4\nbehavior.\n\n* due to a NULL pointer dereference in powernowk8_init(), a panic may\nhave occurred.\n\n* certain error conditions handled by the bonding sysfs interface\ncould have left rtnl_lock() unbalanced, either by locking and\nreturning without unlocking, or by unlocking when it did not lock,\npossibly causing a 'kernel: RTNL: assertion failed at\nnet/core/fib_rules.c' error.\n\n* the kernel currently expects a maximum of six Machine Check\nException (MCE) banks to be exposed by a CPU. Certain CPUs have 7 or\nmore, which may have caused the MCE to be incorrectly reported.\n\n* a race condition in UNIX domain sockets may have caused recv() to\nreturn zero. For clusters, this may have caused unexpected failovers.\n\n* msgrcv() frequently returned an incorrect 'ERESTARTNOHAND (514)'\nerror number.\n\n* on certain Intel Itanium-based systems, when kdump was configured to\nhalt the system after a dump operation, after the 'System halted.'\noutput, the kernel continued to output endless 'soft lockup' messages.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1294\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2136\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2812\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0612\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/05/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-1294\", \"CVE-2008-2136\", \"CVE-2008-2812\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2008:0612\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0612\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-92.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-92.1.10.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:40", "description": "These updated packages fix the following security issues :\n\n - A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data.\n (CVE-2008-2729, Important)\n\n - Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data.\n (CVE-2008-0598, Important)\n\n - Brandon Edwards discovered a missing length validation check in the Linux kernel DCCP module reconciliation feature. This could allow a local unprivileged user to cause a heap overflow, gaining privileges for arbitrary code execution. (CVE-2008-2358, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n - Due to a regression, 'gettimeofday' may have gone backwards on certain x86 hardware. This issue was quite dangerous for time-sensitive systems, such as those used for transaction systems and databases, and may have caused applications to produce incorrect results, or even crash.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-2358", "CVE-2008-2729"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080625_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60430", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60430);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-2358\", \"CVE-2008-2729\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"These updated packages fix the following security issues :\n\n - A security flaw was found in the Linux kernel memory\n copy routines, when running on certain AMD64 systems. If\n an unsuccessful attempt to copy kernel memory from\n source to destination memory locations occurred, the\n copy routines did not zero the content at the\n destination memory location. This could allow a local\n unprivileged user to view potentially sensitive data.\n (CVE-2008-2729, Important)\n\n - Tavis Ormandy discovered a deficiency in the Linux\n kernel 32-bit and 64-bit emulation. This could allow a\n local unprivileged user to prepare and run a specially\n crafted binary, which would use this deficiency to leak\n uninitialized and potentially sensitive data.\n (CVE-2008-0598, Important)\n\n - Brandon Edwards discovered a missing length validation\n check in the Linux kernel DCCP module reconciliation\n feature. This could allow a local unprivileged user to\n cause a heap overflow, gaining privileges for arbitrary\n code execution. (CVE-2008-2358, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n - Due to a regression, 'gettimeofday' may have gone\n backwards on certain x86 hardware. This issue was quite\n dangerous for time-sensitive systems, such as those used\n for transaction systems and databases, and may have\n caused applications to produce incorrect results, or\n even crash.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0806&L=scientific-linux-errata&T=0&P=2390\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fcc86492\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-headers-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-92.1.6.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-92.1.6.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:45:17", "description": "Updated kernel packages that fix various security issues and a bug are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated packages fix the following security issues :\n\n* A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important)\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* Brandon Edwards discovered a missing length validation check in the Linux kernel DCCP module reconciliation feature. This could allow a local unprivileged user to cause a heap overflow, gaining privileges for arbitrary code execution. (CVE-2008-2358, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n* Due to a regression, 'gettimeofday' may have gone backwards on certain x86 hardware. This issue was quite dangerous for time-sensitive systems, such as those used for transaction systems and databases, and may have caused applications to produce incorrect results, or even crash.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2008-07-02T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2008:0519)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-2358", "CVE-2008-2729"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.2"], "id": "REDHAT-RHSA-2008-0519.NASL", "href": "https://www.tenable.com/plugins/nessus/33377", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0519. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33377);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-2358\", \"CVE-2008-2729\");\n script_bugtraq_id(29603, 29942);\n script_xref(name:\"RHSA\", value:\"2008:0519\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2008:0519)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix various security issues and a bug are\nnow available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* A security flaw was found in the Linux kernel memory copy routines,\nwhen running on certain AMD64 systems. If an unsuccessful attempt to\ncopy kernel memory from source to destination memory locations\noccurred, the copy routines did not zero the content at the\ndestination memory location. This could allow a local unprivileged\nuser to view potentially sensitive data. (CVE-2008-2729, Important)\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local unprivileged user to\nprepare and run a specially crafted binary, which would use this\ndeficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* Brandon Edwards discovered a missing length validation check in the\nLinux kernel DCCP module reconciliation feature. This could allow a\nlocal unprivileged user to cause a heap overflow, gaining privileges\nfor arbitrary code execution. (CVE-2008-2358, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n* Due to a regression, 'gettimeofday' may have gone backwards on\ncertain x86 hardware. This issue was quite dangerous for\ntime-sensitive systems, such as those used for transaction systems and\ndatabases, and may have caused applications to produce incorrect\nresults, or even crash.\n\nRed Hat Enterprise Linux 5 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2358\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0519\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 200);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/06/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/07/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-0598\", \"CVE-2008-2358\", \"CVE-2008-2729\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2008:0519\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0519\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-92.1.6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-92.1.6.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:45:09", "description": "Updated kernel packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated packages fix the following security issues :\n\n* A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important)\n\n* Alexey Dobriyan discovered a race condition in the Linux kernel process-tracing system call, ptrace. A local unprivileged user could use this flaw to cause a denial of service (kernel hang).\n(CVE-2008-2365, Important)\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* It was discovered that the Linux kernel handled string operations in the opposite way to the GNU Compiler Collection (GCC). This could allow a local unprivileged user to cause memory corruption.\n(CVE-2008-1367, Low)\n\nAs well, these updated packages fix the following bug :\n\n* On systems with a large number of CPUs (more than 16), multiple applications calling the 'times()' system call may have caused a system hang.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2008-07-02T00:00:00", "type": "nessus", "title": "CentOS 4 : kernel (CESA-2008:0508)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-1367", "CVE-2008-2365", "CVE-2008-2729"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-hugemem-devel", "p-cpe:/a:centos:centos:kernel-largesmp", "p-cpe:/a:centos:centos:kernel-largesmp-devel", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-smp-devel", "p-cpe:/a:centos:centos:kernel-xenu", "p-cpe:/a:centos:centos:kernel-xenu-devel", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2008-0508.NASL", "href": "https://www.tenable.com/plugins/nessus/33365", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0508 and \n# CentOS Errata and Security Advisory 2008:0508 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33365);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-1367\", \"CVE-2008-2365\", \"CVE-2008-2729\");\n script_bugtraq_id(29942);\n script_xref(name:\"RHSA\", value:\"2008:0508\");\n\n script_name(english:\"CentOS 4 : kernel (CESA-2008:0508)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues and a bug are\nnow available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* A security flaw was found in the Linux kernel memory copy routines,\nwhen running on certain AMD64 systems. If an unsuccessful attempt to\ncopy kernel memory from source to destination memory locations\noccurred, the copy routines did not zero the content at the\ndestination memory location. This could allow a local unprivileged\nuser to view potentially sensitive data. (CVE-2008-2729, Important)\n\n* Alexey Dobriyan discovered a race condition in the Linux kernel\nprocess-tracing system call, ptrace. A local unprivileged user could\nuse this flaw to cause a denial of service (kernel hang).\n(CVE-2008-2365, Important)\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local unprivileged user to\nprepare and run a specially crafted binary, which would use this\ndeficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* It was discovered that the Linux kernel handled string operations in\nthe opposite way to the GNU Compiler Collection (GCC). This could\nallow a local unprivileged user to cause memory corruption.\n(CVE-2008-1367, Low)\n\nAs well, these updated packages fix the following bug :\n\n* On systems with a large number of CPUs (more than 16), multiple\napplications calling the 'times()' system call may have caused a\nsystem hang.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/015050.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?df2b82ae\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2008-June/015051.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3d2bd96d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(200, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/03/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/07/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-devel-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-doc-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-doc-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-67.0.20.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:29", "description": "Updated kernel packages that fix a number of security issues are now available for Red Hat Enterprise Linux 2.1 running on 32-bit architectures.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated packages fix the following security issues :\n\n* a flaw was found in the IPv4 forwarding base. This could allow a local, unprivileged user to cause a denial of service. (CVE-2007-2172, Important)\n\n* a flaw was found in the handling of process death signals. This allowed a local, unprivileged user to send arbitrary signals to the suid-process executed by that user. Successful exploitation of this flaw depends on the structure of the suid-program and its signal handling. (CVE-2007-3848, Important)\n\n* when accessing kernel memory locations, certain Linux kernel drivers registering a fault handler did not perform required range checks. A local, unprivileged user could use this flaw to gain read or write access to arbitrary kernel memory, or possibly cause a denial of service. (CVE-2008-0007, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* missing capability checks were found in the SBNI WAN driver which could allow a local, unprivileged user to bypass intended capability restrictions. (CVE-2008-3525, Important)\n\n* a flaw was found in the way files were written using truncate() or ftruncate(). This could allow a local, unprivileged user to acquire the privileges of a different group and obtain access to sensitive information. (CVE-2008-4210, Important)\n\n* a race condition in the mincore system core allowed a local, unprivileged user to cause a denial of service. (CVE-2006-4814, Moderate)\n\n* a flaw was found in the aacraid SCSI driver. This allowed a local, unprivileged user to make ioctl calls to the driver which should otherwise be restricted to privileged users. (CVE-2007-4308, Moderate)\n\n* two buffer overflow flaws were found in the Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use these flaws to cause a denial of service. (CVE-2007-6063, CVE-2007-6151, Moderate)\n\n* a flaw was found in the way core dump files were created. If a local, unprivileged user could make a root-owned process dump a core file into a user-writable directory, the user could gain read access to that core file, potentially compromising sensitive information.\n(CVE-2007-6206, Moderate)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate)\n\nAll users of Red Hat Enterprise Linux 2.1 on 32-bit architectures should upgrade to these updated packages which address these vulnerabilities. For this update to take effect, the system must be rebooted.", "cvss3": {}, "published": "2009-01-09T00:00:00", "type": "nessus", "title": "RHEL 2.1 : kernel (RHSA-2009:0001)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-4814", "CVE-2007-2172", "CVE-2007-3848", "CVE-2007-4308", "CVE-2007-6063", "CVE-2007-6151", "CVE-2007-6206", "CVE-2008-0007", "CVE-2008-2136", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-boot", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-enterprise", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-source", "p-cpe:/a:redhat:enterprise_linux:kernel-summit", "cpe:/o:redhat:enterprise_linux:2.1"], "id": "REDHAT-RHSA-2009-0001.NASL", "href": "https://www.tenable.com/plugins/nessus/35323", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0001. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35323);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-4814\", \"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2008-0007\", \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_bugtraq_id(21663, 25216, 25387, 26605, 26701, 27497, 27686, 29235, 30647, 31368);\n script_xref(name:\"RHSA\", value:\"2009:0001\");\n\n script_name(english:\"RHEL 2.1 : kernel (RHSA-2009:0001)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix a number of security issues are now\navailable for Red Hat Enterprise Linux 2.1 running on 32-bit\narchitectures.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* a flaw was found in the IPv4 forwarding base. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2007-2172,\nImportant)\n\n* a flaw was found in the handling of process death signals. This\nallowed a local, unprivileged user to send arbitrary signals to the\nsuid-process executed by that user. Successful exploitation of this\nflaw depends on the structure of the suid-program and its signal\nhandling. (CVE-2007-3848, Important)\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A\nlocal, unprivileged user could use this flaw to gain read or write\naccess to arbitrary kernel memory, or possibly cause a denial of\nservice. (CVE-2008-0007, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2008-2136,\nImportant)\n\n* missing capability checks were found in the SBNI WAN driver which\ncould allow a local, unprivileged user to bypass intended capability\nrestrictions. (CVE-2008-3525, Important)\n\n* a flaw was found in the way files were written using truncate() or\nftruncate(). This could allow a local, unprivileged user to acquire\nthe privileges of a different group and obtain access to sensitive\ninformation. (CVE-2008-4210, Important)\n\n* a race condition in the mincore system core allowed a local,\nunprivileged user to cause a denial of service. (CVE-2006-4814,\nModerate)\n\n* a flaw was found in the aacraid SCSI driver. This allowed a local,\nunprivileged user to make ioctl calls to the driver which should\notherwise be restricted to privileged users. (CVE-2007-4308, Moderate)\n\n* two buffer overflow flaws were found in the Integrated Services\nDigital Network (ISDN) subsystem. A local, unprivileged user could use\nthese flaws to cause a denial of service. (CVE-2007-6063,\nCVE-2007-6151, Moderate)\n\n* a flaw was found in the way core dump files were created. If a\nlocal, unprivileged user could make a root-owned process dump a core\nfile into a user-writable directory, the user could gain read access\nto that core file, potentially compromising sensitive information.\n(CVE-2007-6206, Moderate)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\nAll users of Red Hat Enterprise Linux 2.1 on 32-bit architectures\nshould upgrade to these updated packages which address these\nvulnerabilities. For this update to take effect, the system must be\nrebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2136\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0001\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 20, 119, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-enterprise\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-summit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/12/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2006-4814\", \"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2008-0007\", \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:0001\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0001\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-debug-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-doc-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-enterprise-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-headers-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-smp-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-source-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-summit-2.4.9-e.74\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-debug / kernel-doc / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:06", "description": "These updated packages fix the following security issues :\n\n - A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data.\n (CVE-2008-2729, Important)\n\n - Alexey Dobriyan discovered a race condition in the Linux kernel process-tracing system call, ptrace. A local unprivileged user could use this flaw to cause a denial of service (kernel hang). (CVE-2008-2365, Important)\n\n - Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data.\n (CVE-2008-0598, Important)\n\n - It was discovered that the Linux kernel handled string operations in the opposite way to the GNU Compiler Collection (GCC). This could allow a local unprivileged user to cause memory corruption. (CVE-2008-1367, Low)\n\nAs well, these updated packages fix the following bug :\n\n - On systems with a large number of CPUs (more than 16), multiple applications calling the 'times()' system call may have caused a system hang.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-1367", "CVE-2008-2365", "CVE-2008-2729"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20080625_KERNEL_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60429", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60429);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-1367\", \"CVE-2008-2365\", \"CVE-2008-2729\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"These updated packages fix the following security issues :\n\n - A security flaw was found in the Linux kernel memory\n copy routines, when running on certain AMD64 systems. If\n an unsuccessful attempt to copy kernel memory from\n source to destination memory locations occurred, the\n copy routines did not zero the content at the\n destination memory location. This could allow a local\n unprivileged user to view potentially sensitive data.\n (CVE-2008-2729, Important)\n\n - Alexey Dobriyan discovered a race condition in the Linux\n kernel process-tracing system call, ptrace. A local\n unprivileged user could use this flaw to cause a denial\n of service (kernel hang). (CVE-2008-2365, Important)\n\n - Tavis Ormandy discovered a deficiency in the Linux\n kernel 32-bit and 64-bit emulation. This could allow a\n local unprivileged user to prepare and run a specially\n crafted binary, which would use this deficiency to leak\n uninitialized and potentially sensitive data.\n (CVE-2008-0598, Important)\n\n - It was discovered that the Linux kernel handled string\n operations in the opposite way to the GNU Compiler\n Collection (GCC). This could allow a local unprivileged\n user to cause memory corruption. (CVE-2008-1367, Low)\n\nAs well, these updated packages fix the following bug :\n\n - On systems with a large number of CPUs (more than 16),\n multiple applications calling the 'times()' system call\n may have caused a system hang.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0806&L=scientific-linux-errata&T=0&P=2508\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b580320a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(200, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"kernel-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-devel-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-doc-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-devel-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-2.6.9-67.0.20.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-devel-2.6.9-67.0.20.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:45:03", "description": "Updated kernel packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated packages fix the following security issues :\n\n* A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important)\n\n* Alexey Dobriyan discovered a race condition in the Linux kernel process-tracing system call, ptrace. A local unprivileged user could use this flaw to cause a denial of service (kernel hang).\n(CVE-2008-2365, Important)\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* It was discovered that the Linux kernel handled string operations in the opposite way to the GNU Compiler Collection (GCC). This could allow a local unprivileged user to cause memory corruption.\n(CVE-2008-1367, Low)\n\nAs well, these updated packages fix the following bug :\n\n* On systems with a large number of CPUs (more than 16), multiple applications calling the 'times()' system call may have caused a system hang.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2008-07-02T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2008:0508)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-1367", "CVE-2008-2365", "CVE-2008-2729"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu", "p-cpe:/a:redhat:enterprise_linux:kernel-xenu-devel", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.6"], "id": "REDHAT-RHSA-2008-0508.NASL", "href": "https://www.tenable.com/plugins/nessus/33376", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2008:0508. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(33376);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-1367\", \"CVE-2008-2365\", \"CVE-2008-2729\");\n script_bugtraq_id(29942);\n script_xref(name:\"RHSA\", value:\"2008:0508\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2008:0508)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues and a bug are\nnow available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* A security flaw was found in the Linux kernel memory copy routines,\nwhen running on certain AMD64 systems. If an unsuccessful attempt to\ncopy kernel memory from source to destination memory locations\noccurred, the copy routines did not zero the content at the\ndestination memory location. This could allow a local unprivileged\nuser to view potentially sensitive data. (CVE-2008-2729, Important)\n\n* Alexey Dobriyan discovered a race condition in the Linux kernel\nprocess-tracing system call, ptrace. A local unprivileged user could\nuse this flaw to cause a denial of service (kernel hang).\n(CVE-2008-2365, Important)\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local unprivileged user to\nprepare and run a specially crafted binary, which would use this\ndeficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* It was discovered that the Linux kernel handled string operations in\nthe opposite way to the GNU Compiler Collection (GCC). This could\nallow a local unprivileged user to cause memory corruption.\n(CVE-2008-1367, Low)\n\nAs well, these updated packages fix the following bug :\n\n* On systems with a large number of CPUs (more than 16), multiple\napplications calling the 'times()' system call may have caused a\nsystem hang.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2365\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2008:0508\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(200, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/03/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/07/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-0598\", \"CVE-2008-1367\", \"CVE-2008-2365\", \"CVE-2008-2729\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2008:0508\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2008:0508\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-67.0.20.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-67.0.20.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-67.0.20.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-67.0.20.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-67.0.20.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-67.0.20.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-67.0.20.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-67.0.20.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-67.0.20.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-67.0.20.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-67.0.20.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-67.0.20.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-67.0.20.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-67.0.20.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-67.0.20.EL\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:38:52", "description": "From Red Hat Security Advisory 2008:0508 :\n\nUpdated kernel packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated packages fix the following security issues :\n\n* A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important)\n\n* Alexey Dobriyan discovered a race condition in the Linux kernel process-tracing system call, ptrace. A local unprivileged user could use this flaw to cause a denial of service (kernel hang).\n(CVE-2008-2365, Important)\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* It was discovered that the Linux kernel handled string operations in the opposite way to the GNU Compiler Collection (GCC). This could allow a local unprivileged user to cause memory corruption.\n(CVE-2008-1367, Low)\n\nAs well, these updated packages fix the following bug :\n\n* On systems with a large number of CPUs (more than 16), multiple applications calling the 'times()' system call may have caused a system hang.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : kernel (ELSA-2008-0508)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0598", "CVE-2008-1367", "CVE-2008-2365", "CVE-2008-2729"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-hugemem-devel", "p-cpe:/a:oracle:linux:kernel-largesmp", "p-cpe:/a:oracle:linux:kernel-largesmp-devel", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-smp-devel", "p-cpe:/a:oracle:linux:kernel-xenu", "p-cpe:/a:oracle:linux:kernel-xenu-devel", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2008-0508.NASL", "href": "https://www.tenable.com/plugins/nessus/67703", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2008:0508 and \n# Oracle Linux Security Advisory ELSA-2008-0508 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67703);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-1367\", \"CVE-2008-2365\", \"CVE-2008-2729\");\n script_bugtraq_id(29942);\n script_xref(name:\"RHSA\", value:\"2008:0508\");\n\n script_name(english:\"Oracle Linux 4 : kernel (ELSA-2008-0508)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2008:0508 :\n\nUpdated kernel packages that fix several security issues and a bug are\nnow available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* A security flaw was found in the Linux kernel memory copy routines,\nwhen running on certain AMD64 systems. If an unsuccessful attempt to\ncopy kernel memory from source to destination memory locations\noccurred, the copy routines did not zero the content at the\ndestination memory location. This could allow a local unprivileged\nuser to view potentially sensitive data. (CVE-2008-2729, Important)\n\n* Alexey Dobriyan discovered a race condition in the Linux kernel\nprocess-tracing system call, ptrace. A local unprivileged user could\nuse this flaw to cause a denial of service (kernel hang).\n(CVE-2008-2365, Important)\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local unprivileged user to\nprepare and run a specially crafted binary, which would use this\ndeficiency to leak uninitialized and potentially sensitive data.\n(CVE-2008-0598, Important)\n\n* It was discovered that the Linux kernel handled string operations in\nthe opposite way to the GNU Compiler Collection (GCC). This could\nallow a local unprivileged user to cause memory corruption.\n(CVE-2008-1367, Low)\n\nAs well, these updated packages fix the following bug :\n\n* On systems with a large number of CPUs (more than 16), multiple\napplications calling the 'times()' system call may have caused a\nsystem hang.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2008-June/000657.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(200, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/03/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2008-0598\", \"CVE-2008-1367\", \"CVE-2008-2365\", \"CVE-2008-2729\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2008-0508\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-devel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-devel-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-doc-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-doc-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-67.0.20.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-67.0.20.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:51:16", "description": "This update fixes various security issues and some bugs in the SUSE Linux Enterprise 9 kernel.\n\nThe following security issues were fixed :\n\n - A crafted NFS write request might have caused a buffer overwrite, potentially causing a kernel crash.\n (CVE-2010-2521)\n\n - The x86_64 copy_to_user implementation might have leaked kernel memory depending on specific user buffer setups.\n (CVE-2008-0598)\n\n - drivers/net/r8169.c in the r8169 driver in the Linux kernel did not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389.\n (CVE-2009-4537)\n\n - Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux kernel 2.6 when IPV6_RECVPKTINFO is set on a listening socket, allowed remote attackers to cause a denial of service (kernel panic) via a SYN packet while the socket is in a listening (TCP_LISTEN) state, which is not properly handled causes the skb structure to be freed. (CVE-2010-1188)\n\n - The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel did not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allowed local users to cause a denial of service ('overflow' of the UBIFS orphan area) via a series of attempted file creations within deleted directories. (CVE-2008-3275)\n\n - The nfs_lock function in fs/nfs/file.c in the Linux kernel did not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on an NFS filesystem and then changing this files permissions, a related issue to CVE-2010-0727. (CVE-2007-6733)\n\n - The do_coredump function in fs/exec.c in Linux kernel did not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might have allowed local users to obtain sensitive information. (CVE-2007-6206)\n\n - fs/namei.c in the Linux kernel did not always follow NFS automount 'symlinks,' which allowed attackers to have an unknown impact, related to LOOKUP_FOLLOW.\n (CVE-2010-1088)\n\n - Stack-based buffer overflow in the hfs subsystem in the Linux kernel allowed remote attackers to have an unspecified impact via a crafted Hierarchical File System (HFS) filesystem, related to the hfs_readdir function in fs/hfs/dir.c. (CVE-2009-4020)\n\n - The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel did not clear the transfer buffer before returning to userspace when a USB command fails, which might have made it easier for physically proximate attackers to obtain sensitive information (kernel memory). (CVE-2010-1083)", "cvss3": {}, "published": "2010-08-27T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : Linux kernel (YOU Patch Number 12636)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6206", "CVE-2007-6733", "CVE-2008-0598", "CVE-2008-3275", "CVE-2009-1389", "CVE-2009-4020", "CVE-2009-4537", "CVE-2010-0727", "CVE-2010-1083", "CVE-2010-1088", "CVE-2010-1188", "CVE-2010-2521"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12636.NASL", "href": "https://www.tenable.com/plugins/nessus/48901", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48901);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6206\", \"CVE-2007-6733\", \"CVE-2008-0598\", \"CVE-2008-3275\", \"CVE-2009-1389\", \"CVE-2009-4020\", \"CVE-2009-4537\", \"CVE-2010-0727\", \"CVE-2010-1083\", \"CVE-2010-1088\", \"CVE-2010-1188\", \"CVE-2010-2521\");\n\n script_name(english:\"SuSE9 Security Update : Linux kernel (YOU Patch Number 12636)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes various security issues and some bugs in the SUSE\nLinux Enterprise 9 kernel.\n\nThe following security issues were fixed :\n\n - A crafted NFS write request might have caused a buffer\n overwrite, potentially causing a kernel crash.\n (CVE-2010-2521)\n\n - The x86_64 copy_to_user implementation might have leaked\n kernel memory depending on specific user buffer setups.\n (CVE-2008-0598)\n\n - drivers/net/r8169.c in the r8169 driver in the Linux\n kernel did not properly check the size of an Ethernet\n frame that exceeds the MTU, which allows remote\n attackers to (1) cause a denial of service (temporary\n network outage) via a packet with a crafted size, in\n conjunction with certain packets containing A characters\n and certain packets containing E characters; or (2)\n cause a denial of service (system crash) via a packet\n with a crafted size, in conjunction with certain packets\n containing '\\0' characters, related to the value of the\n status register and erroneous behavior associated with\n the RxMaxSize register. NOTE: this vulnerability exists\n because of an incorrect fix for CVE-2009-1389.\n (CVE-2009-4537)\n\n - Use-after-free vulnerability in net/ipv4/tcp_input.c in\n the Linux kernel 2.6 when IPV6_RECVPKTINFO is set on a\n listening socket, allowed remote attackers to cause a\n denial of service (kernel panic) via a SYN packet while\n the socket is in a listening (TCP_LISTEN) state, which\n is not properly handled causes the skb structure to be\n freed. (CVE-2010-1188)\n\n - The (1) real_lookup and (2) __lookup_hash functions in\n fs/namei.c in the vfs implementation in the Linux kernel\n did not prevent creation of a child dentry for a deleted\n (aka S_DEAD) directory, which allowed local users to\n cause a denial of service ('overflow' of the UBIFS\n orphan area) via a series of attempted file creations\n within deleted directories. (CVE-2008-3275)\n\n - The nfs_lock function in fs/nfs/file.c in the Linux\n kernel did not properly remove POSIX locks on files that\n are setgid without group-execute permission, which\n allows local users to cause a denial of service (BUG and\n system crash) by locking a file on an NFS filesystem and\n then changing this files permissions, a related issue to\n CVE-2010-0727. (CVE-2007-6733)\n\n - The do_coredump function in fs/exec.c in Linux kernel\n did not change the UID of a core dump file if it exists\n before a root process creates a core dump in the same\n location, which might have allowed local users to obtain\n sensitive information. (CVE-2007-6206)\n\n - fs/namei.c in the Linux kernel did not always follow NFS\n automount 'symlinks,' which allowed attackers to have an\n unknown impact, related to LOOKUP_FOLLOW.\n (CVE-2010-1088)\n\n - Stack-based buffer overflow in the hfs subsystem in the\n Linux kernel allowed remote attackers to have an\n unspecified impact via a crafted Hierarchical File\n System (HFS) filesystem, related to the hfs_readdir\n function in fs/hfs/dir.c. (CVE-2009-4020)\n\n - The processcompl_compat function in\n drivers/usb/core/devio.c in Linux kernel did not clear\n the transfer buffer before returning to userspace when a\n USB command fails, which might have made it easier for\n physically proximate attackers to obtain sensitive\n information (kernel memory). (CVE-2010-1083)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6206.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2007-6733/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0598.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3275.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1389.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4020.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4537.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2010-0727/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1083.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1088.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2010-1188/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2521.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12636.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 20, 119, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-bigsmp-2.6.5-7.323\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-debug-2.6.5-7.323\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-default-2.6.5-7.323\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-smp-2.6.5-7.323\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-source-2.6.5-7.323\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-syms-2.6.5-7.323\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-um-2.6.5-7.323\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-xen-2.6.5-7.323\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"kernel-xenpae-2.6.5-7.323\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"um-host-install-initrd-1.0-48.36\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"um-host-kernel-2.6.5-7.323\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"i586\", reference:\"xen-kmp-3.0.4_2.6.5_7.323-0.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:08", "description": "This kernel update for SUSE Linux Enterprise 10 Service Pack 2 fixes various bugs and some security problems :\n\n - When creating a file, open()/creat() allowed the setgid bit to be set via the mode argument even when, due to the bsdgroups mount option or the file being created in a setgid directory, the new file's group is one which the user is not a member of. The local attacker could then use ftruncate() and memory-mapped I/O to turn the new file into an arbitrary binary and thus gain the privileges of this group, since these operations do not clear the setgid bit.'. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - The S/390 ptrace code allowed local users to cause a denial of service (kernel panic) via the user-area-padding test from the ptrace testsuite in 31-bit mode, which triggers an invalid dereference.\n (CVE-2008-1514)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. (CVE-2007-6716)\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\nAlso OCFS2 was updated to version v1.4.1-1.\n\nThe full amount of changes can be reviewed in the RPM changelog.", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5668)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6716", "CVE-2008-1514", "CVE-2008-3525", "CVE-2008-3528", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5668.NASL", "href": "https://www.tenable.com/plugins/nessus/41535", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41535);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-1514\", \"CVE-2008-3525\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5668)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update for SUSE Linux Enterprise 10 Service Pack 2 fixes\nvarious bugs and some security problems :\n\n - When creating a file, open()/creat() allowed the setgid\n bit to be set via the mode argument even when, due to\n the bsdgroups mount option or the file being created in\n a setgid directory, the new file's group is one which\n the user is not a member of. The local attacker could\n then use ftruncate() and memory-mapped I/O to turn the\n new file into an arbitrary binary and thus gain the\n privileges of this group, since these operations do not\n clear the setgid bit.'. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle\n corrupted data structures. With a mounted filesystem\n image or partition that have corrupted dir->i_size and\n dir->i_blocks, a user performing either a read or write\n operation on the mounted image or partition can lead to\n a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - The S/390 ptrace code allowed local users to cause a\n denial of service (kernel panic) via the\n user-area-padding test from the ptrace testsuite in\n 31-bit mode, which triggers an invalid dereference.\n (CVE-2008-1514)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel\n did not properly zero out the dio struct, which allows\n local users to cause a denial of service (OOPS), as\n demonstrated by a certain fio test. (CVE-2007-6716)\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\nAlso OCFS2 was updated to version v1.4.1-1.\n\nThe full amount of changes can be reviewed in the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6716.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1514.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3525.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3528.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4210.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5668.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.31\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:46:22", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, privilege escalation or a leak of sensitive data. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-1514 Jan Kratochvil reported a local denial of service vulnerability in the ptrace interface for the s390 architecture. Local users can trigger an invalid pointer dereference, leading to a system panic.\n\n - CVE-2008-3525 Eugene Teo reported a lack of capability checks in the kernel driver for Granch SBNI12 leased line adapters (sbni), allowing local users to perform privileged operations.\n\n - CVE-2008-3831 Olaf Kirch discovered an issue with the i915 driver that may allow local users to cause memory corruption by use of an ioctl with insufficient privilege restrictions.\n\n - CVE-2008-4113/ CVE-2008-4445 Eugene Teo discovered two issues in the SCTP subsystem which allow local users to obtain access to sensitive memory when the SCTP-AUTH extension is enabled.", "cvss3": {}, "published": "2008-10-20T00:00:00", "type": "nessus", "title": "Debian DSA-1655-1 : linux-2.6.24 - denial of service/information leak/privilege escalation", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1514", "CVE-2008-3525", "CVE-2008-3831", "CVE-2008-4113", "CVE-2008-4445"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6.24", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1655.NASL", "href": "https://www.tenable.com/plugins/nessus/34444", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1655. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34444);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-1514\", \"CVE-2008-3525\", \"CVE-2008-3831\", \"CVE-2008-4113\", \"CVE-2008-4445\");\n script_bugtraq_id(31177);\n script_xref(name:\"DSA\", value:\"1655\");\n\n script_name(english:\"Debian DSA-1655-1 : linux-2.6.24 - denial of service/information leak/privilege escalation\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, privilege escalation or a leak of\nsensitive data. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2008-1514\n Jan Kratochvil reported a local denial of service\n vulnerability in the ptrace interface for the s390\n architecture. Local users can trigger an invalid pointer\n dereference, leading to a system panic.\n\n - CVE-2008-3525\n Eugene Teo reported a lack of capability checks in the\n kernel driver for Granch SBNI12 leased line adapters\n (sbni), allowing local users to perform privileged\n operations.\n\n - CVE-2008-3831\n Olaf Kirch discovered an issue with the i915 driver that\n may allow local users to cause memory corruption by use\n of an ioctl with insufficient privilege restrictions.\n\n - CVE-2008-4113/ CVE-2008-4445\n Eugene Teo discovered two issues in the SCTP subsystem\n which allow local users to obtain access to sensitive\n memory when the SCTP-AUTH extension is enabled.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-1514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-3831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4113\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4445\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2008/dsa-1655\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6.24 packages.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 2.6.24-6~etchnhalf.6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(200, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.24\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-alpha\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-amd64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-arm\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-hppa\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-i386\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-ia64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mipsel\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-powerpc\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-s390\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-sparc\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-common\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390-tape\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.24\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.24\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.24\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.24-etchnhalf.1\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.24\", reference:\"2.6.24-6~etchnhalf.6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:20", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nBuffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors. (CVE-2008-3496)\n\nThe sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions. (CVE-2008-3525)\n\nInteger overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option. (CVE-2008-3526)\n\nThe sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTP_AUTH_HMAC_ID_MAX, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function, a different vulnerability than CVE-2008-4113. (CVE-2008-4445)\n\nAdditionaly, fixes for sound on NEC Versa S9100 and others were added, PATA and AHCI support for Intel ICH10 was added, a fix to allow better disk transfer speeds was made for Hercules EC-900 mini-notebook, a cyrus-imapd corruption issue in x86_64 arch was solved, RealTek 8169/8168/8101 support was improved, and a few other things. Check the package changelog for details.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2008:223)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3496", "CVE-2008-3525", "CVE-2008-3526", "CVE-2008-4113", "CVE-2008-4445"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:actuator-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:actuator-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:actuator-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:actuator-kernel-server-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-server-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-server-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcdsl-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdsl-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdsl-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdsl-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdsl2-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslsl-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslslusb-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslusb-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslusb2-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcdslusba-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcusb-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcusb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcusb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcusb-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcusb-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fcusb2-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fcusb2-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcusb2-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcusb2-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fcusb2-kernel-server-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:ipw3945-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:ipw3945-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ipw3945-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ipw3945-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:ipw3945-kernel-server-latest", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fxusb-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fxusb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fxusb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fxusb-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fxusb-kernel-server-latest", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:fxusb_cz-kernel-server-latest", "p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:gspca-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:gspca-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:gspca-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:gspca-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:gspca-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:kernel-laptop-devel-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-laptop-devel-latest", "p-cpe:/a:mandriva:linux:kernel-laptop-latest", "p-cpe:/a:mandriva:linux:kernel-server-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-server-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:m560x-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:m560x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:m560x-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:m560x-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:m560x-kernel-server-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:ndiswrapper-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:qc-usb-messenger-kernel-server-latest", "p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:r5u870-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:r5u870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:r5u870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:r5u870-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:r5u870-kernel-server-latest", "p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:realcrypt-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:realcrypt-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:realcrypt-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:realcrypt-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:realcrypt-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:unicorn-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:unicorn-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:unicorn-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:unicorn-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:unicorn-kernel-server-latest", "p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:unionfs-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:unionfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:unionfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:unionfs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:unionfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.7-desktop-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.7-desktop586-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.7-laptop-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.24.7-server-2mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "cpe:/o:mandriva:linux:2008.1", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-laptop-latest", "p-cpe:/a:mandriva:linux:iwlwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.24.7-2mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-laptop-2.6.24.7-2mnb"], "id": "MANDRIVA_MDVSA-2008-223.NASL", "href": "https://www.tenable.com/plugins/nessus/37065", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:223. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37065);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-3496\", \"CVE-2008-3525\", \"CVE-2008-3526\", \"CVE-2008-4445\");\n script_xref(name:\"MDVSA\", value:\"2008:223\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2008:223)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nBuffer overflow in format descriptor parsing in the uvc_parse_format\nfunction in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the\nvideo4linux (V4L) implementation in the Linux kernel before 2.6.26.1\nhas unknown impact and attack vectors. (CVE-2008-3496)\n\nThe sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem\nin the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN\ncapability before processing a (1) SIOCDEVRESINSTATS, (2)\nSIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl\nrequest, which allows local users to bypass intended capability\nrestrictions. (CVE-2008-3525)\n\nInteger overflow in the sctp_setsockopt_auth_key function in\nnet/sctp/socket.c in the Stream Control Transmission Protocol (sctp)\nimplementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows\nremote attackers to cause a denial of service (panic) or possibly have\nunspecified other impact via a crafted sca_keylength field associated\nwith the SCTP_AUTH_KEY option. (CVE-2008-3526)\n\nThe sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream\nControl Transmission Protocol (sctp) implementation in the Linux\nkernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does\nnot verify that the identifier index is within the bounds established\nby SCTP_AUTH_HMAC_ID_MAX, which allows local users to obtain sensitive\ninformation via a crafted SCTP_HMAC_IDENT IOCTL request involving the\nsctp_getsockopt function, a different vulnerability than\nCVE-2008-4113. (CVE-2008-4445)\n\nAdditionaly, fixes for sound on NEC Versa S9100 and others were added,\nPATA and AHCI support for Intel ICH10 was added, a fix to allow better\ndisk transfer speeds was made for Hercules EC-900 mini-notebook, a\ncyrus-imapd corruption issue in x86_64 arch was solved, RealTek\n8169/8168/8101 support was improved, and a few other things. Check the\npackage changelog for details.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/35343\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://qa.mandriva.com/39048\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 200, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:actuator-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:dkms-pcc-acpi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-2.6.24.7-server-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-laptop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-desktop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-desktop586-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-laptop-2mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcdsl2-kernel-2.6.24.7-server-2mnb\");\n script_set_attrib

SuSE 10 Security Update : the Linux Kernel (x86) (ZYPP Patch Number 5566)

Description

Related